Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2022-25857 (GCVE-0-2022-25857)
Vulnerability from cvelistv5 – Published: 2022-08-30 05:05 – Updated: 2024-09-16 21:57
VLAI?
EPSS
Title
Denial of Service (DoS)
Summary
The package org.yaml:snakeyaml from 0 and before 1.31 are vulnerable to Denial of Service (DoS) due missing to nested depth limitation for collections.
Severity ?
7.5 (High)
CWE
- Denial of Service (DoS)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | org.yaml:snakeyaml |
Affected:
0 , < unspecified
(custom)
Affected: unspecified , < 1.31 (custom) |
Date Public ?
2022-08-30 00:00
Credits
unknown
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:49:44.292Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://security.snyk.io/vuln/SNYK-JAVA-ORGYAML-2806360"
},
{
"tags": [
"x_transferred"
],
"url": "https://bitbucket.org/snakeyaml/snakeyaml/commits/fc300780da21f4bb92c148bc90257201220cf174"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/snakeyaml/snakeyaml/commit/fc300780da21f4bb92c148bc90257201220cf174"
},
{
"tags": [
"x_transferred"
],
"url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525"
},
{
"name": "[debian-lts-announce] 20221002 [SECURITY] [DLA 3132-1] snakeyaml security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00001.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240315-0010/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "org.yaml:snakeyaml",
"vendor": "n/a",
"versions": [
{
"lessThan": "unspecified",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "1.31",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "unknown"
}
],
"datePublic": "2022-08-30T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The package org.yaml:snakeyaml from 0 and before 1.31 are vulnerable to Denial of Service (DoS) due missing to nested depth limitation for collections."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service (DoS)",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-15T11:06:01.014Z",
"orgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
"shortName": "snyk"
},
"references": [
{
"url": "https://security.snyk.io/vuln/SNYK-JAVA-ORGYAML-2806360"
},
{
"url": "https://bitbucket.org/snakeyaml/snakeyaml/commits/fc300780da21f4bb92c148bc90257201220cf174"
},
{
"url": "https://github.com/snakeyaml/snakeyaml/commit/fc300780da21f4bb92c148bc90257201220cf174"
},
{
"url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525"
},
{
"name": "[debian-lts-announce] 20221002 [SECURITY] [DLA 3132-1] snakeyaml security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00001.html"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240315-0010/"
}
],
"title": "Denial of Service (DoS)"
}
},
"cveMetadata": {
"assignerOrgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
"assignerShortName": "snyk",
"cveId": "CVE-2022-25857",
"datePublished": "2022-08-30T05:05:11.588Z",
"dateReserved": "2022-02-24T00:00:00.000Z",
"dateUpdated": "2024-09-16T21:57:41.551Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:snakeyaml_project:snakeyaml:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.31\", \"matchCriteriaId\": \"4911A85B-287B-4900-8ACE-5BA60949D7BE\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"The package org.yaml:snakeyaml from 0 and before 1.31 are vulnerable to Denial of Service (DoS) due missing to nested depth limitation for collections.\"}, {\"lang\": \"es\", \"value\": \"El paquete org.yaml:snakeyaml versiones desde 0 y anteriores a 1.31, son vulnerables a una Denegaci\\u00f3n de Servicio (DoS) debido a una falta de limitaci\\u00f3n de profundidad anidada para las colecciones\"}]",
"id": "CVE-2022-25857",
"lastModified": "2024-11-21T06:53:07.563",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"report@snyk.io\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}]}",
"published": "2022-08-30T05:15:07.667",
"references": "[{\"url\": \"https://bitbucket.org/snakeyaml/snakeyaml/commits/fc300780da21f4bb92c148bc90257201220cf174\", \"source\": \"report@snyk.io\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://bitbucket.org/snakeyaml/snakeyaml/issues/525\", \"source\": \"report@snyk.io\", \"tags\": [\"Exploit\", \"Issue Tracking\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/snakeyaml/snakeyaml/commit/fc300780da21f4bb92c148bc90257201220cf174\", \"source\": \"report@snyk.io\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2022/10/msg00001.html\", \"source\": \"report@snyk.io\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240315-0010/\", \"source\": \"report@snyk.io\"}, {\"url\": \"https://security.snyk.io/vuln/SNYK-JAVA-ORGYAML-2806360\", \"source\": \"report@snyk.io\", \"tags\": [\"Exploit\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://bitbucket.org/snakeyaml/snakeyaml/commits/fc300780da21f4bb92c148bc90257201220cf174\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://bitbucket.org/snakeyaml/snakeyaml/issues/525\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Issue Tracking\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/snakeyaml/snakeyaml/commit/fc300780da21f4bb92c148bc90257201220cf174\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2022/10/msg00001.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240315-0010/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://security.snyk.io/vuln/SNYK-JAVA-ORGYAML-2806360\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Patch\", \"Third Party Advisory\"]}]",
"sourceIdentifier": "report@snyk.io",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-776\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2022-25857\",\"sourceIdentifier\":\"report@snyk.io\",\"published\":\"2022-08-30T05:15:07.667\",\"lastModified\":\"2024-11-21T06:53:07.563\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The package org.yaml:snakeyaml from 0 and before 1.31 are vulnerable to Denial of Service (DoS) due missing to nested depth limitation for collections.\"},{\"lang\":\"es\",\"value\":\"El paquete org.yaml:snakeyaml versiones desde 0 y anteriores a 1.31, son vulnerables a una Denegaci\u00f3n de Servicio (DoS) debido a una falta de limitaci\u00f3n de profundidad anidada para las colecciones\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"report@snyk.io\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-776\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:snakeyaml_project:snakeyaml:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.31\",\"matchCriteriaId\":\"4911A85B-287B-4900-8ACE-5BA60949D7BE\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"}]}]}],\"references\":[{\"url\":\"https://bitbucket.org/snakeyaml/snakeyaml/commits/fc300780da21f4bb92c148bc90257201220cf174\",\"source\":\"report@snyk.io\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://bitbucket.org/snakeyaml/snakeyaml/issues/525\",\"source\":\"report@snyk.io\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/snakeyaml/snakeyaml/commit/fc300780da21f4bb92c148bc90257201220cf174\",\"source\":\"report@snyk.io\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2022/10/msg00001.html\",\"source\":\"report@snyk.io\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20240315-0010/\",\"source\":\"report@snyk.io\"},{\"url\":\"https://security.snyk.io/vuln/SNYK-JAVA-ORGYAML-2806360\",\"source\":\"report@snyk.io\",\"tags\":[\"Exploit\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://bitbucket.org/snakeyaml/snakeyaml/commits/fc300780da21f4bb92c148bc90257201220cf174\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://bitbucket.org/snakeyaml/snakeyaml/issues/525\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/snakeyaml/snakeyaml/commit/fc300780da21f4bb92c148bc90257201220cf174\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2022/10/msg00001.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20240315-0010/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.snyk.io/vuln/SNYK-JAVA-ORGYAML-2806360\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Patch\",\"Third Party Advisory\"]}]}}"
}
}
RHSA-2024:0777
Vulnerability from csaf_redhat - Published: 2024-02-12 10:27 - Updated: 2026-04-01 18:50Summary
Red Hat Security Advisory: jenkins and jenkins-2-plugins security update
Severity
Important
Notes
Topic: An update for jenkins and jenkins-2-plugins is now available for OpenShift Developer Tools and Services for OCP 4.14.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron.
Security Fix(es):
* golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) (CVE-2023-39325)
* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)
* apache-commons-text: variable interpolation RCE (CVE-2022-42889)
* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)
* maven-shared-utils: Command injection via Commandline class (CVE-2022-29599)
* jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin (CVE-2023-24422)
* Jenkins: Session fixation vulnerability in OpenShift Login Plugin (CVE-2023-37946)
* jenkins-plugins: cloudbees-folder: CSRF vulnerability in Folders Plugin may approve unsandboxed scripts (CVE-2023-40336)
* guava: insecure temporary directory creation (CVE-2023-2976)
* jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin (CVE-2023-25761)
* jenkins-2-plugins/pipeline-build-step: Stored XSS vulnerability in Pipeline: Build Step Plugin (CVE-2023-25762)
* jackson-databind: denial of service via cylic dependencies (CVE-2023-35116)
* Jenkins: Open redirect vulnerability in OpenShift Login Plugin (CVE-2023-37947)
* jenkins-plugins: cloudbees-folder: CSRF vulnerability in Folders Plugin (CVE-2023-40337)
* jenkins-plugins: cloudbees-folder: Information disclosure in Folders Plugin (CVE-2023-40338)
* jenkins-plugins: config-file-provider: Improper masking of credentials in Config File Provider Plugin (CVE-2023-40339)
* jenkins-plugins: blueocean: CSRF vulnerability in Blue Ocean Plugin allows capturing credentials (CVE-2023-40341)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.
7.5 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0777
A flaw was found in the maven-shared-utils package. This issue allows a Command Injection due to improper escaping, allowing a shell injection attack.
9.8 (Critical)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0777
A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code execution (RCE) and unintentional contact with untrusted remote servers.
9.8 (Critical)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0777
Workaround
This flaw may be avoided by ensuring that any external inputs used with the Commons-Text lookup methods are sanitized properly. Untrusted input should always be thoroughly sanitized before using in any potentially risky situations.
A flaw was found in Guava. The methodology for temporary directories and files can allow other local users or apps with accordant permissions to access the temp files, possibly leading to information exposure or tampering in the files created in the directory.
4.4 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0777
Workaround
Temp files should be created with sufficiently non-predictable names and in a secure-permissioned, dedicated temp folder.
A flaw was found in the script-security Jenkins Plugin. In affected versions of the script-security plugin, property assignments performed implicitly by the Groovy language runtime when invoking map constructors were not intercepted by the sandbox. This vulnerability allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM.
8.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0777
A flaw was found in the Jenkins JUnit plugin. The affected versions of the JUnit Plugin do not escape test case class names in JavaScript expressions, resulting in a stored cross-site scripting (XSS) vulnerability. This may allow an attacker to control test case class names in the JUnit resources processed by the plugin.
5.4 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0777
A flaw was found in the Jenkins pipeline-build-step plugin. Affected versions of the pipeline-build-step plugin do not escape job names in a JavaScript expression used in the Pipeline Snippet Generator. This can result in a stored cross-site scripting (XSS) vulnerability that may allow attackers to control job names.
5.4 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0777
jackson-databind through 2.15.2 allows attackers to cause a denial of service or other unspecified impact via a crafted object that uses cyclic dependencies. NOTE: the vendor's perspective is that this is not a valid vulnerability report, because the steps of constructing a cyclic data structure and trying to serialize it cannot be achieved by an external attacker.
4.7 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0777
Workaround
jackson-databind should not be used to deserialize untrusted inputs. User inputs should be validated and sanitized before processing.
A flaw was found in the Jenkins OpenShift Login Plugin. Affected versions of this plugin could allow a remote attacker to bypass security restrictions caused by not invalidating the existing session on login. By persuading a victim to visit a specially crafted Web site, an attacker can gain administrator access to Jenkins.
8.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0777
A flaw was found in the Jenkins OpenShift Login Plugin. Affected versions of this plugin could allow a remote attacker to conduct phishing attacks caused by an open redirect vulnerability. An attacker can use a specially crafted URL to redirect a victim to arbitrary web sites.
4.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0777
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.
7.5 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0777
Workaround
The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.
A flaw was found in the Jenkins Folders Plugin. Affected versions of this plugin allow attackers to copy folders.
8.0 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0777
A flaw was found in the Jenkins Folders plugin. Affected versions of this plugin allow attackers to copy a view inside a folder.
4.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0777
A flaw was found in the Jenkins Folders plugin. Affected versions of this plugin display an error message that includes an absolute path of a log file when attempting to access the Scan Organization Folder Log if no logs are available. This flaw exposes information about the Jenkins controller file system.
4.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0777
A flaw was found in the Config File Provider Jenkins Plugin. Affected versions of this plugin do not mask (replace with asterisks) credentials specified in configuration files when they're written to the build log.
7.5 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0777
A flaw was found in the blueocean Jenkins plugin. Affected versions of this plugin allow attackers to connect to an attacker-specified URL, capturing GitHub credentials associated with an attacker-specified job.
5.4 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0777
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages. Security Bulletin https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
7.5 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0777
Workaround
Users are strongly urged to update their software as soon as fixes are available.
There are several mitigation approaches for this flaw.
1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.
2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.
3. Several package specific mitigations are also available.
a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/
b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p
c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487
d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg
e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.
References
| URL | Category | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for jenkins and jenkins-2-plugins is now available for OpenShift Developer Tools and Services for OCP 4.14.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron.\n\nSecurity Fix(es):\n\n* golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) (CVE-2023-39325)\n\n* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)\n\n* apache-commons-text: variable interpolation RCE (CVE-2022-42889)\n\n* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)\n\n* maven-shared-utils: Command injection via Commandline class (CVE-2022-29599)\n\n* jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin (CVE-2023-24422)\n\n* Jenkins: Session fixation vulnerability in OpenShift Login Plugin (CVE-2023-37946)\n\n* jenkins-plugins: cloudbees-folder: CSRF vulnerability in Folders Plugin may approve unsandboxed scripts (CVE-2023-40336)\n\n* guava: insecure temporary directory creation (CVE-2023-2976)\n\n* jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin (CVE-2023-25761)\n\n* jenkins-2-plugins/pipeline-build-step: Stored XSS vulnerability in Pipeline: Build Step Plugin (CVE-2023-25762)\n\n* jackson-databind: denial of service via cylic dependencies (CVE-2023-35116)\n\n* Jenkins: Open redirect vulnerability in OpenShift Login Plugin (CVE-2023-37947)\n\n* jenkins-plugins: cloudbees-folder: CSRF vulnerability in Folders Plugin (CVE-2023-40337)\n\n* jenkins-plugins: cloudbees-folder: Information disclosure in Folders Plugin (CVE-2023-40338)\n\n* jenkins-plugins: config-file-provider: Improper masking of credentials in Config File Provider Plugin (CVE-2023-40339)\n\n* jenkins-plugins: blueocean: CSRF vulnerability in Blue Ocean Plugin allows capturing credentials (CVE-2023-40341)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:0777",
"url": "https://access.redhat.com/errata/RHSA-2024:0777"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "2066479",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066479"
},
{
"category": "external",
"summary": "2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "2135435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135435"
},
{
"category": "external",
"summary": "2164278",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164278"
},
{
"category": "external",
"summary": "2170039",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170039"
},
{
"category": "external",
"summary": "2170041",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170041"
},
{
"category": "external",
"summary": "2215214",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215214"
},
{
"category": "external",
"summary": "2215229",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215229"
},
{
"category": "external",
"summary": "2222709",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222709"
},
{
"category": "external",
"summary": "2222710",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222710"
},
{
"category": "external",
"summary": "2232422",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2232422"
},
{
"category": "external",
"summary": "2232423",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2232423"
},
{
"category": "external",
"summary": "2232424",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2232424"
},
{
"category": "external",
"summary": "2232425",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2232425"
},
{
"category": "external",
"summary": "2232426",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2232426"
},
{
"category": "external",
"summary": "2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "external",
"summary": "JKNS-271",
"url": "https://issues.redhat.com/browse/JKNS-271"
},
{
"category": "external",
"summary": "JKNS-289",
"url": "https://issues.redhat.com/browse/JKNS-289"
},
{
"category": "external",
"summary": "JKNS-337",
"url": "https://issues.redhat.com/browse/JKNS-337"
},
{
"category": "external",
"summary": "JKNS-344",
"url": "https://issues.redhat.com/browse/JKNS-344"
},
{
"category": "external",
"summary": "JKNS-345",
"url": "https://issues.redhat.com/browse/JKNS-345"
},
{
"category": "external",
"summary": "OCPBUGS-11158",
"url": "https://issues.redhat.com/browse/OCPBUGS-11158"
},
{
"category": "external",
"summary": "OCPBUGS-11253",
"url": "https://issues.redhat.com/browse/OCPBUGS-11253"
},
{
"category": "external",
"summary": "OCPBUGS-11254",
"url": "https://issues.redhat.com/browse/OCPBUGS-11254"
},
{
"category": "external",
"summary": "OCPBUGS-11446",
"url": "https://issues.redhat.com/browse/OCPBUGS-11446"
},
{
"category": "external",
"summary": "OCPBUGS-1357",
"url": "https://issues.redhat.com/browse/OCPBUGS-1357"
},
{
"category": "external",
"summary": "OCPBUGS-13869",
"url": "https://issues.redhat.com/browse/OCPBUGS-13869"
},
{
"category": "external",
"summary": "OCPBUGS-14111",
"url": "https://issues.redhat.com/browse/OCPBUGS-14111"
},
{
"category": "external",
"summary": "OCPBUGS-14609",
"url": "https://issues.redhat.com/browse/OCPBUGS-14609"
},
{
"category": "external",
"summary": "OCPBUGS-15646",
"url": "https://issues.redhat.com/browse/OCPBUGS-15646"
},
{
"category": "external",
"summary": "OCPBUGS-15902",
"url": "https://issues.redhat.com/browse/OCPBUGS-15902"
},
{
"category": "external",
"summary": "OCPBUGS-1709",
"url": "https://issues.redhat.com/browse/OCPBUGS-1709"
},
{
"category": "external",
"summary": "OCPBUGS-1942",
"url": "https://issues.redhat.com/browse/OCPBUGS-1942"
},
{
"category": "external",
"summary": "OCPBUGS-2099",
"url": "https://issues.redhat.com/browse/OCPBUGS-2099"
},
{
"category": "external",
"summary": "OCPBUGS-2184",
"url": "https://issues.redhat.com/browse/OCPBUGS-2184"
},
{
"category": "external",
"summary": "OCPBUGS-2318",
"url": "https://issues.redhat.com/browse/OCPBUGS-2318"
},
{
"category": "external",
"summary": "OCPBUGS-23438",
"url": "https://issues.redhat.com/browse/OCPBUGS-23438"
},
{
"category": "external",
"summary": "OCPBUGS-27388",
"url": "https://issues.redhat.com/browse/OCPBUGS-27388"
},
{
"category": "external",
"summary": "OCPBUGS-655",
"url": "https://issues.redhat.com/browse/OCPBUGS-655"
},
{
"category": "external",
"summary": "OCPBUGS-6579",
"url": "https://issues.redhat.com/browse/OCPBUGS-6579"
},
{
"category": "external",
"summary": "OCPBUGS-6870",
"url": "https://issues.redhat.com/browse/OCPBUGS-6870"
},
{
"category": "external",
"summary": "OCPBUGS-710",
"url": "https://issues.redhat.com/browse/OCPBUGS-710"
},
{
"category": "external",
"summary": "OCPBUGS-8377",
"url": "https://issues.redhat.com/browse/OCPBUGS-8377"
},
{
"category": "external",
"summary": "OCPBUGS-8442",
"url": "https://issues.redhat.com/browse/OCPBUGS-8442"
},
{
"category": "external",
"summary": "OCPTOOLS-244",
"url": "https://issues.redhat.com/browse/OCPTOOLS-244"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_0777.json"
}
],
"title": "Red Hat Security Advisory: jenkins and jenkins-2-plugins security update",
"tracking": {
"current_release_date": "2026-04-01T18:50:03+00:00",
"generator": {
"date": "2026-04-01T18:50:03+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.4"
}
},
"id": "RHSA-2024:0777",
"initial_release_date": "2024-02-12T10:27:23+00:00",
"revision_history": [
{
"date": "2024-02-12T10:27:23+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-02-12T10:27:23+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-01T18:50:03+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenShift Developer Tools and Services for OCP 4.14",
"product": {
"name": "OpenShift Developer Tools and Services for OCP 4.14",
"product_id": "8Base-OCP-Tools-4.14",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ocp_tools:4.14::el8"
}
}
}
],
"category": "product_family",
"name": "OpenShift Jenkins"
},
{
"branches": [
{
"category": "product_version",
"name": "jenkins-2-plugins-0:4.14.1706516441-1.el8.src",
"product": {
"name": "jenkins-2-plugins-0:4.14.1706516441-1.el8.src",
"product_id": "jenkins-2-plugins-0:4.14.1706516441-1.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins-2-plugins@4.14.1706516441-1.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "jenkins-0:2.426.3.1706516352-3.el8.src",
"product": {
"name": "jenkins-0:2.426.3.1706516352-3.el8.src",
"product_id": "jenkins-0:2.426.3.1706516352-3.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins@2.426.3.1706516352-3.el8?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"product": {
"name": "jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"product_id": "jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins-2-plugins@4.14.1706516441-1.el8?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jenkins-0:2.426.3.1706516352-3.el8.noarch",
"product": {
"name": "jenkins-0:2.426.3.1706516352-3.el8.noarch",
"product_id": "jenkins-0:2.426.3.1706516352-3.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins@2.426.3.1706516352-3.el8?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-0:2.426.3.1706516352-3.el8.noarch as a component of OpenShift Developer Tools and Services for OCP 4.14",
"product_id": "8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch"
},
"product_reference": "jenkins-0:2.426.3.1706516352-3.el8.noarch",
"relates_to_product_reference": "8Base-OCP-Tools-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-0:2.426.3.1706516352-3.el8.src as a component of OpenShift Developer Tools and Services for OCP 4.14",
"product_id": "8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src"
},
"product_reference": "jenkins-0:2.426.3.1706516352-3.el8.src",
"relates_to_product_reference": "8Base-OCP-Tools-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch as a component of OpenShift Developer Tools and Services for OCP 4.14",
"product_id": "8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch"
},
"product_reference": "jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"relates_to_product_reference": "8Base-OCP-Tools-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-2-plugins-0:4.14.1706516441-1.el8.src as a component of OpenShift Developer Tools and Services for OCP 4.14",
"product_id": "8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
},
"product_reference": "jenkins-2-plugins-0:4.14.1706516441-1.el8.src",
"relates_to_product_reference": "8Base-OCP-Tools-4.14"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-25857",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-09-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2126789"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Denial of Service due to missing nested depth limitation for collections",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For RHEL-8 it\u0027s downgraded to moderate because \"snakeyaml\" itself in RHEL 8 or RHEL-9 isn\u0027t shipped and \"prometheus-jmx-exporter\" is needed as build dependency. And it\u0027s not directly exploitable, hence severity marked as moderate.\nRed Hat Integration and AMQ products are not vulnerable to this flaw, so their severity has been lowered to moderate.\nRed Hat Single Sign-On uses snakeyaml from liquibase-core and is only used when performing migrations and would require administrator privileges to execute, hence severity marked as Low.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be present soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25857"
},
{
"category": "external",
"summary": "RHBZ#2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25857",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25857"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857"
},
{
"category": "external",
"summary": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525",
"url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525"
}
],
"release_date": "2022-08-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:27:23+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "snakeyaml: Denial of Service due to missing nested depth limitation for collections"
},
{
"cve": "CVE-2022-29599",
"cwe": {
"id": "CWE-77",
"name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
},
"discovery_date": "2022-03-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2066479"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the maven-shared-utils package. This issue allows a Command Injection due to improper escaping, allowing a shell injection attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "maven-shared-utils: Command injection via Commandline class",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite ships Candlepin component, which uses the Tomcatjss module from the RHEL AppStream repository. In turn, Tomcatjss relies on Maven, which itself depends on affected Apache Maven Shared Utils. Due to the fact that Satellite does not directly use Apache Maven Shared Utils, or expose it in its code, it is considered not affected by the flaw. Satellite customers can resolve the security warning by updating to the fixed Apache Maven Shared Utils through the updated Maven module, which is available in the RHEL 8 AppStream repository. It\u0027s worth noting that this solution applies solely to RHEL 8, which supports modules exclusively, and it is not applicable to earlier versions including RHEL 7.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-29599"
},
{
"category": "external",
"summary": "RHBZ#2066479",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066479"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-29599",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29599"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-29599",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-29599"
}
],
"release_date": "2020-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:27:23+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "maven-shared-utils: Command injection via Commandline class"
},
{
"cve": "CVE-2022-42889",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2022-10-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135435"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code execution (RCE) and unintentional contact with untrusted remote servers.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-commons-text: variable interpolation RCE",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In order to carry successful exploitation of this vulnerability, the following conditions must be in place on the affected target:\n - Usage of specific methods that interpolate the variables as described in the flaw\n - Usage of external input for those methods\n - Usage of that external input has to be unsanitized/no \"allow list\"/etc.\n\nThe following products have *Low* impact because they have maven references to the affected package but do not ship it nor use the code:\n- Red Hat EAP Expansion Pack (EAP-XP)\n- Red Hat Camel-K\n- Red Hat Camel-Quarkus\n\nRed Hat Satellite ships Candlepin that embeds Apache Commons Text, however, it is not vulnerable to the flaw since the library has not been exposed in the product code. In Candlepin, the Commons Text is being pulled for the Liquibase and ActiveMQ Artemis libraries as a dependency. Red Hat Product Security has evaluated and rated the impact of the flaw as Low for Satellite since there was no harm identified to the confidentiality, integrity, or availability of systems.\n\n- The OCP has a *Moderate* impact because the affected library is a third-party library in the OCP jenkins-2-plugin component which reduces the possibilities of successful exploitation.\n- The OCP-4.8 is affected by this CVE and is in an extended life phase. For versions of products in the Extended Life Phase, Red Hat will provide limited ongoing technical support. No bug fixes, security fixes, hardware enablement or root-cause analysis will be available during this phase, and support will be provided on existing installations only.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42889"
},
{
"category": "external",
"summary": "RHBZ#2135435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135435"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42889",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42889"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42889",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42889"
},
{
"category": "external",
"summary": "https://blogs.apache.org/security/entry/cve-2022-42889",
"url": "https://blogs.apache.org/security/entry/cve-2022-42889"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om",
"url": "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om"
},
{
"category": "external",
"summary": "https://seclists.org/oss-sec/2022/q4/22",
"url": "https://seclists.org/oss-sec/2022/q4/22"
}
],
"release_date": "2022-10-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:27:23+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0777"
},
{
"category": "workaround",
"details": "This flaw may be avoided by ensuring that any external inputs used with the Commons-Text lookup methods are sanitized properly. Untrusted input should always be thoroughly sanitized before using in any potentially risky situations.",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache-commons-text: variable interpolation RCE"
},
{
"cve": "CVE-2023-2976",
"cwe": {
"id": "CWE-552",
"name": "Files or Directories Accessible to External Parties"
},
"discovery_date": "2023-06-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2215229"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Guava. The methodology for temporary directories and files can allow other local users or apps with accordant permissions to access the temp files, possibly leading to information exposure or tampering in the files created in the directory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "guava: insecure temporary directory creation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Single Sign-On 7 ships the affected component as a layered product of Red Hat JBoss Enterprise Application 7, and as such is affected by this flaw. However, Single Sign-On 7 does not use the affected code and is not vulnerable to exploit.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-2976"
},
{
"category": "external",
"summary": "RHBZ#2215229",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215229"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-2976",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2976"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-2976",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-2976"
}
],
"release_date": "2023-06-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:27:23+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0777"
},
{
"category": "workaround",
"details": "Temp files should be created with sufficiently non-predictable names and in a secure-permissioned, dedicated temp folder.",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "guava: insecure temporary directory creation"
},
{
"cve": "CVE-2023-24422",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2023-01-25T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2164278"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the script-security Jenkins Plugin. In affected versions of the script-security plugin, property assignments performed implicitly by the Groovy language runtime when invoking map constructors were not intercepted by the sandbox. This vulnerability allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift 3.11 is already in the ELS support model phase. The Jenkins components are out of scope of the ELS support; hence OpenShift 3.11 Jenkins component is marked in this CVE as out of support scope.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-24422"
},
{
"category": "external",
"summary": "RHBZ#2164278",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164278"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-24422",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24422"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-24422",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24422"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-01-24/#SECURITY-3016",
"url": "https://www.jenkins.io/security/advisory/2023-01-24/#SECURITY-3016"
}
],
"release_date": "2023-01-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:27:23+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin"
},
{
"cve": "CVE-2023-25761",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2023-02-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2170039"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Jenkins JUnit plugin. The affected versions of the JUnit Plugin do not escape test case class names in JavaScript expressions, resulting in a stored cross-site scripting (XSS) vulnerability. This may allow an attacker to control test case class names in the JUnit resources processed by the plugin.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift 3.11 is already in the ELS support model phase. The Jenkins components are out of scope of the ELS support, therefore, the OpenShift 3.11 Jenkins component is marked as out of support scope in this CVE.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-25761"
},
{
"category": "external",
"summary": "RHBZ#2170039",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170039"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-25761",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25761"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-25761",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25761"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-3032",
"url": "https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-3032"
}
],
"release_date": "2023-02-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:27:23+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin"
},
{
"cve": "CVE-2023-25762",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2023-02-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2170041"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Jenkins pipeline-build-step plugin. Affected versions of the pipeline-build-step plugin do not escape job names in a JavaScript expression used in the Pipeline Snippet Generator. This can result in a stored cross-site scripting (XSS) vulnerability that may allow attackers to control job names.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-2-plugins/pipeline-build-step: Stored XSS vulnerability in Pipeline: Build Step Plugin",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift 3.11 is already in the ELS support model phase. The Jenkins components are out of scope of the ELS support, therefore, the OpenShift 3.11 Jenkins component is marked as out of support scope in this CVE.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-25762"
},
{
"category": "external",
"summary": "RHBZ#2170041",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170041"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-25762",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25762"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-25762",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25762"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-3019",
"url": "https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-3019"
}
],
"release_date": "2023-02-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:27:23+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins-2-plugins/pipeline-build-step: Stored XSS vulnerability in Pipeline: Build Step Plugin"
},
{
"cve": "CVE-2023-35116",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2023-06-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2215214"
}
],
"notes": [
{
"category": "description",
"text": "jackson-databind through 2.15.2 allows attackers to cause a denial of service or other unspecified impact via a crafted object that uses cyclic dependencies. NOTE: the vendor\u0027s perspective is that this is not a valid vulnerability report, because the steps of constructing a cyclic data structure and trying to serialize it cannot be achieved by an external attacker.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: denial of service via cylic dependencies",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE is disputed by the component developers and is under reconsideration by NIST. As such, it should be excluded from scanning utilities or other compliance systems until the dispute is finalized.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-35116"
},
{
"category": "external",
"summary": "RHBZ#2215214",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215214"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-35116",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35116"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-35116",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-35116"
}
],
"release_date": "2023-06-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:27:23+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0777"
},
{
"category": "workaround",
"details": "jackson-databind should not be used to deserialize untrusted inputs. User inputs should be validated and sanitized before processing.",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: denial of service via cylic dependencies"
},
{
"cve": "CVE-2023-37946",
"cwe": {
"id": "CWE-384",
"name": "Session Fixation"
},
"discovery_date": "2023-07-12T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2222709"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Jenkins OpenShift Login Plugin. Affected versions of this plugin could allow a remote attacker to bypass security restrictions caused by not invalidating the existing session on login. By persuading a victim to visit a specially crafted Web site, an attacker can gain administrator access to Jenkins.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Jenkins: Session fixation vulnerability in OpenShift Login Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-37946"
},
{
"category": "external",
"summary": "RHBZ#2222709",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222709"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-37946",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-37946"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-37946",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-37946"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-07-12/#SECURITY-2998",
"url": "https://www.jenkins.io/security/advisory/2023-07-12/#SECURITY-2998"
}
],
"release_date": "2023-07-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:27:23+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Jenkins: Session fixation vulnerability in OpenShift Login Plugin"
},
{
"cve": "CVE-2023-37947",
"cwe": {
"id": "CWE-601",
"name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
},
"discovery_date": "2023-07-12T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2222710"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Jenkins OpenShift Login Plugin. Affected versions of this plugin could allow a remote attacker to conduct phishing attacks caused by an open redirect vulnerability. An attacker can use a specially crafted URL to redirect a victim to arbitrary web sites.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Jenkins: Open redirect vulnerability in OpenShift Login Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-37947"
},
{
"category": "external",
"summary": "RHBZ#2222710",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222710"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-37947",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-37947"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-37947",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-37947"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-07-12/#SECURITY-2999",
"url": "https://www.jenkins.io/security/advisory/2023-07-12/#SECURITY-2999"
}
],
"release_date": "2023-07-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:27:23+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Jenkins: Open redirect vulnerability in OpenShift Login Plugin"
},
{
"cve": "CVE-2023-39325",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-10T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2243296"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE is related to CVE-2023-44487.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nAs go-lang vendors its dependencies, a package may contain a library with a known vulnerability, solely because of lower tier libraries including it as a part of its dependencies, but the vulnerable code is not reachable at runtime. In such cases the issue is not exploitable. We classify these situations as \u201cNot affected\u201d or \u201cWill not fix,\u201d depending on the risk of breaking other unrelated packages.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39325"
},
{
"category": "external",
"summary": "RHBZ#2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-44487",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://go.dev/issue/63417",
"url": "https://go.dev/issue/63417"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:27:23+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0777"
},
{
"category": "workaround",
"details": "The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)"
},
{
"cve": "CVE-2023-40336",
"cwe": {
"id": "CWE-352",
"name": "Cross-Site Request Forgery (CSRF)"
},
"discovery_date": "2023-08-16T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2232424"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Jenkins Folders Plugin. Affected versions of this plugin allow attackers to copy folders.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugins: cloudbees-folder: CSRF vulnerability in Folders Plugin may approve unsandboxed scripts",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-40336"
},
{
"category": "external",
"summary": "RHBZ#2232424",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2232424"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-40336",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40336"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-40336",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-40336"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3106",
"url": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3106"
}
],
"release_date": "2023-08-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:27:23+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jenkins-plugins: cloudbees-folder: CSRF vulnerability in Folders Plugin may approve unsandboxed scripts"
},
{
"cve": "CVE-2023-40337",
"cwe": {
"id": "CWE-352",
"name": "Cross-Site Request Forgery (CSRF)"
},
"discovery_date": "2023-08-16T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2232425"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Jenkins Folders plugin. Affected versions of this plugin allow attackers to copy a view inside a folder.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugins: cloudbees-folder: CSRF vulnerability in Folders Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-40337"
},
{
"category": "external",
"summary": "RHBZ#2232425",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2232425"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-40337",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40337"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-40337",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-40337"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3105",
"url": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3105"
}
],
"release_date": "2023-08-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:27:23+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins-plugins: cloudbees-folder: CSRF vulnerability in Folders Plugin"
},
{
"cve": "CVE-2023-40338",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2023-08-16T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2232426"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Jenkins Folders plugin. Affected versions of this plugin display an error message that includes an absolute path of a log file when attempting to access the Scan Organization Folder Log if no logs are available. This flaw exposes information about the Jenkins controller file system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugins: cloudbees-folder: Information disclosure in Folders Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-40338"
},
{
"category": "external",
"summary": "RHBZ#2232426",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2232426"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-40338",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40338"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-40338",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-40338"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3109",
"url": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3109"
}
],
"release_date": "2023-08-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:27:23+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins-plugins: cloudbees-folder: Information disclosure in Folders Plugin"
},
{
"cve": "CVE-2023-40339",
"discovery_date": "2023-08-16T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2232423"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Config File Provider Jenkins Plugin. Affected versions of this plugin do not mask (replace with asterisks) credentials specified in configuration files when they\u0027re written to the build log.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugins: config-file-provider: Improper masking of credentials in Config File Provider Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-40339"
},
{
"category": "external",
"summary": "RHBZ#2232423",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2232423"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-40339",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40339"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-40339",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-40339"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3090",
"url": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3090"
}
],
"release_date": "2023-08-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:27:23+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins-plugins: config-file-provider: Improper masking of credentials in Config File Provider Plugin"
},
{
"cve": "CVE-2023-40341",
"cwe": {
"id": "CWE-352",
"name": "Cross-Site Request Forgery (CSRF)"
},
"discovery_date": "2023-08-16T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2232422"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the blueocean Jenkins plugin. Affected versions of this plugin allow attackers to connect to an attacker-specified URL, capturing GitHub credentials associated with an attacker-specified job.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugins: blueocean: CSRF vulnerability in Blue Ocean Plugin allows capturing credentials",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-40341"
},
{
"category": "external",
"summary": "RHBZ#2232422",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2232422"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-40341",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40341"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-40341",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-40341"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3116",
"url": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3116"
}
],
"release_date": "2023-08-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:27:23+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins-plugins: blueocean: CSRF vulnerability in Blue Ocean Plugin allows capturing credentials"
},
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242803"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages.\r\n\r\nSecurity Bulletin\r\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "NGINX has been marked as Moderate Impact because, for performance and resource consumption reasons, NGINX limits the number of concurrent streams to a default of 128. In addition, to optimally balance network and server performance, NGINX allows the client to persist HTTP connections for up to 1000 requests by default using an HTTP keepalive.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nrhc component is no longer impacted by CVE-2023-44487 \u0026 CVE-2023-39325.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "RHBZ#2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://github.com/dotnet/announcements/issues/277",
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/",
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:27:23+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0777"
},
{
"category": "workaround",
"details": "Users are strongly urged to update their software as soon as fixes are available. \nThere are several mitigation approaches for this flaw. \n\n1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.\n2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.\n3. Several package specific mitigations are also available. \n a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\n b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p\n c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\n d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg\n e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-10-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)"
}
]
}
RHSA-2023_3641
Vulnerability from csaf_redhat - Published: 2023-06-15 15:23 - Updated: 2024-12-16 16:23Summary
Red Hat Security Advisory: Red Hat Integration Camel for Spring Boot 3.18.3 Patch 2 release
Severity
Important
Notes
Topic: Camel for Spring Boot 3.18.3 Patch 2 release and security update is now available.
Red Hat Product Security has rated this update as having an impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: This release of Camel for Spring Boot 3.18.3.P2 serves as a replacement for Camel for Spring Boot 3.18.3.P1 and includes bug fixes and enhancements, which are documented in the Release Notes linked in the References. The purpose of this text-only errata is to inform you about the security issues fixed.
* spring-boot: Spring Boot Welcome Page DoS Vulnerability (CVE-2023-20883)
* woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks (CVE-2022-40152)
* xstream: Xstream to serialise XML data was vulnerable to Denial of Service attacks (CVE-2022-40156)
* dev-java-snakeyaml: dev-java/snakeyaml: DoS via stack overflow (CVE-2022-41854)
* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)
* sshd-common: mina-sshd: Java unsafe deserialization vulnerability (CVE-2022-45047)
* jettison: Uncontrolled Recursion in JSONArray (CVE-2023-1436)
* json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion) (CVE-2023-1370)
* jackson-databind: use of deeply nested arrays (CVE-2022-42004)
* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)
* snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode (CVE-2022-38749)
* snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject (CVE-2022-38750)
* snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern.match (CVE-2022-38751)
* snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode (CVE-2022-38752)
* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)
* CXF: Apache CXF: directory listing / code exfiltration (CVE-2022-46363)
* CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:3641
A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash, resulting in a denial of service.
6.5 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:3641
A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.
5.5 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:3641
A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.
6.5 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:3641
A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.
6.5 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:3641
A flaw was found in the FasterXML/woodstox package. This flaw allows an attacker to cause a denial of service (DoS) in its target via XML serialization. An attacker may benefit from the parser sending a malicious input that may cause a crash. This vulnerability is only relevant for users using the DTD parsing functionality.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:3641
A flaw was found in the XStream package. This flaw allows an attacker to cause a denial of service (DoS) in its target via XML serialization.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:3641
Those using Snakeyaml to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack overflow. This effect may support a denial of service attack.
6.5 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:3641
A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:3641
A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:3641
A flaw was found in Apache MINA SSHD, when using Java deserialization to load a serialized java.security.PrivateKey. An attacker could benefit from unsafe deserialization by inserting unsecured data that may affect the application or server.
9.8 (Critical)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:3641
Workaround
From the maintainer:
For Apache MINA SSHD <= 2.9.1, do not use org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to generate and later load your server's host key. Use separately generated host key files, for instance in OpenSSH format, and load them via a org.apache.sshd.common.keyprovider.FileKeyPairProvider instead. Or use a custom implementation instead of
SimpleGeneratorHostKeyProvider that uses the OpenSSH format for storing and loading the host key (via classes OpenSSHKeyPairResourceWriter and OpenSSHKeyPairResourceParser).
A vulnerability was found in Apache CXF that could allow an attacker to perform a remote directory listing or code exfiltration. This issue only applies when the CXFServlet is configured with both the static-resources-list and redirect-query-check attributes. These attributes are not supposed to be used together, so the issue can only occur if the CXF service is misconfigured.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:3641
A SSRF vulnerability was found in Apache CXF. This issue occurs when parsing the href attribute of XOP:Include in MTOM requests, allowing an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type.
9.8 (Critical)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:3641
A flaw was found in the json-smart package. This security flaw occurs when reaching a ‘[‘ or ‘{‘ character in the JSON input, and the code parses an array or an object, respectively. The 3PP does not have any limit to the nesting of such arrays or objects. Since nested arrays and objects are parsed recursively, nesting too many of them can cause stack exhaustion (stack overflow) and crash the software.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:3641
A flaw was found in Jettison. Infinite recursion is triggered in Jettison when constructing a JSONArray from a Collection that contains a self-reference in one of its elements. This issue leads to a StackOverflowError exception being thrown.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:3641
A flaw was found in Spring Boot, occurring prominently in Spring MVC with a reverse proxy cache. This issue requires Spring MVC to have auto-configuration enabled and the application to use Spring Boot's welcome page support, either static or templated, resulting in the application being deployed behind a proxy that caches 404 responses. This issue may cause a denial of service (DoS) attack.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:3641
References
| URL | Category | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Camel for Spring Boot 3.18.3 Patch 2 release and security update is now available.\n\nRed Hat Product Security has rated this update as having an impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This release of Camel for Spring Boot 3.18.3.P2 serves as a replacement for Camel for Spring Boot 3.18.3.P1 and includes bug fixes and enhancements, which are documented in the Release Notes linked in the References. The purpose of this text-only errata is to inform you about the security issues fixed.\n\n* spring-boot: Spring Boot Welcome Page DoS Vulnerability (CVE-2023-20883)\n\n* woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks (CVE-2022-40152)\n\n* xstream: Xstream to serialise XML data was vulnerable to Denial of Service attacks (CVE-2022-40156)\n\n* dev-java-snakeyaml: dev-java/snakeyaml: DoS via stack overflow (CVE-2022-41854)\n\n* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)\n\n* sshd-common: mina-sshd: Java unsafe deserialization vulnerability (CVE-2022-45047)\n\n* jettison: Uncontrolled Recursion in JSONArray (CVE-2023-1436)\n\n* json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion) (CVE-2023-1370)\n\n* jackson-databind: use of deeply nested arrays (CVE-2022-42004)\n\n* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)\n\n* snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode (CVE-2022-38749)\n\n* snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject (CVE-2022-38750)\n\n* snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern.match (CVE-2022-38751)\n\n* snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode (CVE-2022-38752)\n\n* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)\n\n* CXF: Apache CXF: directory listing / code exfiltration (CVE-2022-46363)\n\n* CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:3641",
"url": "https://access.redhat.com/errata/RHSA-2023:3641"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=red.hat.integration\u0026version=2023-Q2",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=red.hat.integration\u0026version=2023-Q2"
},
{
"category": "external",
"summary": "2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "2129706",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129706"
},
{
"category": "external",
"summary": "2129707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129707"
},
{
"category": "external",
"summary": "2129709",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129709"
},
{
"category": "external",
"summary": "2129710",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129710"
},
{
"category": "external",
"summary": "2134288",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134288"
},
{
"category": "external",
"summary": "2134291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134291"
},
{
"category": "external",
"summary": "2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "2145194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
},
{
"category": "external",
"summary": "2151988",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2151988"
},
{
"category": "external",
"summary": "2155681",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155681"
},
{
"category": "external",
"summary": "2155682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155682"
},
{
"category": "external",
"summary": "2182788",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182788"
},
{
"category": "external",
"summary": "2188542",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2188542"
},
{
"category": "external",
"summary": "2209342",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2209342"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_3641.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Integration Camel for Spring Boot 3.18.3 Patch 2 release",
"tracking": {
"current_release_date": "2024-12-16T16:23:30+00:00",
"generator": {
"date": "2024-12-16T16:23:30+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2023:3641",
"initial_release_date": "2023-06-15T15:23:47+00:00",
"revision_history": [
{
"date": "2023-06-15T15:23:47+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-06-15T15:23:47+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-16T16:23:30+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHINT Camel-Springboot 3.18.3.P2",
"product": {
"name": "RHINT Camel-Springboot 3.18.3.P2",
"product_id": "RHINT Camel-Springboot 3.18.3.P2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:camel_spring_boot:3.18"
}
}
}
],
"category": "product_family",
"name": "Red Hat Integration"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-25857",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-09-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2126789"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Denial of Service due to missing nested depth limitation for collections",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For RHEL-8 it\u0027s downgraded to moderate because \"snakeyaml\" itself in RHEL 8 or RHEL-9 isn\u0027t shipped and \"prometheus-jmx-exporter\" is needed as build dependency. And it\u0027s not directly exploitable, hence severity marked as moderate.\nRed Hat Integration and AMQ products are not vulnerable to this flaw, so their severity has been lowered to moderate.\nRed Hat Single Sign-On uses snakeyaml from liquibase-core and is only used when performing migrations and would require administrator privileges to execute, hence severity marked as Low.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be present soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.18.3.P2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25857"
},
{
"category": "external",
"summary": "RHBZ#2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25857",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25857"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857"
},
{
"category": "external",
"summary": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525",
"url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525"
}
],
"release_date": "2022-08-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-15T15:23:47+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.18.3.P2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3641"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.18.3.P2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Denial of Service due to missing nested depth limitation for collections"
},
{
"cve": "CVE-2022-38749",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129706"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.18.3.P2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38749"
},
{
"category": "external",
"summary": "RHBZ#2129706",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129706"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38749",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38749"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38749",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38749"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-15T15:23:47+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.18.3.P2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3641"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.18.3.P2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode"
},
{
"cve": "CVE-2022-38750",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129707"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.18.3.P2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38750"
},
{
"category": "external",
"summary": "RHBZ#2129707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129707"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38750",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38750"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38750",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38750"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-15T15:23:47+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.18.3.P2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3641"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.18.3.P2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject"
},
{
"cve": "CVE-2022-38751",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129709"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.18.3.P2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38751"
},
{
"category": "external",
"summary": "RHBZ#2129709",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129709"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38751",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38751"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38751",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38751"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-15T15:23:47+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.18.3.P2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3641"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.18.3.P2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match"
},
{
"cve": "CVE-2022-38752",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129710"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.18.3.P2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38752"
},
{
"category": "external",
"summary": "RHBZ#2129710",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129710"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38752",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38752"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38752",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38752"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-15T15:23:47+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.18.3.P2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3641"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.18.3.P2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode"
},
{
"cve": "CVE-2022-40152",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-10-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2134291"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the FasterXML/woodstox package. This flaw allows an attacker to cause a denial of service (DoS) in its target via XML serialization. An attacker may benefit from the parser sending a malicious input that may cause a crash. This vulnerability is only relevant for users using the DTD parsing functionality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.18.3.P2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40152"
},
{
"category": "external",
"summary": "RHBZ#2134291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134291"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40152",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40152"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40152",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40152"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-3f7h-mf4q-vrm4",
"url": "https://github.com/advisories/GHSA-3f7h-mf4q-vrm4"
}
],
"release_date": "2022-09-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-15T15:23:47+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.18.3.P2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3641"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.18.3.P2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks"
},
{
"cve": "CVE-2022-40156",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-10-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2134288"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the XStream package. This flaw allows an attacker to cause a denial of service (DoS) in its target via XML serialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "xstream: Xstream to serialise XML data was vulnerable to Denial of Service attacks",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.18.3.P2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40156"
},
{
"category": "external",
"summary": "RHBZ#2134288",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134288"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40156",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40156"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40156",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40156"
}
],
"release_date": "2022-09-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-15T15:23:47+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.18.3.P2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3641"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.18.3.P2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "xstream: Xstream to serialise XML data was vulnerable to Denial of Service attacks"
},
{
"cve": "CVE-2022-41854",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-12-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2151988"
}
],
"notes": [
{
"category": "description",
"text": "Those using Snakeyaml to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack overflow. This effect may support a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "dev-java/snakeyaml: DoS via stack overflow",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.18.3.P2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41854"
},
{
"category": "external",
"summary": "RHBZ#2151988",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2151988"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41854",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41854"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41854",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41854"
},
{
"category": "external",
"summary": "https://bitbucket.org/snakeyaml/snakeyaml/issues/543/stackoverflow-oss-fuzz-50355",
"url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/543/stackoverflow-oss-fuzz-50355"
},
{
"category": "external",
"summary": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50355",
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50355"
}
],
"release_date": "2022-11-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-15T15:23:47+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.18.3.P2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3641"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.18.3.P2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "dev-java/snakeyaml: DoS via stack overflow"
},
{
"cve": "CVE-2022-42003",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135244"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.18.3.P2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42003"
},
{
"category": "external",
"summary": "RHBZ#2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42003",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-15T15:23:47+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.18.3.P2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3641"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.18.3.P2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS"
},
{
"cve": "CVE-2022-42004",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135247"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: use of deeply nested arrays",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.18.3.P2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42004"
},
{
"category": "external",
"summary": "RHBZ#2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42004",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-15T15:23:47+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.18.3.P2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3641"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.18.3.P2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: use of deeply nested arrays"
},
{
"cve": "CVE-2022-45047",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-11-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2145194"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache MINA SSHD, when using Java deserialization to load a serialized java.security.PrivateKey. An attacker could benefit from unsafe deserialization by inserting unsecured data that may affect the application or server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mina-sshd: Java unsafe deserialization vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Impact as High as there\u0027s a mitigation for minimizing the impact which the flaw requires org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to be impacted, which would require an external/public API for an attacker to benefit from it. \n\nRed Hat Fuse 7 and Red Hat JBoss Enterprise Application Platform 7 have a lower rate (moderate) as it\u0027s very unlikely to be exploited since those are for internal usage or use a custom implementation in their case.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.18.3.P2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45047"
},
{
"category": "external",
"summary": "RHBZ#2145194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45047",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45047"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047"
},
{
"category": "external",
"summary": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html",
"url": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html"
}
],
"release_date": "2022-11-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-15T15:23:47+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.18.3.P2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3641"
},
{
"category": "workaround",
"details": "From the maintainer:\n\nFor Apache MINA SSHD \u003c= 2.9.1, do not use org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to generate and later load your server\u0027s host key. Use separately generated host key files, for instance in OpenSSH format, and load them via a org.apache.sshd.common.keyprovider.FileKeyPairProvider instead. Or use a custom implementation instead of \nSimpleGeneratorHostKeyProvider that uses the OpenSSH format for storing and loading the host key (via classes OpenSSHKeyPairResourceWriter and OpenSSHKeyPairResourceParser).",
"product_ids": [
"RHINT Camel-Springboot 3.18.3.P2"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.18.3.P2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "mina-sshd: Java unsafe deserialization vulnerability"
},
{
"cve": "CVE-2022-46363",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2022-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155681"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Apache CXF that could allow an attacker to perform a remote directory listing or code exfiltration. This issue only applies when the CXFServlet is configured with both the static-resources-list and redirect-query-check attributes. These attributes are not supposed to be used together, so the issue can only occur if the CXF service is misconfigured.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "CXF: directory listing / code exfiltration",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.18.3.P2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-46363"
},
{
"category": "external",
"summary": "RHBZ#2155681",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155681"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-46363",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46363"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46363",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46363"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/pdzo1qgyplf4y523tnnzrcm7hoco3l8c",
"url": "https://lists.apache.org/thread/pdzo1qgyplf4y523tnnzrcm7hoco3l8c"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-15T15:23:47+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.18.3.P2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3641"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.18.3.P2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "CXF: directory listing / code exfiltration"
},
{
"cve": "CVE-2022-46364",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2022-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155682"
}
],
"notes": [
{
"category": "description",
"text": "A SSRF vulnerability was found in Apache CXF. This issue occurs when parsing the href attribute of XOP:Include in MTOM requests, allowing an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "CXF: SSRF Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Integration Camel Quarkus does not support CXF extensions and so is affected at a reduced impact of Moderate.\nThe RHSSO server does not ship Apache CXF. The component mentioned in CVE-2022-46364 is a transitive dependency coming from Fuse adapters and the test suite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.18.3.P2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-46364"
},
{
"category": "external",
"summary": "RHBZ#2155682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155682"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-46364",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46364"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46364",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46364"
},
{
"category": "external",
"summary": "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1\u0026modificationDate=1670944472739\u0026api=v2",
"url": "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1\u0026modificationDate=1670944472739\u0026api=v2"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-15T15:23:47+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.18.3.P2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3641"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.18.3.P2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "CXF: SSRF Vulnerability"
},
{
"cve": "CVE-2023-1370",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2023-04-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2188542"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the json-smart package. This security flaw occurs when reaching a \u2018[\u2018 or \u2018{\u2018 character in the JSON input, and the code parses an array or an object, respectively. The 3PP does not have any limit to the nesting of such arrays or objects. Since nested arrays and objects are parsed recursively, nesting too many of them can cause stack exhaustion (stack overflow) and crash the software.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.18.3.P2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-1370"
},
{
"category": "external",
"summary": "RHBZ#2188542",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2188542"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-1370",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1370"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-1370",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1370"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-493p-pfq6-5258",
"url": "https://github.com/advisories/GHSA-493p-pfq6-5258"
},
{
"category": "external",
"summary": "https://research.jfrog.com/vulnerabilities/stack-exhaustion-in-json-smart-leads-to-denial-of-service-when-parsing-malformed-json-xray-427633/",
"url": "https://research.jfrog.com/vulnerabilities/stack-exhaustion-in-json-smart-leads-to-denial-of-service-when-parsing-malformed-json-xray-427633/"
}
],
"release_date": "2023-03-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-15T15:23:47+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.18.3.P2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3641"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.18.3.P2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion)"
},
{
"cve": "CVE-2023-1436",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2023-03-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2182788"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jettison. Infinite recursion is triggered in Jettison when constructing a JSONArray from a Collection that contains a self-reference in one of its elements. This issue leads to a StackOverflowError exception being thrown.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: Uncontrolled Recursion in JSONArray",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.18.3.P2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-1436"
},
{
"category": "external",
"summary": "RHBZ#2182788",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182788"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-1436",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1436"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-1436",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1436"
},
{
"category": "external",
"summary": "https://research.jfrog.com/vulnerabilities/jettison-json-array-dos-xray-427911/",
"url": "https://research.jfrog.com/vulnerabilities/jettison-json-array-dos-xray-427911/"
}
],
"release_date": "2023-03-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-15T15:23:47+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.18.3.P2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3641"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.18.3.P2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jettison: Uncontrolled Recursion in JSONArray"
},
{
"cve": "CVE-2023-20883",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-05-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2209342"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Spring Boot, occurring prominently in Spring MVC with a reverse proxy cache. This issue requires Spring MVC to have auto-configuration enabled and the application to use Spring Boot\u0027s welcome page support, either static or templated, resulting in the application being deployed behind a proxy that caches 404 responses. This issue may cause a denial of service (DoS) attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "spring-boot: Spring Boot Welcome Page DoS Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.18.3.P2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-20883"
},
{
"category": "external",
"summary": "RHBZ#2209342",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2209342"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-20883",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20883"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-20883",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-20883"
}
],
"release_date": "2023-05-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-15T15:23:47+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.18.3.P2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3641"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.18.3.P2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "spring-boot: Spring Boot Welcome Page DoS Vulnerability"
}
]
}
RHSA-2023_0777
Vulnerability from csaf_redhat - Published: 2023-02-23 00:01 - Updated: 2024-12-17 23:01Summary
Red Hat Security Advisory: OpenShift Container Platform 4.9.56 security update
Severity
Critical
Notes
Topic: Red Hat OpenShift Container Platform release 4.9.56 is now available with updates to packages and images that fix several bugs and add enhancements.
This release includes a security update for Red Hat OpenShift Container Platform 4.9.
Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.9.56. See the following advisory for the container images for this release:
https://access.redhat.com/errata/RHSA-2023:0778
Security Fix(es):
* jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin (CVE-2022-43401)
* jenkins-plugin/workflow-cps: Sandbox bypass vulnerabilities in Pipeline: Groovy Plugin (CVE-2022-43402)
* jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin (CVE-2022-43403)
* jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin (CVE-2022-43404)
* jenkins-plugin/pipeline-groovy-lib: Sandbox bypass vulnerability in Pipeline: Groovy Libraries Plugin (CVE-2022-43405)
* jenkins-plugin/workflow-cps-global-lib: Sandbox bypass vulnerability in Pipeline: Deprecated Groovy Libraries Plugin (CVE-2022-43406)
* google-oauth-client: missing PKCE support in accordance with the RFC for OAuth 2.0 for Native Apps can lead to improper authorization (CVE-2020-7692)
* SnakeYaml: Constructor Deserialization Remote Code Execution (CVE-2022-1471)
* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)
* jenkins-plugin/pipeline-input-step: CSRF protection for any URL can be bypassed in Pipeline: Input Step Plugin (CVE-2022-43407)
* mina-sshd: Java unsafe deserialization vulnerability (CVE-2022-45047)
* jenkins-plugin/script-security: Whole-script approval in Script Security Plugin vulnerable to SHA-1 collisions (CVE-2022-45379)
* jenkins-plugin/JUnit: Stored XSS vulnerability in JUnit Plugin (CVE-2022-45380)
* jenkins-plugin/pipeline-utility-steps: Arbitrary file read vulnerability in Pipeline Utility Steps Plugin (CVE-2022-45381)
* http2-server: Invalid HTTP/2 requests cause DoS (CVE-2022-2048)
* Jenkins plugin: CSRF vulnerability in Script Security Plugin (CVE-2022-30946)
* Jenkins plugin: User-scoped credentials exposed to other users by Pipeline SCM API for Blue Ocean Plugin (CVE-2022-30952)
* Jenkins plugin: CSRF vulnerability in Blue Ocean Plugin (CVE-2022-30953)
* Jenkins plugin: missing permission checks in Blue Ocean Plugin (CVE-2022-30954)
* jenkins: Observable timing discrepancy allows determining username validity (CVE-2022-34174)
* jenkins-plugin: Cross-site Request Forgery (CSRF) in org.jenkins-ci.plugins:git (CVE-2022-36882)
* jenkins plugin: Lack of authentication mechanism in Git Plugin webhook (CVE-2022-36883)
* jenkins plugin: Lack of authentication mechanism in Git Plugin webhook (CVE-2022-36884)
* jenkins plugin: Non-constant time webhook signature comparison in GitHub Plugin (CVE-2022-36885)
* jenkins-plugin/pipeline-stage-view: CSRF protection for any URL can be bypassed in Pipeline: Stage View Plugin (CVE-2022-43408)
* jenkins-plugin/workflow-support: Stored XSS vulnerability in Pipeline: Supporting APIs Plugin (CVE-2022-43409)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
All OpenShift Container Platform 4.9 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.9/updating/updating-cluster-cli.html
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
PKCE support is not implemented in accordance with the RFC for OAuth 2.0 for Native Apps. Without the use of PKCE, the authorization code returned by an authorization server is not enough to guarantee that the client that issued the initial authorization request is the one that will be authorized. An attacker is able to obtain the authorization code using a malicious app on the client-side and use it to gain authorization to the protected resource. This affects the package com.google.oauth-client:google-oauth-client before 1.31.0.
7.4 (High)
Vendor Fix
For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html
https://access.redhat.com/errata/RHSA-2023:0777
A flaw was found in the SnakeYaml package. This flaw allows an attacker to benefit from remote code execution by sending malicious YAML content and this content being deserialized by the constructor. Deserialization is unsafe and leads to Remote Code Execution (RCE).
9.8 (Critical)
Vendor Fix
For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html
https://access.redhat.com/errata/RHSA-2023:0777
A flaw was found in the Eclipse Jetty http2-server package. This flaw allows an attacker to cause a denial of service in the server via HTTP/2 requests.
7.5 (High)
Vendor Fix
For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html
https://access.redhat.com/errata/RHSA-2023:0777
A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.
7.5 (High)
Vendor Fix
For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html
https://access.redhat.com/errata/RHSA-2023:0777
A cross-site request forgery (CSRF) vulnerability in Jenkins Script Security Plugin 1158.v7c1b_73a_69a_08 and earlier allows attackers to have Jenkins send an HTTP request to an attacker-specified webserver.
4.3 (Medium)
Vendor Fix
For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html
https://access.redhat.com/errata/RHSA-2023:0777
Jenkins Pipeline SCM API for Blue Ocean Plugin 1.25.3 and earlier allows attackers with Job/Configure permission to access credentials with attacker-specified IDs stored in the private per-user credentials stores of any attacker-specified user in Jenkins.
6.5 (Medium)
Vendor Fix
For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html
https://access.redhat.com/errata/RHSA-2023:0777
A cross-site request forgery (CSRF) vulnerability in Jenkins Blue Ocean Plugin 1.25.3 and earlier allows attackers to connect to an attacker-specified HTTP server.
6.5 (Medium)
Vendor Fix
For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html
https://access.redhat.com/errata/RHSA-2023:0777
Jenkins Blue Ocean Plugin 1.25.3 and earlier does not perform a permission check in several HTTP endpoints, allowing attackers with Overall/Read permission to connect to an attacker-specified HTTP server.
6.5 (Medium)
Vendor Fix
For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html
https://access.redhat.com/errata/RHSA-2023:0777
In Jenkins 2.355 and earlier, LTS 2.332.3 and earlier, an observable timing discrepancy on the login form allows distinguishing between login attempts with an invalid username, and login attempts with a valid username and wrong password, when using the Jenkins user database security realm.
7.5 (High)
Vendor Fix
For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html
https://access.redhat.com/errata/RHSA-2023:0777
A flaw was found in the Git Jenkins plugin. The affected versions of the Git Jenkins Plugin allow attackers to trigger the builds of jobs configured to use an attacker-specified Git repository and to cause them to check out an attacker-specified commit.
8.8 (High)
Vendor Fix
For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html
https://access.redhat.com/errata/RHSA-2023:0777
A missing permission check in Jenkins Git Plugin 4.11.3 and earlier allows unauthenticated attackers to trigger builds of jobs configured to use an attacker-specified Git repository and to cause them to check out an attacker-specified commit.
7.5 (High)
Vendor Fix
For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html
https://access.redhat.com/errata/RHSA-2023:0777
The webhook endpoint in Jenkins Git Plugin 4.11.3 and earlier provide unauthenticated attackers information about the existence of jobs configured to use an attacker-specified Git repository.
5.3 (Medium)
Vendor Fix
For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html
https://access.redhat.com/errata/RHSA-2023:0777
Jenkins GitHub Plugin 1.34.4 and earlier uses a non-constant time comparison function when checking whether the provided and computed webhook signatures are equal, allowing attackers to use statistical methods to obtain a valid webhook signature.
5.3 (Medium)
Vendor Fix
For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html
https://access.redhat.com/errata/RHSA-2023:0777
A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and confidentiality of Jenkins.
9.9 (Critical)
Vendor Fix
For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html
https://access.redhat.com/errata/RHSA-2023:0777
A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and confidentiality of Jenkins.
9.9 (Critical)
Vendor Fix
For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html
https://access.redhat.com/errata/RHSA-2023:0777
A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and confidentiality of Jenkins.
9.9 (Critical)
Vendor Fix
For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html
https://access.redhat.com/errata/RHSA-2023:0777
A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and confidentiality of Jenkins.
9.9 (Critical)
Vendor Fix
For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html
https://access.redhat.com/errata/RHSA-2023:0777
A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and confidentiality of Jenkins.
9.9 (Critical)
Vendor Fix
For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html
https://access.redhat.com/errata/RHSA-2023:0777
A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and confidentiality of Jenkins.
9.9 (Critical)
Vendor Fix
For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html
https://access.redhat.com/errata/RHSA-2023:0777
A cross-site request forgery (CSRF) vulnerability was found in a Jenkins plugin. This issue may allow an unauthenticated attacker to access Jenkins builds, bypassing CSRF protections. This could compromise the integrity, availability, and confidentiality of Jenkins.
8.8 (High)
Vendor Fix
For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html
https://access.redhat.com/errata/RHSA-2023:0777
A Cross-site request forgery (CSRF) vulnerability was found in a Jenkins plugin. This issue may allow an authenticated attacker to access Jenkins builds, bypassing CSRF protections.
5.7 (Medium)
Vendor Fix
For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html
https://access.redhat.com/errata/RHSA-2023:0777
A Cross-site scripting (XSS) vulnerability was found in a Jenkins plugin. This issue may allow an authenticated remote attacker to create Pipelines.
5.4 (Medium)
Vendor Fix
For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html
https://access.redhat.com/errata/RHSA-2023:0777
A flaw was found in Apache MINA SSHD, when using Java deserialization to load a serialized java.security.PrivateKey. An attacker could benefit from unsafe deserialization by inserting unsecured data that may affect the application or server.
9.8 (Critical)
Vendor Fix
For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html
https://access.redhat.com/errata/RHSA-2023:0777
Workaround
From the maintainer:
For Apache MINA SSHD <= 2.9.1, do not use org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to generate and later load your server's host key. Use separately generated host key files, for instance in OpenSSH format, and load them via a org.apache.sshd.common.keyprovider.FileKeyPairProvider instead. Or use a custom implementation instead of
SimpleGeneratorHostKeyProvider that uses the OpenSSH format for storing and loading the host key (via classes OpenSSHKeyPairResourceWriter and OpenSSHKeyPairResourceParser).
A flaw was found in the script-security Jenkins Plugin. SHA-1 no longer meets the security standards for producing a cryptographically secure message digest. The affected version of the script-security Plugin stores whole-script approvals as the SHA-1 hash of the approved script.
8.0 (High)
Vendor Fix
For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html
https://access.redhat.com/errata/RHSA-2023:0777
A flaw was found in the JUnit Jenkins Plugin. The affected version of the JUnit plugin converts HTTP(S) URLs in test report output to clickable links, which leads to a stored Cross-site scripting (XSS) attack.
8.0 (High)
Vendor Fix
For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html
https://access.redhat.com/errata/RHSA-2023:0777
A flaw was found in the Pipeline Utility Steps Jenkins Plugin. The affected version of the Pipeline Utility Steps Plugin does not restrict the set of enabled prefix interpolators and bundles versions of this library that enable the file: prefix interpolator by default. This flaw allows attackers who can configure Pipelines to read arbitrary files from the Jenkins controller file system.
8.1 (High)
Vendor Fix
For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html
https://access.redhat.com/errata/RHSA-2023:0777
References
| URL | Category | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Container Platform release 4.9.56 is now available with updates to packages and images that fix several bugs and add enhancements.\n\nThis release includes a security update for Red Hat OpenShift Container Platform 4.9.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.\n\nThis advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.9.56. See the following advisory for the container images for this release:\n\nhttps://access.redhat.com/errata/RHSA-2023:0778\n\nSecurity Fix(es):\n\n* jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin (CVE-2022-43401)\n\n* jenkins-plugin/workflow-cps: Sandbox bypass vulnerabilities in Pipeline: Groovy Plugin (CVE-2022-43402)\n\n* jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin (CVE-2022-43403)\n\n* jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin (CVE-2022-43404)\n\n* jenkins-plugin/pipeline-groovy-lib: Sandbox bypass vulnerability in Pipeline: Groovy Libraries Plugin (CVE-2022-43405)\n\n* jenkins-plugin/workflow-cps-global-lib: Sandbox bypass vulnerability in Pipeline: Deprecated Groovy Libraries Plugin (CVE-2022-43406)\n\n* google-oauth-client: missing PKCE support in accordance with the RFC for OAuth 2.0 for Native Apps can lead to improper authorization (CVE-2020-7692)\n\n* SnakeYaml: Constructor Deserialization Remote Code Execution (CVE-2022-1471)\n\n* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)\n\n* jenkins-plugin/pipeline-input-step: CSRF protection for any URL can be bypassed in Pipeline: Input Step Plugin (CVE-2022-43407)\n\n* mina-sshd: Java unsafe deserialization vulnerability (CVE-2022-45047)\n\n* jenkins-plugin/script-security: Whole-script approval in Script Security Plugin vulnerable to SHA-1 collisions (CVE-2022-45379)\n\n* jenkins-plugin/JUnit: Stored XSS vulnerability in JUnit Plugin (CVE-2022-45380)\n\n* jenkins-plugin/pipeline-utility-steps: Arbitrary file read vulnerability in Pipeline Utility Steps Plugin (CVE-2022-45381)\n\n* http2-server: Invalid HTTP/2 requests cause DoS (CVE-2022-2048)\n\n* Jenkins plugin: CSRF vulnerability in Script Security Plugin (CVE-2022-30946)\n\n* Jenkins plugin: User-scoped credentials exposed to other users by Pipeline SCM API for Blue Ocean Plugin (CVE-2022-30952)\n\n* Jenkins plugin: CSRF vulnerability in Blue Ocean Plugin (CVE-2022-30953)\n\n* Jenkins plugin: missing permission checks in Blue Ocean Plugin (CVE-2022-30954)\n\n* jenkins: Observable timing discrepancy allows determining username validity (CVE-2022-34174)\n\n* jenkins-plugin: Cross-site Request Forgery (CSRF) in org.jenkins-ci.plugins:git (CVE-2022-36882)\n\n* jenkins plugin: Lack of authentication mechanism in Git Plugin webhook (CVE-2022-36883)\n\n* jenkins plugin: Lack of authentication mechanism in Git Plugin webhook (CVE-2022-36884)\n\n* jenkins plugin: Non-constant time webhook signature comparison in GitHub Plugin (CVE-2022-36885)\n\n* jenkins-plugin/pipeline-stage-view: CSRF protection for any URL can be bypassed in Pipeline: Stage View Plugin (CVE-2022-43408)\n\n* jenkins-plugin/workflow-support: Stored XSS vulnerability in Pipeline: Supporting APIs Plugin (CVE-2022-43409)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAll OpenShift Container Platform 4.9 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.9/updating/updating-cluster-cli.html",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:0777",
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"url": "https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html"
},
{
"category": "external",
"summary": "1856376",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1856376"
},
{
"category": "external",
"summary": "2116840",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2116840"
},
{
"category": "external",
"summary": "2116952",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2116952"
},
{
"category": "external",
"summary": "2119643",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119643"
},
{
"category": "external",
"summary": "2119645",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119645"
},
{
"category": "external",
"summary": "2119646",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119646"
},
{
"category": "external",
"summary": "2119647",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119647"
},
{
"category": "external",
"summary": "2119653",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119653"
},
{
"category": "external",
"summary": "2119656",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119656"
},
{
"category": "external",
"summary": "2119657",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119657"
},
{
"category": "external",
"summary": "2119658",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119658"
},
{
"category": "external",
"summary": "2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "2136370",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136370"
},
{
"category": "external",
"summary": "2136374",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136374"
},
{
"category": "external",
"summary": "2136379",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136379"
},
{
"category": "external",
"summary": "2136381",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136381"
},
{
"category": "external",
"summary": "2136382",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136382"
},
{
"category": "external",
"summary": "2136383",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136383"
},
{
"category": "external",
"summary": "2136386",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136386"
},
{
"category": "external",
"summary": "2136388",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136388"
},
{
"category": "external",
"summary": "2136391",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136391"
},
{
"category": "external",
"summary": "2143086",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143086"
},
{
"category": "external",
"summary": "2143089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143089"
},
{
"category": "external",
"summary": "2143090",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143090"
},
{
"category": "external",
"summary": "2145194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
},
{
"category": "external",
"summary": "2150009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150009"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_0777.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Container Platform 4.9.56 security update",
"tracking": {
"current_release_date": "2024-12-17T23:01:39+00:00",
"generator": {
"date": "2024-12-17T23:01:39+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2023:0777",
"initial_release_date": "2023-02-23T00:01:27+00:00",
"revision_history": [
{
"date": "2023-02-23T00:01:27+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-02-23T00:01:27+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-17T23:01:39+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.9",
"product": {
"name": "Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.9::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "jenkins-0:2.361.1.1675668150-1.el8.src",
"product": {
"name": "jenkins-0:2.361.1.1675668150-1.el8.src",
"product_id": "jenkins-0:2.361.1.1675668150-1.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins@2.361.1.1675668150-1.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "jenkins-2-plugins-0:4.9.1675668922-1.el8.src",
"product": {
"name": "jenkins-2-plugins-0:4.9.1675668922-1.el8.src",
"product_id": "jenkins-2-plugins-0:4.9.1675668922-1.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins-2-plugins@4.9.1675668922-1.el8?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "jenkins-0:2.361.1.1675668150-1.el8.noarch",
"product": {
"name": "jenkins-0:2.361.1.1675668150-1.el8.noarch",
"product_id": "jenkins-0:2.361.1.1675668150-1.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins@2.361.1.1675668150-1.el8?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"product": {
"name": "jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"product_id": "jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins-2-plugins@4.9.1675668922-1.el8?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-0:2.361.1.1675668150-1.el8.noarch as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch"
},
"product_reference": "jenkins-0:2.361.1.1675668150-1.el8.noarch",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-0:2.361.1.1675668150-1.el8.src as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
},
"product_reference": "jenkins-0:2.361.1.1675668150-1.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch"
},
"product_reference": "jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-2-plugins-0:4.9.1675668922-1.el8.src as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
},
"product_reference": "jenkins-2-plugins-0:4.9.1675668922-1.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.9"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-7692",
"cwe": {
"id": "CWE-358",
"name": "Improperly Implemented Security Check for Standard"
},
"discovery_date": "2020-07-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1856376"
}
],
"notes": [
{
"category": "description",
"text": "PKCE support is not implemented in accordance with the RFC for OAuth 2.0 for Native Apps. Without the use of PKCE, the authorization code returned by an authorization server is not enough to guarantee that the client that issued the initial authorization request is the one that will be authorized. An attacker is able to obtain the authorization code using a malicious app on the client-side and use it to gain authorization to the protected resource. This affects the package com.google.oauth-client:google-oauth-client before 1.31.0.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "google-oauth-client: missing PKCE support in accordance with the RFC for OAuth 2.0 for Native Apps can lead to improper authorization",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-7692"
},
{
"category": "external",
"summary": "RHBZ#1856376",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1856376"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-7692",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7692"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-7692",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7692"
}
],
"release_date": "2020-07-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "google-oauth-client: missing PKCE support in accordance with the RFC for OAuth 2.0 for Native Apps can lead to improper authorization"
},
{
"cve": "CVE-2022-1471",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-12-01T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2150009"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the SnakeYaml package. This flaw allows an attacker to benefit from remote code execution by sending malicious YAML content and this content being deserialized by the constructor. Deserialization is unsafe and leads to Remote Code Execution (RCE).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "SnakeYaml: Constructor Deserialization Remote Code Execution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In the Red Hat Process Automation 7 (RHPAM) the untrusted, malicious YAML file for deserialization by the vulnerable Snakeyaml\u0027s SafeConstructor class must be provided intentionally by the RHPAM user which requires high privileges. The potential attack complexity is also high because it depends on conditions that are beyond the attacker\u0027s control. Due to that the impact for RHPAM is reduced to Low.\n\nRed Hat Fuse 7 does not expose by default any endpoint that passes incoming data/request into vulnerable Snakeyaml\u0027s Constructor class nor pass untrusted data to this class. When this class is used, it\u2019s still only used to parse internal configuration, hence the impact by this vulnerability to Red Hat Fuse 7 is reduced to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-1471"
},
{
"category": "external",
"summary": "RHBZ#2150009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-1471",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1471"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1471",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1471"
},
{
"category": "external",
"summary": "https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2",
"url": "https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2"
}
],
"release_date": "2022-10-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "SnakeYaml: Constructor Deserialization Remote Code Execution"
},
{
"cve": "CVE-2022-2048",
"cwe": {
"id": "CWE-410",
"name": "Insufficient Resource Pool"
},
"discovery_date": "2022-08-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2116952"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Eclipse Jetty http2-server package. This flaw allows an attacker to cause a denial of service in the server via HTTP/2 requests.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "http2-server: Invalid HTTP/2 requests cause DoS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-2048"
},
{
"category": "external",
"summary": "RHBZ#2116952",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2116952"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-2048",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2048"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-2048",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2048"
},
{
"category": "external",
"summary": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-wgmr-mf83-7x4j",
"url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-wgmr-mf83-7x4j"
}
],
"release_date": "2022-07-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "http2-server: Invalid HTTP/2 requests cause DoS"
},
{
"cve": "CVE-2022-25857",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-09-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2126789"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Denial of Service due to missing nested depth limitation for collections",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For RHEL-8 it\u0027s downgraded to moderate because \"snakeyaml\" itself in RHEL 8 or RHEL-9 isn\u0027t shipped and \"prometheus-jmx-exporter\" is needed as build dependency. And it\u0027s not directly exploitable, hence severity marked as moderate.\nRed Hat Integration and AMQ products are not vulnerable to this flaw, so their severity has been lowered to moderate.\nRed Hat Single Sign-On uses snakeyaml from liquibase-core and is only used when performing migrations and would require administrator privileges to execute, hence severity marked as Low.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be present soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25857"
},
{
"category": "external",
"summary": "RHBZ#2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25857",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25857"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857"
},
{
"category": "external",
"summary": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525",
"url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525"
}
],
"release_date": "2022-08-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "snakeyaml: Denial of Service due to missing nested depth limitation for collections"
},
{
"cve": "CVE-2022-30946",
"cwe": {
"id": "CWE-352",
"name": "Cross-Site Request Forgery (CSRF)"
},
"discovery_date": "2022-08-19T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2119643"
}
],
"notes": [
{
"category": "description",
"text": "A cross-site request forgery (CSRF) vulnerability in Jenkins Script Security Plugin 1158.v7c1b_73a_69a_08 and earlier allows attackers to have Jenkins send an HTTP request to an attacker-specified webserver.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "plugin: CSRF vulnerability in Script Security Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-30946"
},
{
"category": "external",
"summary": "RHBZ#2119643",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119643"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-30946",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30946"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-30946",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30946"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-05-17/#SECURITY-2116",
"url": "https://www.jenkins.io/security/advisory/2022-05-17/#SECURITY-2116"
}
],
"release_date": "2022-05-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "plugin: CSRF vulnerability in Script Security Plugin"
},
{
"cve": "CVE-2022-30952",
"cwe": {
"id": "CWE-668",
"name": "Exposure of Resource to Wrong Sphere"
},
"discovery_date": "2022-08-19T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2119645"
}
],
"notes": [
{
"category": "description",
"text": "Jenkins Pipeline SCM API for Blue Ocean Plugin 1.25.3 and earlier allows attackers with Job/Configure permission to access credentials with attacker-specified IDs stored in the private per-user credentials stores of any attacker-specified user in Jenkins.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "plugin: User-scoped credentials exposed to other users by Pipeline SCM API for Blue Ocean Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-30952"
},
{
"category": "external",
"summary": "RHBZ#2119645",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119645"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-30952",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30952"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-30952",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30952"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-05-17/#SECURITY-714",
"url": "https://www.jenkins.io/security/advisory/2022-05-17/#SECURITY-714"
}
],
"release_date": "2022-05-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "plugin: User-scoped credentials exposed to other users by Pipeline SCM API for Blue Ocean Plugin"
},
{
"cve": "CVE-2022-30953",
"cwe": {
"id": "CWE-352",
"name": "Cross-Site Request Forgery (CSRF)"
},
"discovery_date": "2022-08-19T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2119646"
}
],
"notes": [
{
"category": "description",
"text": "A cross-site request forgery (CSRF) vulnerability in Jenkins Blue Ocean Plugin 1.25.3 and earlier allows attackers to connect to an attacker-specified HTTP server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "plugin: CSRF vulnerability in Blue Ocean Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-30953"
},
{
"category": "external",
"summary": "RHBZ#2119646",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119646"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-30953",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30953"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-30953",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30953"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-05-17/#SECURITY-2502",
"url": "https://www.jenkins.io/security/advisory/2022-05-17/#SECURITY-2502"
}
],
"release_date": "2022-05-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "plugin: CSRF vulnerability in Blue Ocean Plugin"
},
{
"cve": "CVE-2022-30954",
"cwe": {
"id": "CWE-862",
"name": "Missing Authorization"
},
"discovery_date": "2022-08-19T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2119647"
}
],
"notes": [
{
"category": "description",
"text": "Jenkins Blue Ocean Plugin 1.25.3 and earlier does not perform a permission check in several HTTP endpoints, allowing attackers with Overall/Read permission to connect to an attacker-specified HTTP server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "plugin: missing permission checks in Blue Ocean Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-30954"
},
{
"category": "external",
"summary": "RHBZ#2119647",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119647"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-30954",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30954"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-30954",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30954"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-05-17/#SECURITY-2502",
"url": "https://www.jenkins.io/security/advisory/2022-05-17/#SECURITY-2502"
}
],
"release_date": "2022-05-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "plugin: missing permission checks in Blue Ocean Plugin"
},
{
"cve": "CVE-2022-34174",
"cwe": {
"id": "CWE-208",
"name": "Observable Timing Discrepancy"
},
"discovery_date": "2022-08-19T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2119653"
}
],
"notes": [
{
"category": "description",
"text": "In Jenkins 2.355 and earlier, LTS 2.332.3 and earlier, an observable timing discrepancy on the login form allows distinguishing between login attempts with an invalid username, and login attempts with a valid username and wrong password, when using the Jenkins user database security realm.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins: Observable timing discrepancy allows determining username validity",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-34174"
},
{
"category": "external",
"summary": "RHBZ#2119653",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119653"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-34174",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34174"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-34174",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34174"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-06-22/#SECURITY-2566",
"url": "https://www.jenkins.io/security/advisory/2022-06-22/#SECURITY-2566"
}
],
"release_date": "2022-06-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins: Observable timing discrepancy allows determining username validity"
},
{
"cve": "CVE-2022-36882",
"cwe": {
"id": "CWE-352",
"name": "Cross-Site Request Forgery (CSRF)"
},
"discovery_date": "2022-08-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2116840"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Git Jenkins plugin. The affected versions of the Git Jenkins Plugin allow attackers to trigger the builds of jobs configured to use an attacker-specified Git repository and to cause them to check out an attacker-specified commit.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin: Cross-site Request Forgery (CSRF) in org.jenkins-ci.plugins:git",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-36882"
},
{
"category": "external",
"summary": "RHBZ#2116840",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2116840"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-36882",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36882"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-36882",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-36882"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-284",
"url": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-284"
}
],
"release_date": "2022-08-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins-plugin: Cross-site Request Forgery (CSRF) in org.jenkins-ci.plugins:git"
},
{
"cve": "CVE-2022-36883",
"cwe": {
"id": "CWE-862",
"name": "Missing Authorization"
},
"discovery_date": "2022-08-19T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2119656"
}
],
"notes": [
{
"category": "description",
"text": "A missing permission check in Jenkins Git Plugin 4.11.3 and earlier allows unauthenticated attackers to trigger builds of jobs configured to use an attacker-specified Git repository and to cause them to check out an attacker-specified commit.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "plugin: Lack of authentication mechanism in Git Plugin webhook",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-36883"
},
{
"category": "external",
"summary": "RHBZ#2119656",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119656"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-36883",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36883"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-36883",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-36883"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-284",
"url": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-284"
}
],
"release_date": "2022-07-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "plugin: Lack of authentication mechanism in Git Plugin webhook"
},
{
"cve": "CVE-2022-36884",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2022-08-19T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2119657"
}
],
"notes": [
{
"category": "description",
"text": "The webhook endpoint in Jenkins Git Plugin 4.11.3 and earlier provide unauthenticated attackers information about the existence of jobs configured to use an attacker-specified Git repository.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "plugin: Lack of authentication mechanism in Git Plugin webhook",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-36884"
},
{
"category": "external",
"summary": "RHBZ#2119657",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119657"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-36884",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36884"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-36884",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-36884"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-284",
"url": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-284"
}
],
"release_date": "2022-07-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "plugin: Lack of authentication mechanism in Git Plugin webhook"
},
{
"cve": "CVE-2022-36885",
"cwe": {
"id": "CWE-208",
"name": "Observable Timing Discrepancy"
},
"discovery_date": "2022-08-19T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2119658"
}
],
"notes": [
{
"category": "description",
"text": "Jenkins GitHub Plugin 1.34.4 and earlier uses a non-constant time comparison function when checking whether the provided and computed webhook signatures are equal, allowing attackers to use statistical methods to obtain a valid webhook signature.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "plugin: Non-constant time webhook signature comparison in GitHub Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-36885"
},
{
"category": "external",
"summary": "RHBZ#2119658",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119658"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-36885",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36885"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-36885",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-36885"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-1849",
"url": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-1849"
}
],
"release_date": "2022-07-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "plugin: Non-constant time webhook signature comparison in GitHub Plugin"
},
{
"cve": "CVE-2022-43401",
"cwe": {
"id": "CWE-693",
"name": "Protection Mechanism Failure"
},
"discovery_date": "2022-10-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2136381"
}
],
"notes": [
{
"category": "description",
"text": "A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and confidentiality of Jenkins.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-43401"
},
{
"category": "external",
"summary": "RHBZ#2136381",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136381"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-43401",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43401"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43401",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43401"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(1)",
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(1)"
}
],
"release_date": "2022-10-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin"
},
{
"cve": "CVE-2022-43402",
"cwe": {
"id": "CWE-693",
"name": "Protection Mechanism Failure"
},
"discovery_date": "2022-10-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2136379"
}
],
"notes": [
{
"category": "description",
"text": "A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and confidentiality of Jenkins.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin/workflow-cps: Sandbox bypass vulnerabilities in Pipeline: Groovy Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-43402"
},
{
"category": "external",
"summary": "RHBZ#2136379",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136379"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-43402",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43402"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43402",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43402"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(1)",
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(1)"
}
],
"release_date": "2022-10-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "jenkins-plugin/workflow-cps: Sandbox bypass vulnerabilities in Pipeline: Groovy Plugin"
},
{
"cve": "CVE-2022-43403",
"cwe": {
"id": "CWE-693",
"name": "Protection Mechanism Failure"
},
"discovery_date": "2022-10-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2136382"
}
],
"notes": [
{
"category": "description",
"text": "A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and confidentiality of Jenkins.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-43403"
},
{
"category": "external",
"summary": "RHBZ#2136382",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136382"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-43403",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43403"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43403",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43403"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(1)",
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(1)"
}
],
"release_date": "2022-10-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin"
},
{
"cve": "CVE-2022-43404",
"cwe": {
"id": "CWE-693",
"name": "Protection Mechanism Failure"
},
"discovery_date": "2022-10-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2136383"
}
],
"notes": [
{
"category": "description",
"text": "A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and confidentiality of Jenkins.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-43404"
},
{
"category": "external",
"summary": "RHBZ#2136383",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136383"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-43404",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43404"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43404",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43404"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(1)",
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(1)"
}
],
"release_date": "2022-10-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin"
},
{
"cve": "CVE-2022-43405",
"cwe": {
"id": "CWE-693",
"name": "Protection Mechanism Failure"
},
"discovery_date": "2022-10-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2136374"
}
],
"notes": [
{
"category": "description",
"text": "A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and confidentiality of Jenkins.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin/pipeline-groovy-lib: Sandbox bypass vulnerability in Pipeline: Groovy Libraries Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-43405"
},
{
"category": "external",
"summary": "RHBZ#2136374",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136374"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-43405",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43405"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43405",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43405"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(2)",
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(2)"
}
],
"release_date": "2022-10-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "jenkins-plugin/pipeline-groovy-lib: Sandbox bypass vulnerability in Pipeline: Groovy Libraries Plugin"
},
{
"cve": "CVE-2022-43406",
"cwe": {
"id": "CWE-693",
"name": "Protection Mechanism Failure"
},
"discovery_date": "2022-10-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2136370"
}
],
"notes": [
{
"category": "description",
"text": "A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and confidentiality of Jenkins.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin/workflow-cps-global-lib: Sandbox bypass vulnerability in Pipeline: Deprecated Groovy Libraries Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-43406"
},
{
"category": "external",
"summary": "RHBZ#2136370",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136370"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-43406",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43406"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43406",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43406"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(2)",
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(2)"
}
],
"release_date": "2022-10-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "jenkins-plugin/workflow-cps-global-lib: Sandbox bypass vulnerability in Pipeline: Deprecated Groovy Libraries Plugin"
},
{
"cve": "CVE-2022-43407",
"cwe": {
"id": "CWE-838",
"name": "Inappropriate Encoding for Output Context"
},
"discovery_date": "2022-10-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2136386"
}
],
"notes": [
{
"category": "description",
"text": "A cross-site request forgery (CSRF) vulnerability was found in a Jenkins plugin. This issue may allow an unauthenticated attacker to access Jenkins builds, bypassing CSRF protections. This could compromise the integrity, availability, and confidentiality of Jenkins.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin/pipeline-input-step: CSRF protection for any URL can be bypassed in Pipeline: Input Step Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-43407"
},
{
"category": "external",
"summary": "RHBZ#2136386",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136386"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-43407",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43407"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43407",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43407"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2880",
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2880"
}
],
"release_date": "2022-10-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jenkins-plugin/pipeline-input-step: CSRF protection for any URL can be bypassed in Pipeline: Input Step Plugin"
},
{
"cve": "CVE-2022-43408",
"cwe": {
"id": "CWE-838",
"name": "Inappropriate Encoding for Output Context"
},
"discovery_date": "2022-10-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2136388"
}
],
"notes": [
{
"category": "description",
"text": "A Cross-site request forgery (CSRF) vulnerability was found in a Jenkins plugin. This issue may allow an authenticated attacker to access Jenkins builds, bypassing CSRF protections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin/pipeline-stage-view: CSRF protection for any URL can be bypassed in Pipeline: Stage View Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-43408"
},
{
"category": "external",
"summary": "RHBZ#2136388",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136388"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-43408",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43408"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43408",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43408"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2828",
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2828"
}
],
"release_date": "2022-10-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins-plugin/pipeline-stage-view: CSRF protection for any URL can be bypassed in Pipeline: Stage View Plugin"
},
{
"cve": "CVE-2022-43409",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2022-10-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2136391"
}
],
"notes": [
{
"category": "description",
"text": "A Cross-site scripting (XSS) vulnerability was found in a Jenkins plugin. This issue may allow an authenticated remote attacker to create Pipelines.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin/workflow-support: Stored XSS vulnerability in Pipeline: Supporting APIs Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-43409"
},
{
"category": "external",
"summary": "RHBZ#2136391",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136391"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-43409",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43409"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43409",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43409"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2881",
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2881"
}
],
"release_date": "2022-10-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins-plugin/workflow-support: Stored XSS vulnerability in Pipeline: Supporting APIs Plugin"
},
{
"cve": "CVE-2022-45047",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-11-23T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2145194"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache MINA SSHD, when using Java deserialization to load a serialized java.security.PrivateKey. An attacker could benefit from unsafe deserialization by inserting unsecured data that may affect the application or server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mina-sshd: Java unsafe deserialization vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Impact as High as there\u0027s a mitigation for minimizing the impact which the flaw requires org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to be impacted, which would require an external/public API for an attacker to benefit from it. \n\nRed Hat Fuse 7 and Red Hat JBoss Enterprise Application Platform 7 have a lower rate (moderate) as it\u0027s very unlikely to be exploited since those are for internal usage or use a custom implementation in their case.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45047"
},
{
"category": "external",
"summary": "RHBZ#2145194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45047",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45047"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047"
},
{
"category": "external",
"summary": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html",
"url": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html"
}
],
"release_date": "2022-11-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
},
{
"category": "workaround",
"details": "From the maintainer:\n\nFor Apache MINA SSHD \u003c= 2.9.1, do not use org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to generate and later load your server\u0027s host key. Use separately generated host key files, for instance in OpenSSH format, and load them via a org.apache.sshd.common.keyprovider.FileKeyPairProvider instead. Or use a custom implementation instead of \nSimpleGeneratorHostKeyProvider that uses the OpenSSH format for storing and loading the host key (via classes OpenSSHKeyPairResourceWriter and OpenSSHKeyPairResourceParser).",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "mina-sshd: Java unsafe deserialization vulnerability"
},
{
"cve": "CVE-2022-45379",
"cwe": {
"id": "CWE-328",
"name": "Use of Weak Hash"
},
"discovery_date": "2022-11-16T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2143090"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the script-security Jenkins Plugin. SHA-1 no longer meets the security standards for producing a cryptographically secure message digest. The affected version of the script-security Plugin stores whole-script approvals as the SHA-1 hash of the approved script.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin/script-security: Whole-script approval in Script Security Plugin vulnerable to SHA-1 collisions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift 3.11 is already in the ELS support model phase. The Jenkins components are out of scope of the ELS support; hence OpenShift 3.11 Jenkins component is marked in this CVE as out of support scope.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45379"
},
{
"category": "external",
"summary": "RHBZ#2143090",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143090"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45379",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45379"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45379",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45379"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2564",
"url": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2564"
}
],
"release_date": "2022-11-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jenkins-plugin/script-security: Whole-script approval in Script Security Plugin vulnerable to SHA-1 collisions"
},
{
"cve": "CVE-2022-45380",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2022-11-16T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2143086"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the JUnit Jenkins Plugin. The affected version of the JUnit plugin converts HTTP(S) URLs in test report output to clickable links, which leads to a stored Cross-site scripting (XSS) attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin/JUnit: Stored XSS vulnerability in JUnit Plugin",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift 3.11 is already in the ELS support model phase. The Jenkins components are out of scope of the ELS support; hence OpenShift 3.11 Jenkins component is marked in this CVE as Out of Support Scope.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45380"
},
{
"category": "external",
"summary": "RHBZ#2143086",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143086"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45380",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45380"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45380",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45380"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2888",
"url": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2888"
}
],
"release_date": "2022-11-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jenkins-plugin/JUnit: Stored XSS vulnerability in JUnit Plugin"
},
{
"cve": "CVE-2022-45381",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2022-11-16T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2143089"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Pipeline Utility Steps Jenkins Plugin. The affected version of the Pipeline Utility Steps Plugin does not restrict the set of enabled prefix interpolators and bundles versions of this library that enable the file: prefix interpolator by default. This flaw allows attackers who can configure Pipelines to read arbitrary files from the Jenkins controller file system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin/pipeline-utility-steps: Arbitrary file read vulnerability in Pipeline Utility Steps Plugin",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift 3.11 is already in the ELS support model phase. The Jenkins components are out of scope of the ELS support; hence the OpenShift 3.11 Jenkins component is marked in this CVE as out of support scope.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45381"
},
{
"category": "external",
"summary": "RHBZ#2143089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143089"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45381",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45381"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45381",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45381"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2949",
"url": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2949"
}
],
"release_date": "2022-11-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jenkins-plugin/pipeline-utility-steps: Arbitrary file read vulnerability in Pipeline Utility Steps Plugin"
}
]
}
RHSA-2023_7697
Vulnerability from csaf_redhat - Published: 2023-12-07 13:41 - Updated: 2024-12-17 23:02Summary
Red Hat Security Advisory: AMQ Clients 2023.Q4
Severity
Moderate
Notes
Topic: An update is now available for Red Hat AMQ Clients
Red Hat Product Security has rated this update as having an impact of
Moderate.
A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed
severity rating, is available for each vulnerability from the CVE link(s) in the
References section.
Details: Each Red Hat AMQ Client enables sending, and receiving messages to or from AMQ Broker 7.
This update provides various bug fixes and enhancements in addition to the
client package versions previously released on Red Hat Enterprise Linux 8
and 9.
Security Fix(es):
* (CVE-2023-34050) springframework-amqp: Deserialization Vulnerability
* (CVE-2023-34462) netty: SniHandler 16MB allocation leads to OOM
* (CVE-2023-40167) jetty: Improper validation of HTTP/1 content-length
* (CVE-2022-1471) SnakeYaml: Constructor Deserialization Remote Code Execution
* (CVE-2022-25857) snakeyaml: Denial of Service due to missing nested depth limitation for collections
* (CVE-2022-38749) snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode
* (CVE-2022-41854) dev-java/snakeyaml: DoS via stack overflow
* (CVE-2023-1370) json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the SnakeYaml package. This flaw allows an attacker to benefit from remote code execution by sending malicious YAML content and this content being deserialized by the constructor. Deserialization is unsafe and leads to Remote Code Execution (RCE).
9.8 (Critical)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:7697
A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:7697
A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash, resulting in a denial of service.
6.5 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:7697
Those using Snakeyaml to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack overflow. This effect may support a denial of service attack.
6.5 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:7697
A flaw was found in the json-smart package. This security flaw occurs when reaching a ‘[‘ or ‘{‘ character in the JSON input, and the code parses an array or an object, respectively. The 3PP does not have any limit to the nesting of such arrays or objects. Since nested arrays and objects are parsed recursively, nesting too many of them can cause stack exhaustion (stack overflow) and crash the software.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:7697
A flaw was found in Spring Framework AMQP. An allowed list exists in Spring AMQP, but when no allowed list is provided, all classes could be deserialized, allowing a malicious user to send harmful content to the broker.
4.3 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:7697
Workaround
An application may be vulnerable if:
- The SimpleMessageConverter or SerializerMessageConverter is used
- The user does not configure allowed list patterns
- Untrusted message originators gain permissions to write messages to the RabbitMQ broker to send malicious content
Make sure these are avoided in order to mitigate the issue.
A flaw was found in Netty's SniHandler while navigating TLS handshake which may permit a large heap allocation if the handler did not have a timeout configured. This issue may allow an attacker to send a client hello packet which would cause the server to buffer large amounts of data per connection, potentially causing an out of memory error, resulting in Denial of Service.
6.5 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:7697
Workaround
Configuration of SniHandler with an idle timeout will mitigate this issue.
A flaw was found in Jetty that permits a plus sign (+) preceding the content-length value in a HTTP/1 header field, which is non-standard and more permissive than RFC. This issue could allow an attacker to request smuggling in conjunction with a server that does not close connections after 400 responses.
5.3 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:7697
References
| URL | Category | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat AMQ Clients\n\nRed Hat Product Security has rated this update as having an impact of\nModerate.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed\nseverity rating, is available for each vulnerability from the CVE link(s) in the\nReferences section.",
"title": "Topic"
},
{
"category": "general",
"text": "Each Red Hat AMQ Client enables sending, and receiving messages to or from AMQ Broker 7.\n\nThis update provides various bug fixes and enhancements in addition to the\nclient package versions previously released on Red Hat Enterprise Linux 8\nand 9.\n\nSecurity Fix(es):\n\n* (CVE-2023-34050) springframework-amqp: Deserialization Vulnerability\n* (CVE-2023-34462) netty: SniHandler 16MB allocation leads to OOM\n* (CVE-2023-40167) jetty: Improper validation of HTTP/1 content-length\n* (CVE-2022-1471) SnakeYaml: Constructor Deserialization Remote Code Execution\n* (CVE-2022-25857) snakeyaml: Denial of Service due to missing nested depth limitation for collections\n* (CVE-2022-38749) snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode\n* (CVE-2022-41854) dev-java/snakeyaml: DoS via stack overflow\n* (CVE-2023-1370) json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:7697",
"url": "https://access.redhat.com/errata/RHSA-2023:7697"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=jboss.amq.clients\u0026version=2023.Q4",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=jboss.amq.clients\u0026version=2023.Q4"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_amq_clients/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_amq_clients/"
},
{
"category": "external",
"summary": "2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "2129706",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129706"
},
{
"category": "external",
"summary": "2150009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150009"
},
{
"category": "external",
"summary": "2151988",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2151988"
},
{
"category": "external",
"summary": "2188542",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2188542"
},
{
"category": "external",
"summary": "2216888",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2216888"
},
{
"category": "external",
"summary": "2239634",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239634"
},
{
"category": "external",
"summary": "2246065",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2246065"
},
{
"category": "external",
"summary": "ENTMQCL-1291",
"url": "https://issues.redhat.com/browse/ENTMQCL-1291"
},
{
"category": "external",
"summary": "ENTMQCL-1517",
"url": "https://issues.redhat.com/browse/ENTMQCL-1517"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_7697.json"
}
],
"title": "Red Hat Security Advisory: AMQ Clients 2023.Q4",
"tracking": {
"current_release_date": "2024-12-17T23:02:29+00:00",
"generator": {
"date": "2024-12-17T23:02:29+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2023:7697",
"initial_release_date": "2023-12-07T13:41:55+00:00",
"revision_history": [
{
"date": "2023-12-07T13:41:55+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-12-07T13:41:55+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-17T23:02:29+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "AMQ Clients",
"product": {
"name": "AMQ Clients",
"product_id": "AMQ Clients",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:amq_clients:2023_q4"
}
}
}
],
"category": "product_family",
"name": "Red Hat AMQ Clients"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-1471",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-12-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2150009"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the SnakeYaml package. This flaw allows an attacker to benefit from remote code execution by sending malicious YAML content and this content being deserialized by the constructor. Deserialization is unsafe and leads to Remote Code Execution (RCE).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "SnakeYaml: Constructor Deserialization Remote Code Execution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In the Red Hat Process Automation 7 (RHPAM) the untrusted, malicious YAML file for deserialization by the vulnerable Snakeyaml\u0027s SafeConstructor class must be provided intentionally by the RHPAM user which requires high privileges. The potential attack complexity is also high because it depends on conditions that are beyond the attacker\u0027s control. Due to that the impact for RHPAM is reduced to Low.\n\nRed Hat Fuse 7 does not expose by default any endpoint that passes incoming data/request into vulnerable Snakeyaml\u0027s Constructor class nor pass untrusted data to this class. When this class is used, it\u2019s still only used to parse internal configuration, hence the impact by this vulnerability to Red Hat Fuse 7 is reduced to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AMQ Clients"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-1471"
},
{
"category": "external",
"summary": "RHBZ#2150009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-1471",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1471"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1471",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1471"
},
{
"category": "external",
"summary": "https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2",
"url": "https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2"
}
],
"release_date": "2022-10-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-12-07T13:41:55+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AMQ Clients"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7697"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AMQ Clients"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "SnakeYaml: Constructor Deserialization Remote Code Execution"
},
{
"cve": "CVE-2022-25857",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-09-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2126789"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Denial of Service due to missing nested depth limitation for collections",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For RHEL-8 it\u0027s downgraded to moderate because \"snakeyaml\" itself in RHEL 8 or RHEL-9 isn\u0027t shipped and \"prometheus-jmx-exporter\" is needed as build dependency. And it\u0027s not directly exploitable, hence severity marked as moderate.\nRed Hat Integration and AMQ products are not vulnerable to this flaw, so their severity has been lowered to moderate.\nRed Hat Single Sign-On uses snakeyaml from liquibase-core and is only used when performing migrations and would require administrator privileges to execute, hence severity marked as Low.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be present soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AMQ Clients"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25857"
},
{
"category": "external",
"summary": "RHBZ#2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25857",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25857"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857"
},
{
"category": "external",
"summary": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525",
"url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525"
}
],
"release_date": "2022-08-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-12-07T13:41:55+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AMQ Clients"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7697"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AMQ Clients"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "snakeyaml: Denial of Service due to missing nested depth limitation for collections"
},
{
"cve": "CVE-2022-38749",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129706"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AMQ Clients"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38749"
},
{
"category": "external",
"summary": "RHBZ#2129706",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129706"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38749",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38749"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38749",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38749"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-12-07T13:41:55+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AMQ Clients"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7697"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AMQ Clients"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode"
},
{
"cve": "CVE-2022-41854",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-12-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2151988"
}
],
"notes": [
{
"category": "description",
"text": "Those using Snakeyaml to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack overflow. This effect may support a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "dev-java/snakeyaml: DoS via stack overflow",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AMQ Clients"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41854"
},
{
"category": "external",
"summary": "RHBZ#2151988",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2151988"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41854",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41854"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41854",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41854"
},
{
"category": "external",
"summary": "https://bitbucket.org/snakeyaml/snakeyaml/issues/543/stackoverflow-oss-fuzz-50355",
"url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/543/stackoverflow-oss-fuzz-50355"
},
{
"category": "external",
"summary": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50355",
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50355"
}
],
"release_date": "2022-11-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-12-07T13:41:55+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AMQ Clients"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7697"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AMQ Clients"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "dev-java/snakeyaml: DoS via stack overflow"
},
{
"cve": "CVE-2023-1370",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2023-04-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2188542"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the json-smart package. This security flaw occurs when reaching a \u2018[\u2018 or \u2018{\u2018 character in the JSON input, and the code parses an array or an object, respectively. The 3PP does not have any limit to the nesting of such arrays or objects. Since nested arrays and objects are parsed recursively, nesting too many of them can cause stack exhaustion (stack overflow) and crash the software.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AMQ Clients"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-1370"
},
{
"category": "external",
"summary": "RHBZ#2188542",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2188542"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-1370",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1370"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-1370",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1370"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-493p-pfq6-5258",
"url": "https://github.com/advisories/GHSA-493p-pfq6-5258"
},
{
"category": "external",
"summary": "https://research.jfrog.com/vulnerabilities/stack-exhaustion-in-json-smart-leads-to-denial-of-service-when-parsing-malformed-json-xray-427633/",
"url": "https://research.jfrog.com/vulnerabilities/stack-exhaustion-in-json-smart-leads-to-denial-of-service-when-parsing-malformed-json-xray-427633/"
}
],
"release_date": "2023-03-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-12-07T13:41:55+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AMQ Clients"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7697"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AMQ Clients"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion)"
},
{
"cve": "CVE-2023-34050",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2023-10-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2246065"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Spring Framework AMQP. An allowed list exists in Spring AMQP, but when no allowed list is provided, all classes could be deserialized, allowing a malicious user to send harmful content to the broker.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "springframework-amqp: Deserialization Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw requires previous knowledge and access to the messages in order to get them deserialized and possibly leak information. It also requires missing server side configurations to prevent unwanted behavior. Therefore, this is rated as a Moderate impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AMQ Clients"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-34050"
},
{
"category": "external",
"summary": "RHBZ#2246065",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2246065"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-34050",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34050"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-34050",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-34050"
},
{
"category": "external",
"summary": "https://spring.io/security/cve-2023-34050",
"url": "https://spring.io/security/cve-2023-34050"
}
],
"release_date": "2023-10-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-12-07T13:41:55+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AMQ Clients"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7697"
},
{
"category": "workaround",
"details": "An application may be vulnerable if:\n- The SimpleMessageConverter or SerializerMessageConverter is used \n- The user does not configure allowed list patterns \n- Untrusted message originators gain permissions to write messages to the RabbitMQ broker to send malicious content\n\nMake sure these are avoided in order to mitigate the issue.",
"product_ids": [
"AMQ Clients"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"AMQ Clients"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "springframework-amqp: Deserialization Vulnerability"
},
{
"cve": "CVE-2023-34462",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2023-06-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2216888"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty\u0027s SniHandler while navigating TLS handshake which may permit a large heap allocation if the handler did not have a timeout configured. This issue may allow an attacker to send a client hello packet which would cause the server to buffer large amounts of data per connection, potentially causing an out of memory error, resulting in Denial of Service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty: SniHandler 16MB allocation leads to OOM",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AMQ Clients"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-34462"
},
{
"category": "external",
"summary": "RHBZ#2216888",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2216888"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-34462",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34462"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-34462",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-34462"
}
],
"release_date": "2023-06-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-12-07T13:41:55+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AMQ Clients"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7697"
},
{
"category": "workaround",
"details": "Configuration of SniHandler with an idle timeout will mitigate this issue.",
"product_ids": [
"AMQ Clients"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AMQ Clients"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "netty: SniHandler 16MB allocation leads to OOM"
},
{
"cve": "CVE-2023-40167",
"cwe": {
"id": "CWE-130",
"name": "Improper Handling of Length Parameter Inconsistency"
},
"discovery_date": "2023-09-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2239634"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jetty that permits a plus sign (+) preceding the content-length value in a HTTP/1 header field, which is non-standard and more permissive than RFC. This issue could allow an attacker to request smuggling in conjunction with a server that does not close connections after 400 responses.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jetty: Improper validation of HTTP/1 content-length",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AMQ Clients"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-40167"
},
{
"category": "external",
"summary": "RHBZ#2239634",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239634"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-40167",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40167"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-40167",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-40167"
},
{
"category": "external",
"summary": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-hmr7-m48g-48f6",
"url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-hmr7-m48g-48f6"
},
{
"category": "external",
"summary": "https://www.rfc-editor.org/rfc/rfc9110#section-8.6",
"url": "https://www.rfc-editor.org/rfc/rfc9110#section-8.6"
}
],
"release_date": "2023-09-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-12-07T13:41:55+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AMQ Clients"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7697"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"AMQ Clients"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jetty: Improper validation of HTTP/1 content-length"
}
]
}
RHSA-2022:6941
Vulnerability from csaf_redhat - Published: 2022-10-13 11:14 - Updated: 2026-04-01 18:38Summary
Red Hat Security Advisory: Red Hat build of Quarkus Platform 2.7.6.SP1 and security update
Severity
Important
Notes
Topic: An update is now available for the Red Hat build of Quarkus Platform.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. For more information, see the CVE links in the References section.
Details: This release of Red Hat build of Quarkus 2.7.6.SP1 (Service Pack 1) includes security updates, bug fixes, and enhancements. For more information, see the release notes page listed in the References section.
Security Fix(es):
* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.
7.5 (High)
Vendor Fix
Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.
The References section of this erratum contains a download link for the update. You must be logged in to download the update.
https://access.redhat.com/errata/RHSA-2022:6941
References
| URL | Category | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for the Red Hat build of Quarkus Platform.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. For more information, see the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This release of Red Hat build of Quarkus 2.7.6.SP1 (Service Pack 1) includes security updates, bug fixes, and enhancements. For more information, see the release notes page listed in the References section.\n\nSecurity Fix(es):\n\n* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:6941",
"url": "https://access.redhat.com/errata/RHSA-2022:6941"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/articles/4966181",
"url": "https://access.redhat.com/articles/4966181"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=redhat.quarkus\u0026version=2.7.6.SP1",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=redhat.quarkus\u0026version=2.7.6.SP1"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_build_of_quarkus/2.7",
"url": "https://access.redhat.com/documentation/en-us/red_hat_build_of_quarkus/2.7"
},
{
"category": "external",
"summary": "2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_6941.json"
}
],
"title": "Red Hat Security Advisory: Red Hat build of Quarkus Platform 2.7.6.SP1 and security update",
"tracking": {
"current_release_date": "2026-04-01T18:38:34+00:00",
"generator": {
"date": "2026-04-01T18:38:34+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.4"
}
},
"id": "RHSA-2022:6941",
"initial_release_date": "2022-10-13T11:14:22+00:00",
"revision_history": [
{
"date": "2022-10-13T11:14:22+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-10-13T11:14:22+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-01T18:38:34+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat build of Quarkus Platform 2.7.6.SP1",
"product": {
"name": "Red Hat build of Quarkus Platform 2.7.6.SP1",
"product_id": "Red Hat build of Quarkus Platform 2.7.6.SP1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_application_runtimes:1.0"
}
}
}
],
"category": "product_family",
"name": "Red Hat build of Quarkus"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-25857",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-09-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2126789"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Denial of Service due to missing nested depth limitation for collections",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For RHEL-8 it\u0027s downgraded to moderate because \"snakeyaml\" itself in RHEL 8 or RHEL-9 isn\u0027t shipped and \"prometheus-jmx-exporter\" is needed as build dependency. And it\u0027s not directly exploitable, hence severity marked as moderate.\nRed Hat Integration and AMQ products are not vulnerable to this flaw, so their severity has been lowered to moderate.\nRed Hat Single Sign-On uses snakeyaml from liquibase-core and is only used when performing migrations and would require administrator privileges to execute, hence severity marked as Low.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be present soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus Platform 2.7.6.SP1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25857"
},
{
"category": "external",
"summary": "RHBZ#2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25857",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25857"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857"
},
{
"category": "external",
"summary": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525",
"url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525"
}
],
"release_date": "2022-08-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-13T11:14:22+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Red Hat build of Quarkus Platform 2.7.6.SP1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6941"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus Platform 2.7.6.SP1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "snakeyaml: Denial of Service due to missing nested depth limitation for collections"
}
]
}
RHSA-2022_6835
Vulnerability from csaf_redhat - Published: 2022-10-06 12:26 - Updated: 2024-12-18 00:37Summary
Red Hat Security Advisory: Service Registry (container images) release and security update [2.3.0.GA]
Severity
Important
Notes
Topic: An update to the images for Red Hat Integration Service Registry is now available from the Red Hat Container Catalog. The purpose of this text-only errata is to inform you about the security issues fixed in this release.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: This release of Red Hat Integration - Service registry 2.3.0.GA serves as a replacement for 2.0.3.GA, and includes the below security fixes.
Security Fix(es):
* cron-utils: template Injection leading to unauthenticated Remote Code Execution (CVE-2021-41269)
* prismjs: improperly escaped output allows a XSS (CVE-2022-23647)
* snakeyaml: Denial of Service due missing to nested depth limitation for collections (CVE-2022-25857)
* moment: inefficient parsing algorithm resulting in DoS (CVE-2022-31129)
* moment: inefficient parsing algorithm resulting in DoS (CVE-2022-31129)
* protobuf-java: potential DoS in the parsing procedure for binary data (CVE-2021-22569)
* quarkus: privilege escalation vulnerability with RestEasy Reactive scope leakage in Quarkus (CVE-2022-0981)
* quarkus-jdbc-postgresql-deployment: jdbc-postgresql: Unchecked Class Instantiation when providing Plugin Classes (CVE-2022-21724)
* netty-codec: SnappyFrameDecoder doesn't restrict chunk length and may buffer skippable chunks in an unnecessary way (CVE-2021-37137)
* netty-codec: Bzip2Decoder doesn't allow setting size restrictions for decompressed data (CVE-2021-37136)
* node-fetch: exposure of sensitive information to an unauthorized actor (CVE-2022-0235)
* follow-redirects: Exposure of Sensitive Information via Authorization Header leak (CVE-2022-0536)
* jdbc-postgresql: postgresql-jdbc: Arbitrary File Write Vulnerability (CVE-2022-26520)
* node-forge: Signature verification leniency in checking `digestAlgorithm` structure can lead to signature forgery (CVE-2022-24771)
* node-forge: Signature verification failing to check tailing garbage bytes can lead to signature forgery (CVE-2022-24772)
* node-forge: Signature verification leniency in checking `DigestInfo` structure (CVE-2022-24773)
* com.google.code.gson-gson: Deserialization of Untrusted Data in com.google.code.gson-gson (CVE-2022-25647)
* terser: insecure use of regular expressions leads to ReDoS (CVE-2022-25858)
* graphql-java: DoS by malicious query (CVE-2022-37734)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in protobuf-java. Google Protocol Buffer (protobuf-java) allows the interleaving of com.google.protobuf.UnknownFieldSet fields. By persuading a victim to open specially-crafted content, a remote attacker could cause a timeout in the ProtobufFuzzer function, resulting in a denial of service.
5.5 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2022:6835
A flaw was found in Netty's netty-codec due to size restrictions for decompressed data in the Bzip2Decoder. By sending a specially-crafted input, a remote attacker could cause a denial of service.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2022:6835
A flaw was found in the Netty's netty-codec due to unrestricted chunk lengths in the SnappyFrameDecoder. By sending a specially-crafted input, a remote attacker could cause excessive memory usage resulting in a denial of service.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2022:6835
A flaw was found in cron-utils. This flaw allows an attacker to perform unauthenticated Remote Code Execution (RCE) via Java Expression Language (EL) injection.
9.8 (Critical)
Vendor Fix
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2022:6835
A flaw was found in node-fetch. When following a redirect to a third-party domain, node-fetch was forwarding sensitive headers such as "Authorization," "WWW-Authenticate," and "Cookie" to potentially untrusted targets. This flaw leads to the exposure of sensitive information to an unauthorized actor.
6.1 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2022:6835
A flaw was found in the follow-redirects package. This flaw allows the exposure of sensitive information to an unauthorized actor due to the usage of insecure HTTP protocol. This issue happens with an Authorization header leak from the same hostname, https-http, and requires a Man-in-the-Middle (MITM) attack.
5.9 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2022:6835
A flaw was found in Quarkus. The state and potentially associated permissions can leak from one web request to another in RestEasy Reactive. This flaw allows a low-privileged user to perform operations on the database with a different set of privileges than intended.
7.6 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2022:6835
pgjdbc is the offical PostgreSQL JDBC Driver. A security hole was found in the jdbc driver for postgresql database while doing security research. The system using the postgresql library will be attacked when attacker control the jdbc url or properties. pgjdbc instantiates plugin instances based on class names provided via `authenticationPluginClassName`, `sslhostnameverifier`, `socketFactory`, `sslfactory`, `sslpasswordcallback` connection properties. However, the driver did not verify if the class implements the expected interface before instantiating the class. This can lead to code execution loaded via arbitrary classes. Users using plugins are advised to upgrade. There are no known workarounds for this issue.
7.0 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2022:6835
A Cross-site scripting attack was found in Prism. The command-line plugin did not properly escape its output. This issue leads to the input text being inserted into the Document Object Model (DOM) as HTML code, which can be exploited by an attacker.
6.1 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2022:6835
A flaw was found in the node-forge package. This signature verification leniency allows an attacker to forge a signature.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2022:6835
A flaw was found in the node-forge package. This signature verification leniency allows an attacker to forge a signature.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2022:6835
A flaw was found in the node-forge library when verifying the signature on the ASN.1 structure in RSA PKCS#1 v1.5. This flaw allows an attacker to obtain successful verification for invalid DigestInfo structure, affecting the integrity of the attacked resource.
5.3 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2022:6835
A flaw was found in gson, which is vulnerable to Deserialization of Untrusted Data via the writeReplace() method in internal classes. This issue may lead to availability attacks.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2022:6835
A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2022:6835
A vulnerability was found in the terser package. Affected versions of this package are vulnerable to Regular expression denial of service (ReDoS) attacks, affecting system availability.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2022:6835
A flaw was found in Postgres JDBC. This flaw allows an attacker to use a method to write arbitrary files through the connection properties settings. For example, an attacker can create an executable file under the server the application is running and make it a new part of the application or server.
9.8 (Critical)
Vendor Fix
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2022:6835
A flaw was found in the Moment.js package. Users who pass user-provided strings without sanity length checks to the moment constructor are vulnerable to regular expression denial of service (ReDoS) attacks.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2022:6835
A flaw was found in GraphQL Java. This flaw allows an attacker to use a malicious query in GraphQL to cause a denial of service due to inefficient lexer input validation.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2022:6835
References
| URL | Category | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Acknowledgments
Red Hat
Sanne Grinovero
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update to the images for Red Hat Integration Service Registry is now available from the Red Hat Container Catalog. The purpose of this text-only errata is to inform you about the security issues fixed in this release.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This release of Red Hat Integration - Service registry 2.3.0.GA serves as a replacement for 2.0.3.GA, and includes the below security fixes.\n\nSecurity Fix(es):\n\n* cron-utils: template Injection leading to unauthenticated Remote Code Execution (CVE-2021-41269)\n\n* prismjs: improperly escaped output allows a XSS (CVE-2022-23647)\n\n* snakeyaml: Denial of Service due missing to nested depth limitation for collections (CVE-2022-25857)\n\n* moment: inefficient parsing algorithm resulting in DoS (CVE-2022-31129)\n\n* moment: inefficient parsing algorithm resulting in DoS (CVE-2022-31129)\n\n* protobuf-java: potential DoS in the parsing procedure for binary data (CVE-2021-22569)\n\n* quarkus: privilege escalation vulnerability with RestEasy Reactive scope leakage in Quarkus (CVE-2022-0981)\n\n* quarkus-jdbc-postgresql-deployment: jdbc-postgresql: Unchecked Class Instantiation when providing Plugin Classes (CVE-2022-21724)\n\n* netty-codec: SnappyFrameDecoder doesn\u0027t restrict chunk length and may buffer skippable chunks in an unnecessary way (CVE-2021-37137)\n\n* netty-codec: Bzip2Decoder doesn\u0027t allow setting size restrictions for decompressed data (CVE-2021-37136)\n\n* node-fetch: exposure of sensitive information to an unauthorized actor (CVE-2022-0235)\n\n* follow-redirects: Exposure of Sensitive Information via Authorization Header leak (CVE-2022-0536)\n\n* jdbc-postgresql: postgresql-jdbc: Arbitrary File Write Vulnerability (CVE-2022-26520)\n\n* node-forge: Signature verification leniency in checking `digestAlgorithm` structure can lead to signature forgery (CVE-2022-24771)\n\n* node-forge: Signature verification failing to check tailing garbage bytes can lead to signature forgery (CVE-2022-24772)\n\n* node-forge: Signature verification leniency in checking `DigestInfo` structure (CVE-2022-24773)\n\n* com.google.code.gson-gson: Deserialization of Untrusted Data in com.google.code.gson-gson (CVE-2022-25647)\n\n* terser: insecure use of regular expressions leads to ReDoS (CVE-2022-25858)\n\n* graphql-java: DoS by malicious query (CVE-2022-37734)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:6835",
"url": "https://access.redhat.com/errata/RHSA-2022:6835"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2004133",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2004133"
},
{
"category": "external",
"summary": "2004135",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2004135"
},
{
"category": "external",
"summary": "2024632",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2024632"
},
{
"category": "external",
"summary": "2039903",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039903"
},
{
"category": "external",
"summary": "2044591",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044591"
},
{
"category": "external",
"summary": "2050863",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2050863"
},
{
"category": "external",
"summary": "2053259",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2053259"
},
{
"category": "external",
"summary": "2056643",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2056643"
},
{
"category": "external",
"summary": "2062520",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2062520"
},
{
"category": "external",
"summary": "2064007",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064007"
},
{
"category": "external",
"summary": "2067387",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2067387"
},
{
"category": "external",
"summary": "2067458",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2067458"
},
{
"category": "external",
"summary": "2067461",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2067461"
},
{
"category": "external",
"summary": "2080850",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2080850"
},
{
"category": "external",
"summary": "2105075",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105075"
},
{
"category": "external",
"summary": "2126277",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126277"
},
{
"category": "external",
"summary": "2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "2126809",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126809"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_6835.json"
}
],
"title": "Red Hat Security Advisory: Service Registry (container images) release and security update [2.3.0.GA]",
"tracking": {
"current_release_date": "2024-12-18T00:37:04+00:00",
"generator": {
"date": "2024-12-18T00:37:04+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2022:6835",
"initial_release_date": "2022-10-06T12:26:20+00:00",
"revision_history": [
{
"date": "2022-10-06T12:26:20+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-10-06T12:26:20+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-18T00:37:04+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHINT Service Registry 2.3.0 GA",
"product": {
"name": "RHINT Service Registry 2.3.0 GA",
"product_id": "RHINT Service Registry 2.3.0 GA",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:service_registry:2.3"
}
}
}
],
"category": "product_family",
"name": "Red Hat Integration"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-22569",
"cwe": {
"id": "CWE-696",
"name": "Incorrect Behavior Order"
},
"discovery_date": "2022-01-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2039903"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in protobuf-java. Google Protocol Buffer (protobuf-java) allows the interleaving of com.google.protobuf.UnknownFieldSet fields. By persuading a victim to open specially-crafted content, a remote attacker could cause a timeout in the ProtobufFuzzer function, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "protobuf-java: potential DoS in the parsing procedure for binary data",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Service Registry 2.3.0 GA"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-22569"
},
{
"category": "external",
"summary": "RHBZ#2039903",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039903"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-22569",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22569"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-22569",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22569"
},
{
"category": "external",
"summary": "https://github.com/protocolbuffers/protobuf/commit/b3093dce58bc9d3042f085666d83c8ef1f51fe7b",
"url": "https://github.com/protocolbuffers/protobuf/commit/b3093dce58bc9d3042f085666d83c8ef1f51fe7b"
},
{
"category": "external",
"summary": "https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-wrvw-hg22-4m67",
"url": "https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-wrvw-hg22-4m67"
}
],
"release_date": "2022-01-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-06T12:26:20+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Service Registry 2.3.0 GA"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6835"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Service Registry 2.3.0 GA"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "protobuf-java: potential DoS in the parsing procedure for binary data"
},
{
"cve": "CVE-2021-37136",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-09-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2004133"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty\u0027s netty-codec due to size restrictions for decompressed data in the Bzip2Decoder. By sending a specially-crafted input, a remote attacker could cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-codec: Bzip2Decoder doesn\u0027t allow setting size restrictions for decompressed data",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In the OpenShift Container Platform (OCP), the Hive/Presto/Hadoop components that comprise the OCP Metering stack ship the vulnerable version of netty-codec package. Since the release of OCP 4.6, the Metering product has been deprecated [1], so the affected components are marked as wontfix. This may be fixed in the future.\n\nStarting in OCP 4.7, the elasticsearch component is shipping as a part of the OpenShift Logging product (openshift-logging/elasticsearch6-rhel8). The elasticsearch component delivered in OCP 4.6 is marked as `Out of support scope` because these versions are already under Maintenance Phase of the support.\n\n[1] https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html#ocp-4-6-metering-operator-deprecated",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Service Registry 2.3.0 GA"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-37136"
},
{
"category": "external",
"summary": "RHBZ#2004133",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2004133"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-37136",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37136"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-37136",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37136"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-grg4-wf29-r9vv",
"url": "https://github.com/netty/netty/security/advisories/GHSA-grg4-wf29-r9vv"
}
],
"release_date": "2021-09-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-06T12:26:20+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Service Registry 2.3.0 GA"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6835"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Service Registry 2.3.0 GA"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "netty-codec: Bzip2Decoder doesn\u0027t allow setting size restrictions for decompressed data"
},
{
"cve": "CVE-2021-37137",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-09-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2004135"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Netty\u0027s netty-codec due to unrestricted chunk lengths in the SnappyFrameDecoder. By sending a specially-crafted input, a remote attacker could cause excessive memory usage resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-codec: SnappyFrameDecoder doesn\u0027t restrict chunk length and may buffer skippable chunks in an unnecessary way",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In OpenShift Container Platform (OCP), the Hive/Presto/Hadoop components that comprise the OCP Metering stack, ship the vulnerable version of netty-codec package.\nSince the release of OCP 4.6, the Metering product has been deprecated [1], hence the affected components are marked as wontfix.\nThis may be fixed in the future.\n\nStarting in OCP 4.7, the elasticsearch component is shipping as a part of the OpenShift Logging product (openshift-logging/elasticsearch6-rhel8). The elasticsearch component delivered in OCP 4.6 is marked as `Out of support scope` because these versions are already under Maintenance Phase of the support.\n\n[1] https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html#ocp-4-6-metering-operator-deprecated",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Service Registry 2.3.0 GA"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-37137"
},
{
"category": "external",
"summary": "RHBZ#2004135",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2004135"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-37137",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37137"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-37137",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37137"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-grg4-wf29-r9vv",
"url": "https://github.com/netty/netty/security/advisories/GHSA-grg4-wf29-r9vv"
}
],
"release_date": "2021-09-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-06T12:26:20+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Service Registry 2.3.0 GA"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6835"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Service Registry 2.3.0 GA"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "netty-codec: SnappyFrameDecoder doesn\u0027t restrict chunk length and may buffer skippable chunks in an unnecessary way"
},
{
"cve": "CVE-2021-41269",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2021-11-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2024632"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in cron-utils. This flaw allows an attacker to perform unauthenticated Remote Code Execution (RCE) via Java Expression Language (EL) injection.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cron-utils: template Injection leading to unauthenticated Remote Code Execution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Only projects using the @Cron annotation to validate untrusted Cron expressions are affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Service Registry 2.3.0 GA"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-41269"
},
{
"category": "external",
"summary": "RHBZ#2024632",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2024632"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-41269",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41269"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-41269",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41269"
}
],
"release_date": "2021-11-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-06T12:26:20+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Service Registry 2.3.0 GA"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6835"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"RHINT Service Registry 2.3.0 GA"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "cron-utils: template Injection leading to unauthenticated Remote Code Execution"
},
{
"cve": "CVE-2022-0235",
"cwe": {
"id": "CWE-601",
"name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
},
"discovery_date": "2022-01-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2044591"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in node-fetch. When following a redirect to a third-party domain, node-fetch was forwarding sensitive headers such as \"Authorization,\" \"WWW-Authenticate,\" and \"Cookie\" to potentially untrusted targets. This flaw leads to the exposure of sensitive information to an unauthorized actor.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-fetch: exposure of sensitive information to an unauthorized actor",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is out of support scope for dotnet-5.0. For more information about Dotnet product support scope, please see https://access.redhat.com/support/policy/updates/net-core",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Service Registry 2.3.0 GA"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-0235"
},
{
"category": "external",
"summary": "RHBZ#2044591",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044591"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-0235",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0235"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-0235",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0235"
},
{
"category": "external",
"summary": "https://huntr.dev/bounties/d26ab655-38d6-48b3-be15-f9ad6b6ae6f7/",
"url": "https://huntr.dev/bounties/d26ab655-38d6-48b3-be15-f9ad6b6ae6f7/"
}
],
"release_date": "2022-01-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-06T12:26:20+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Service Registry 2.3.0 GA"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6835"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"RHINT Service Registry 2.3.0 GA"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "node-fetch: exposure of sensitive information to an unauthorized actor"
},
{
"cve": "CVE-2022-0536",
"cwe": {
"id": "CWE-212",
"name": "Improper Removal of Sensitive Information Before Storage or Transfer"
},
"discovery_date": "2022-02-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2053259"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the follow-redirects package. This flaw allows the exposure of sensitive information to an unauthorized actor due to the usage of insecure HTTP protocol. This issue happens with an Authorization header leak from the same hostname, https-http, and requires a Man-in-the-Middle (MITM) attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "follow-redirects: Exposure of Sensitive Information via Authorization Header leak",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Service Registry 2.3.0 GA"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-0536"
},
{
"category": "external",
"summary": "RHBZ#2053259",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2053259"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-0536",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0536"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-0536",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0536"
}
],
"release_date": "2022-02-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-06T12:26:20+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Service Registry 2.3.0 GA"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6835"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"RHINT Service Registry 2.3.0 GA"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "follow-redirects: Exposure of Sensitive Information via Authorization Header leak"
},
{
"acknowledgments": [
{
"names": [
"Sanne Grinovero"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2022-0981",
"cwe": {
"id": "CWE-863",
"name": "Incorrect Authorization"
},
"discovery_date": "2022-02-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2062520"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Quarkus. The state and potentially associated permissions can leak from one web request to another in RestEasy Reactive. This flaw allows a low-privileged user to perform operations on the database with a different set of privileges than intended.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "quarkus: privilege escalation vulnerability with RestEasy Reactive scope leakage in Quarkus",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "CodeReady Studio is no longer supported and therefore this flaw will not be addressed in CodeReady Studio. Please see https://developers.redhat.com/articles/2022/04/18/announcement-red-hat-codeready-studio-reaches-end-life for more information.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Service Registry 2.3.0 GA"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-0981"
},
{
"category": "external",
"summary": "RHBZ#2062520",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2062520"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-0981",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0981"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-0981",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0981"
},
{
"category": "external",
"summary": "https://github.com/quarkusio/quarkus/issues/23269",
"url": "https://github.com/quarkusio/quarkus/issues/23269"
}
],
"release_date": "2022-02-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-06T12:26:20+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Service Registry 2.3.0 GA"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6835"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"RHINT Service Registry 2.3.0 GA"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "quarkus: privilege escalation vulnerability with RestEasy Reactive scope leakage in Quarkus"
},
{
"cve": "CVE-2022-21724",
"cwe": {
"id": "CWE-665",
"name": "Improper Initialization"
},
"discovery_date": "2022-02-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2050863"
}
],
"notes": [
{
"category": "description",
"text": "pgjdbc is the offical PostgreSQL JDBC Driver. A security hole was found in the jdbc driver for postgresql database while doing security research. The system using the postgresql library will be attacked when attacker control the jdbc url or properties. pgjdbc instantiates plugin instances based on class names provided via `authenticationPluginClassName`, `sslhostnameverifier`, `socketFactory`, `sslfactory`, `sslpasswordcallback` connection properties. However, the driver did not verify if the class implements the expected interface before instantiating the class. This can lead to code execution loaded via arbitrary classes. Users using plugins are advised to upgrade. There are no known workarounds for this issue.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jdbc-postgresql: Unchecked Class Instantiation when providing Plugin Classes",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "According to the patch upstream the scoring of this issue has been severely reduced and is no longer considered an RCE. Therefore, the flaw has been rated as having a security impact of Moderate, and is not currently planned to be addressed in future updates of Red Hat Enterprise Linux 6, 7 and 8.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Service Registry 2.3.0 GA"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-21724"
},
{
"category": "external",
"summary": "RHBZ#2050863",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2050863"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-21724",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21724"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-21724",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21724"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-v7wg-cpwc-24m4",
"url": "https://github.com/advisories/GHSA-v7wg-cpwc-24m4"
}
],
"release_date": "2022-02-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-06T12:26:20+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Service Registry 2.3.0 GA"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6835"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"RHINT Service Registry 2.3.0 GA"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jdbc-postgresql: Unchecked Class Instantiation when providing Plugin Classes"
},
{
"cve": "CVE-2022-23647",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2022-02-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2056643"
}
],
"notes": [
{
"category": "description",
"text": "A Cross-site scripting attack was found in Prism. The command-line plugin did not properly escape its output. This issue leads to the input text being inserted into the Document Object Model (DOM) as HTML code, which can be exploited by an attacker.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "prismjs: improperly escaped output allows a XSS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects Prism as shipped with all versions of Red Hat Ceph Storage, Red Hat Migration Toolkit for Virtualization, Red Hat OpenShift Container Platform, Red Hat OpenShift Service Mesh, Red Hat Advanced Cluster Security, and Red Hat Gluster Storage. However, this flaw is not known to be exploitable under any supported scenario, as websites that do not use the Command Line plugin are also not impacted. The above products do not use the Command Line plugin, thus, are marked not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Service Registry 2.3.0 GA"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-23647"
},
{
"category": "external",
"summary": "RHBZ#2056643",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2056643"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-23647",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23647"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23647",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23647"
},
{
"category": "external",
"summary": "https://github.com/PrismJS/prism/security/advisories/GHSA-3949-f494-cm99",
"url": "https://github.com/PrismJS/prism/security/advisories/GHSA-3949-f494-cm99"
}
],
"release_date": "2022-02-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-06T12:26:20+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Service Registry 2.3.0 GA"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6835"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"RHINT Service Registry 2.3.0 GA"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "prismjs: improperly escaped output allows a XSS"
},
{
"cve": "CVE-2022-24771",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"discovery_date": "2022-03-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2067387"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the node-forge package. This signature verification leniency allows an attacker to forge a signature.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: Signature verification leniency in checking `digestAlgorithm` structure can lead to signature forgery",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw affects the DigestAlgorithm structure.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Service Registry 2.3.0 GA"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-24771"
},
{
"category": "external",
"summary": "RHBZ#2067387",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2067387"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-24771",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24771"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24771",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24771"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-cfm4-qjh2-4765",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-cfm4-qjh2-4765"
}
],
"release_date": "2022-03-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-06T12:26:20+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Service Registry 2.3.0 GA"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6835"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"RHINT Service Registry 2.3.0 GA"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "node-forge: Signature verification leniency in checking `digestAlgorithm` structure can lead to signature forgery"
},
{
"cve": "CVE-2022-24772",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"discovery_date": "2022-03-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2067458"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the node-forge package. This signature verification leniency allows an attacker to forge a signature.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: Signature verification failing to check tailing garbage bytes can lead to signature forgery",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw affects the DigestInfo ASN.1 structure.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Service Registry 2.3.0 GA"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-24772"
},
{
"category": "external",
"summary": "RHBZ#2067458",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2067458"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-24772",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24772"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24772",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24772"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-x4jg-mjrx-434g",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-x4jg-mjrx-434g"
}
],
"release_date": "2022-03-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-06T12:26:20+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Service Registry 2.3.0 GA"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6835"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"RHINT Service Registry 2.3.0 GA"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "node-forge: Signature verification failing to check tailing garbage bytes can lead to signature forgery"
},
{
"cve": "CVE-2022-24773",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"discovery_date": "2022-03-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2067461"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the node-forge library when verifying the signature on the ASN.1 structure in RSA PKCS#1 v1.5. This flaw allows an attacker to obtain successful verification for invalid DigestInfo structure, affecting the integrity of the attacked resource.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: Signature verification leniency in checking `DigestInfo` structure",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Service Registry 2.3.0 GA"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-24773"
},
{
"category": "external",
"summary": "RHBZ#2067461",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2067461"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-24773",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24773"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24773",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24773"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-2r2c-g63r-vccr",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-2r2c-g63r-vccr"
}
],
"release_date": "2022-03-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-06T12:26:20+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Service Registry 2.3.0 GA"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6835"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"RHINT Service Registry 2.3.0 GA"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "node-forge: Signature verification leniency in checking `DigestInfo` structure"
},
{
"cve": "CVE-2022-25647",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-05-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2080850"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in gson, which is vulnerable to Deserialization of Untrusted Data via the writeReplace() method in internal classes. This issue may lead to availability attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "com.google.code.gson-gson: Deserialization of Untrusted Data in com.google.code.gson-gson",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Service Registry 2.3.0 GA"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25647"
},
{
"category": "external",
"summary": "RHBZ#2080850",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2080850"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25647",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25647"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25647",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25647"
}
],
"release_date": "2022-05-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-06T12:26:20+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Service Registry 2.3.0 GA"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6835"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Service Registry 2.3.0 GA"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "com.google.code.gson-gson: Deserialization of Untrusted Data in com.google.code.gson-gson"
},
{
"cve": "CVE-2022-25857",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-09-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2126789"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Denial of Service due to missing nested depth limitation for collections",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For RHEL-8 it\u0027s downgraded to moderate because \"snakeyaml\" itself in RHEL 8 or RHEL-9 isn\u0027t shipped and \"prometheus-jmx-exporter\" is needed as build dependency. And it\u0027s not directly exploitable, hence severity marked as moderate.\nRed Hat Integration and AMQ products are not vulnerable to this flaw, so their severity has been lowered to moderate.\nRed Hat Single Sign-On uses snakeyaml from liquibase-core and is only used when performing migrations and would require administrator privileges to execute, hence severity marked as Low.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be present soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Service Registry 2.3.0 GA"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25857"
},
{
"category": "external",
"summary": "RHBZ#2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25857",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25857"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857"
},
{
"category": "external",
"summary": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525",
"url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525"
}
],
"release_date": "2022-08-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-06T12:26:20+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Service Registry 2.3.0 GA"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6835"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Service Registry 2.3.0 GA"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "snakeyaml: Denial of Service due to missing nested depth limitation for collections"
},
{
"cve": "CVE-2022-25858",
"discovery_date": "2022-09-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2126277"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the terser package. Affected versions of this package are vulnerable to Regular expression denial of service (ReDoS) attacks, affecting system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "terser: insecure use of regular expressions leads to ReDoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For OpenShift Do (odo) product terser is shipped only for using in static page generators for upstream, thus this represents no security risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Service Registry 2.3.0 GA"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25858"
},
{
"category": "external",
"summary": "RHBZ#2126277",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126277"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25858",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25858"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25858",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25858"
}
],
"release_date": "2022-07-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-06T12:26:20+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Service Registry 2.3.0 GA"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6835"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Service Registry 2.3.0 GA"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "terser: insecure use of regular expressions leads to ReDoS"
},
{
"cve": "CVE-2022-26520",
"cwe": {
"id": "CWE-552",
"name": "Files or Directories Accessible to External Parties"
},
"discovery_date": "2022-03-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2064007"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Postgres JDBC. This flaw allows an attacker to use a method to write arbitrary files through the connection properties settings. For example, an attacker can create an executable file under the server the application is running and make it a new part of the application or server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "postgresql-jdbc: Arbitrary File Write Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat informs that although there\u0027s a difference from NVD CVSSv3 score there\u0027s a especial occasion in this CVE that maintain it as a moderate. The scenario for an attacker to get a benefit in this situation requires them to have access to modify a configuration file and write a file where it\u0027s needed. This require non-default configuration and also it\u0027s not expected to allow an untrusted user to perform this kind of setting.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Service Registry 2.3.0 GA"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-26520"
},
{
"category": "external",
"summary": "RHBZ#2064007",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064007"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-26520",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26520"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-26520",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-26520"
}
],
"release_date": "2022-02-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-06T12:26:20+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Service Registry 2.3.0 GA"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6835"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"RHINT Service Registry 2.3.0 GA"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "postgresql-jdbc: Arbitrary File Write Vulnerability"
},
{
"cve": "CVE-2022-31129",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-07-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2105075"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Moment.js package. Users who pass user-provided strings without sanity length checks to the moment constructor are vulnerable to regular expression denial of service (ReDoS) attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "moment: inefficient parsing algorithm resulting in DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Fuse provides the affected software but does not use the functionality and as such its impact has been downgraded to Low.\n\nRed Hat Advanced Cluster Management for Kubernetes (RHACM) ships a vulnerable version of the moment library. However, this affected functionality is restricted behind OAuth, reducing the impact to Moderate.\n\nRed Hat Satellite ships a vulnerable version of the moment library. However, this only affects a specific component (qpid-dispatch), reducing the impact to Moderate.\n\nRed Hat Ceph Storage (RHCS) ships a vulnerable version of the moment library, however, it is not directly used and is a transitive dependency from Angular. In addition, the impact would only be to the grafana browser, and not the underlying RHCS system, which reduces the impact to Moderate. \n\nRed Hat OpenShift Service Mesh (OSSM) ships a vulnerable version of the moment library, however, it is not directly used, and as such, the impact has been lowered to Moderate.\n\nRed Hat OpenShift distributed tracing ships a vulnerable version of the moment library, however, it is not directly used, and as such, the impact has been lowered to Moderate.\n\nIn Logging Subsystem for Red Hat OpenShift the vulnerable moment nodejs package is bundled in the ose-logging-kibana6 container as a transitive dependency, hence the direct impact is reduced to Moderate.\n\nIn OpenShift Container Platform 4 the vulnerabile moment package is a third party dependency, hence the direct impact is reduced to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Service Registry 2.3.0 GA"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-31129"
},
{
"category": "external",
"summary": "RHBZ#2105075",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105075"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-31129",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31129"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-31129",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-31129"
},
{
"category": "external",
"summary": "https://github.com/moment/moment/security/advisories/GHSA-wc69-rhjr-hc9g",
"url": "https://github.com/moment/moment/security/advisories/GHSA-wc69-rhjr-hc9g"
}
],
"release_date": "2022-07-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-06T12:26:20+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Service Registry 2.3.0 GA"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6835"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Service Registry 2.3.0 GA"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "moment: inefficient parsing algorithm resulting in DoS"
},
{
"cve": "CVE-2022-37734",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2022-09-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2126809"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GraphQL Java. This flaw allows an attacker to use a malicious query in GraphQL to cause a denial of service due to inefficient lexer input validation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "graphql-java: DoS by malicious query",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Service Registry 2.3.0 GA"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-37734"
},
{
"category": "external",
"summary": "RHBZ#2126809",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126809"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-37734",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37734"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-37734",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-37734"
}
],
"release_date": "2022-09-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-06T12:26:20+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Service Registry 2.3.0 GA"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6835"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Service Registry 2.3.0 GA"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "graphql-java: DoS by malicious query"
}
]
}
RHSA-2022_6822
Vulnerability from csaf_redhat - Published: 2022-10-05 17:03 - Updated: 2024-12-16 16:05Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.7 Security update
Severity
Important
Notes
Topic: A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.7 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.6, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.7 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* undertow: Large AJP request may cause DoS (CVE-2022-2053)
* undertow: potential security issue in flow control over HTTP/2 may lead to DOS. Incomplete fix for CVE-2021-3629 (CVE-2022-1259)
* snakeyaml: Denial of Service due missing to nested depth limitation for collections. (CVE-2022-25857)
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in Undertow. A potential security issue in flow control handling by the browser over HTTP/2 may cause overhead or a denial of service in the server.
7.5 (High)
Vendor Fix
Before applying this update, ensure all previously released errata relevant to your system have been applied. For details about how to apply this update, see: https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2022:6822
A flaw was found in Undertow. AJP requests to the server may allow an attacker to send a malicious request and trigger server errors, resulting in a denial of service.
7.5 (High)
Vendor Fix
Before applying this update, ensure all previously released errata relevant to your system have been applied. For details about how to apply this update, see: https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2022:6822
A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.
7.5 (High)
Vendor Fix
Before applying this update, ensure all previously released errata relevant to your system have been applied. For details about how to apply this update, see: https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2022:6822
References
| URL | Category | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.7 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.6, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.7 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* undertow: Large AJP request may cause DoS (CVE-2022-2053)\n\n* undertow: potential security issue in flow control over HTTP/2 may lead to DOS. Incomplete fix for CVE-2021-3629 (CVE-2022-1259)\n\n* snakeyaml: Denial of Service due missing to nested depth limitation for collections. (CVE-2022-25857)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:6822",
"url": "https://access.redhat.com/errata/RHSA-2022:6822"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/"
},
{
"category": "external",
"summary": "2072339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072339"
},
{
"category": "external",
"summary": "2095862",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095862"
},
{
"category": "external",
"summary": "2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "JBEAP-23619",
"url": "https://issues.redhat.com/browse/JBEAP-23619"
},
{
"category": "external",
"summary": "JBEAP-23687",
"url": "https://issues.redhat.com/browse/JBEAP-23687"
},
{
"category": "external",
"summary": "JBEAP-23738",
"url": "https://issues.redhat.com/browse/JBEAP-23738"
},
{
"category": "external",
"summary": "JBEAP-23741",
"url": "https://issues.redhat.com/browse/JBEAP-23741"
},
{
"category": "external",
"summary": "JBEAP-23753",
"url": "https://issues.redhat.com/browse/JBEAP-23753"
},
{
"category": "external",
"summary": "JBEAP-23772",
"url": "https://issues.redhat.com/browse/JBEAP-23772"
},
{
"category": "external",
"summary": "JBEAP-23794",
"url": "https://issues.redhat.com/browse/JBEAP-23794"
},
{
"category": "external",
"summary": "JBEAP-23802",
"url": "https://issues.redhat.com/browse/JBEAP-23802"
},
{
"category": "external",
"summary": "JBEAP-23803",
"url": "https://issues.redhat.com/browse/JBEAP-23803"
},
{
"category": "external",
"summary": "JBEAP-23805",
"url": "https://issues.redhat.com/browse/JBEAP-23805"
},
{
"category": "external",
"summary": "JBEAP-23816",
"url": "https://issues.redhat.com/browse/JBEAP-23816"
},
{
"category": "external",
"summary": "JBEAP-23818",
"url": "https://issues.redhat.com/browse/JBEAP-23818"
},
{
"category": "external",
"summary": "JBEAP-23869",
"url": "https://issues.redhat.com/browse/JBEAP-23869"
},
{
"category": "external",
"summary": "JBEAP-23881",
"url": "https://issues.redhat.com/browse/JBEAP-23881"
},
{
"category": "external",
"summary": "JBEAP-23912",
"url": "https://issues.redhat.com/browse/JBEAP-23912"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_6822.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.7 Security update",
"tracking": {
"current_release_date": "2024-12-16T16:05:18+00:00",
"generator": {
"date": "2024-12-16T16:05:18+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2022:6822",
"initial_release_date": "2022-10-05T17:03:10+00:00",
"revision_history": [
{
"date": "2022-10-05T17:03:10+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-10-05T17:03:10+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-16T16:05:18+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 7.4 for RHEL 8",
"product": {
"name": "Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.14-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate@5.3.28-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy@3.15.4-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-vfs@3.2.17-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-client-0:1.1.13-1.SP1_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-wildfly-http-client-0:1.1.13-1.SP1_redhat_00001.1.el8eap.src",
"product_id": "eap7-wildfly-http-client-0:1.1.13-1.SP1_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-client@1.1.13-1.SP1_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el8eap.src",
"product_id": "eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-glassfish-jsf@2.3.14-5.SP06_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.3.14-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el8eap.src",
"product": {
"name": "eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el8eap.src",
"product_id": "eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis@2.16.0-10.redhat_00045.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el8eap.src",
"product_id": "eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.2.19-1.SP2_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el8eap.src",
"product_id": "eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.5.3-3.SP2_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.45-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow-jastow@2.0.11-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport-native-epoll@4.1.77-3.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty@4.1.77-3.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-tcnative@2.0.52-3.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el8eap.src",
"product_id": "eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-snakeyaml@1.31.0-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el8eap.src",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el8eap.src",
"product_id": "eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-20.Final_redhat_00019.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el8eap.src",
"product": {
"name": "eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el8eap.src",
"product_id": "eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.7-3.GA_redhat_00003.1.el8eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.14-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-tool-0:1.15.14-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-tool-0:1.15.14-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-wildfly-elytron-tool-0:1.15.14-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron-tool@1.15.14-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate@5.3.28-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-core-0:5.3.28-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-core-0:5.3.28-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hibernate-core-0:5.3.28-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-core@5.3.28-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-entitymanager-0:5.3.28-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-entitymanager-0:5.3.28-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hibernate-entitymanager-0:5.3.28-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-entitymanager@5.3.28-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-envers-0:5.3.28-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-envers-0:5.3.28-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hibernate-envers-0:5.3.28-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-envers@5.3.28-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-java8-0:5.3.28-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-java8-0:5.3.28-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hibernate-java8-0:5.3.28-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-java8@5.3.28-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy@3.15.4-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-atom-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-resteasy-atom-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-resteasy-atom-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-atom-provider@3.15.4-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-cdi-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-resteasy-cdi-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-resteasy-cdi-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-cdi@3.15.4-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-client-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-resteasy-client-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-resteasy-client-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-client@3.15.4-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-crypto-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-resteasy-crypto-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-resteasy-crypto-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-crypto@3.15.4-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jackson-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-resteasy-jackson-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-resteasy-jackson-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jackson-provider@3.15.4-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jackson2-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-resteasy-jackson2-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-resteasy-jackson2-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jackson2-provider@3.15.4-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jaxb-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-resteasy-jaxb-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-resteasy-jaxb-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jaxb-provider@3.15.4-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jaxrs-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-resteasy-jaxrs-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-resteasy-jaxrs-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jaxrs@3.15.4-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jettison-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-resteasy-jettison-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-resteasy-jettison-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jettison-provider@3.15.4-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jose-jwt-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-resteasy-jose-jwt-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-resteasy-jose-jwt-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jose-jwt@3.15.4-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jsapi-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-resteasy-jsapi-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-resteasy-jsapi-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jsapi@3.15.4-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-json-binding-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-resteasy-json-binding-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-resteasy-json-binding-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-json-binding-provider@3.15.4-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-json-p-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-resteasy-json-p-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-resteasy-json-p-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-json-p-provider@3.15.4-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-multipart-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-resteasy-multipart-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-resteasy-multipart-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-multipart-provider@3.15.4-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-rxjava2-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-resteasy-rxjava2-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-resteasy-rxjava2-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-rxjava2@3.15.4-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-spring-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-resteasy-spring-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-resteasy-spring-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-spring@3.15.4-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-validator-provider-11-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-resteasy-validator-provider-11-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-resteasy-validator-provider-11-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-validator-provider-11@3.15.4-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-yaml-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-resteasy-yaml-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-resteasy-yaml-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-yaml-provider@3.15.4-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-vfs@3.2.17-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-client-common-0:1.1.13-1.SP1_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-http-client-common-0:1.1.13-1.SP1_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-wildfly-http-client-common-0:1.1.13-1.SP1_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-client-common@1.1.13-1.SP1_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-ejb-client-0:1.1.13-1.SP1_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-http-ejb-client-0:1.1.13-1.SP1_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-wildfly-http-ejb-client-0:1.1.13-1.SP1_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-ejb-client@1.1.13-1.SP1_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-naming-client-0:1.1.13-1.SP1_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-http-naming-client-0:1.1.13-1.SP1_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-wildfly-http-naming-client-0:1.1.13-1.SP1_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-naming-client@1.1.13-1.SP1_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-transaction-client-0:1.1.13-1.SP1_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-http-transaction-client-0:1.1.13-1.SP1_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-wildfly-http-transaction-client-0:1.1.13-1.SP1_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-transaction-client@1.1.13-1.SP1_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-glassfish-jsf@2.3.14-5.SP06_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.3.14-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis@2.16.0-10.redhat_00045.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-cli-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-cli-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-cli-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-cli@2.16.0-10.redhat_00045.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-commons-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-commons-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-commons-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-commons@2.16.0-10.redhat_00045.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-core-client-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-core-client-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-core-client-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-core-client@2.16.0-10.redhat_00045.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-dto-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-dto-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-dto-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-dto@2.16.0-10.redhat_00045.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-hornetq-protocol@2.16.0-10.redhat_00045.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-hqclient-protocol@2.16.0-10.redhat_00045.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jdbc-store-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jdbc-store-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-jdbc-store-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jdbc-store@2.16.0-10.redhat_00045.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jms-client-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jms-client-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-jms-client-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-client@2.16.0-10.redhat_00045.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jms-server-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jms-server-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-jms-server-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-server@2.16.0-10.redhat_00045.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-journal-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-journal-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-journal-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-journal@2.16.0-10.redhat_00045.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-ra-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-ra-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-ra-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-ra@2.16.0-10.redhat_00045.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-selector-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-selector-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-selector-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-selector@2.16.0-10.redhat_00045.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-server-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-server-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-server-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-server@2.16.0-10.redhat_00045.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-service-extensions-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-service-extensions-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-service-extensions-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-service-extensions@2.16.0-10.redhat_00045.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-tools-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-tools-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-tools-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-tools@2.16.0-10.redhat_00045.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.2.19-1.SP2_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.5.3-3.SP2_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-api-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-api-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-common-api-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-api@1.5.3-3.SP2_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-impl-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-impl-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-common-impl-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-impl@1.5.3-3.SP2_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-spi-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-spi-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-common-spi-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-spi@1.5.3-3.SP2_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-api-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-api-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-core-api-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-api@1.5.3-3.SP2_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-impl-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-impl-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-core-impl-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-impl@1.5.3-3.SP2_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-deployers-common-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-deployers-common-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-deployers-common-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-deployers-common@1.5.3-3.SP2_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-jdbc-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-jdbc-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-jdbc-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-jdbc@1.5.3-3.SP2_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-validator-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-validator-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-validator-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-validator@1.5.3-3.SP2_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.45-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow-jastow@2.0.11-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty@4.1.77-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-all-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-netty-all-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-netty-all-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-all@4.1.77-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-buffer-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-netty-buffer-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-netty-buffer-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-buffer@4.1.77-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-netty-codec-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-netty-codec-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec@4.1.77-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-dns-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-netty-codec-dns-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-netty-codec-dns-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-dns@4.1.77-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-haproxy-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-netty-codec-haproxy-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-netty-codec-haproxy-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-haproxy@4.1.77-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-http-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-netty-codec-http-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-netty-codec-http-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-http@4.1.77-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-http2-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-netty-codec-http2-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-netty-codec-http2-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-http2@4.1.77-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-memcache-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-netty-codec-memcache-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-netty-codec-memcache-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-memcache@4.1.77-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-mqtt-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-netty-codec-mqtt-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-netty-codec-mqtt-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-mqtt@4.1.77-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-redis-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-netty-codec-redis-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-netty-codec-redis-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-redis@4.1.77-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-smtp-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-netty-codec-smtp-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-netty-codec-smtp-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-smtp@4.1.77-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-socks-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-netty-codec-socks-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-netty-codec-socks-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-socks@4.1.77-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-stomp-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-netty-codec-stomp-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-netty-codec-stomp-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-stomp@4.1.77-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-xml-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-netty-codec-xml-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-netty-codec-xml-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-xml@4.1.77-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-common-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-netty-common-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-netty-common-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-common@4.1.77-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-handler-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-netty-handler-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-netty-handler-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-handler@4.1.77-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-handler-proxy-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-netty-handler-proxy-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-netty-handler-proxy-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-handler-proxy@4.1.77-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-resolver-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-netty-resolver-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-netty-resolver-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-resolver@4.1.77-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-resolver-dns-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-netty-resolver-dns-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-netty-resolver-dns-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-resolver-dns@4.1.77-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-resolver-dns-classes-macos-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-netty-resolver-dns-classes-macos-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-netty-resolver-dns-classes-macos-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-resolver-dns-classes-macos@4.1.77-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-transport-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-netty-transport-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-netty-transport-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport@4.1.77-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-transport-classes-epoll-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-netty-transport-classes-epoll-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-netty-transport-classes-epoll-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport-classes-epoll@4.1.77-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-transport-classes-kqueue-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-netty-transport-classes-kqueue-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-netty-transport-classes-kqueue-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport-classes-kqueue@4.1.77-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-transport-native-unix-common-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-netty-transport-native-unix-common-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-netty-transport-native-unix-common-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport-native-unix-common@4.1.77-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-transport-rxtx-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-netty-transport-rxtx-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-netty-transport-rxtx-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport-rxtx@4.1.77-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-transport-sctp-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-netty-transport-sctp-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-netty-transport-sctp-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport-sctp@4.1.77-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-transport-udt-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-netty-transport-udt-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-netty-transport-udt-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport-udt@4.1.77-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-tcnative@2.0.52-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-snakeyaml@1.31.0-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-20.Final_redhat_00019.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-cli-0:1.10.0-20.Final_redhat_00019.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-20.Final_redhat_00019.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-cli-0:1.10.0-20.Final_redhat_00019.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.10.0-20.Final_redhat_00019.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-core-0:1.10.0-20.Final_redhat_00019.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-20.Final_redhat_00019.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-core-0:1.10.0-20.Final_redhat_00019.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.10.0-20.Final_redhat_00019.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el8eap.noarch",
"product_id": "eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.7-3.GA_redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.4.7-3.GA_redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-javadocs-0:7.4.7-3.GA_redhat_00003.1.el8eap.noarch",
"product_id": "eap7-wildfly-javadocs-0:7.4.7-3.GA_redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.4.7-3.GA_redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-modules-0:7.4.7-3.GA_redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-modules-0:7.4.7-3.GA_redhat_00003.1.el8eap.noarch",
"product_id": "eap7-wildfly-modules-0:7.4.7-3.GA_redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.4.7-3.GA_redhat_00003.1.el8eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el8eap.x86_64",
"product": {
"name": "eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el8eap.x86_64",
"product_id": "eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el8eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport-native-epoll@4.1.77-3.Final_redhat_00001.1.el8eap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-transport-native-epoll-debuginfo-0:4.1.77-3.Final_redhat_00001.1.el8eap.x86_64",
"product": {
"name": "eap7-netty-transport-native-epoll-debuginfo-0:4.1.77-3.Final_redhat_00001.1.el8eap.x86_64",
"product_id": "eap7-netty-transport-native-epoll-debuginfo-0:4.1.77-3.Final_redhat_00001.1.el8eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport-native-epoll-debuginfo@4.1.77-3.Final_redhat_00001.1.el8eap?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el8eap.src"
},
"product_reference": "eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-cli-0:2.16.0-10.redhat_00045.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-10.redhat_00045.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-cli-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-commons-0:2.16.0-10.redhat_00045.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-10.redhat_00045.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-commons-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-core-client-0:2.16.0-10.redhat_00045.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-10.redhat_00045.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-core-client-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-dto-0:2.16.0-10.redhat_00045.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-10.redhat_00045.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-dto-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-10.redhat_00045.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-10.redhat_00045.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-10.redhat_00045.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-10.redhat_00045.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jdbc-store-0:2.16.0-10.redhat_00045.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-10.redhat_00045.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jdbc-store-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jms-client-0:2.16.0-10.redhat_00045.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-10.redhat_00045.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jms-client-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jms-server-0:2.16.0-10.redhat_00045.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-10.redhat_00045.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jms-server-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-journal-0:2.16.0-10.redhat_00045.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-10.redhat_00045.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-journal-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-ra-0:2.16.0-10.redhat_00045.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-10.redhat_00045.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-ra-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-selector-0:2.16.0-10.redhat_00045.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-10.redhat_00045.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-selector-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-server-0:2.16.0-10.redhat_00045.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-10.redhat_00045.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-server-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-service-extensions-0:2.16.0-10.redhat_00045.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-10.redhat_00045.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-service-extensions-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-tools-0:2.16.0-10.redhat_00045.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-10.redhat_00045.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-tools-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-core-0:5.3.28-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.28-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-core-0:5.3.28-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-entitymanager-0:5.3.28-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.28-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-entitymanager-0:5.3.28-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-envers-0:5.3.28-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.28-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-envers-0:5.3.28-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-java8-0:5.3.28-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.28-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-java8-0:5.3.28-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-api-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-api-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-impl-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-impl-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-spi-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-spi-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-api-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-api-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-impl-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-impl-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-deployers-common-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-deployers-common-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-jdbc-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-jdbc-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-validator-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-validator-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el8eap.src"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-20.Final_redhat_00019.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-20.Final_redhat_00019.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-cli-0:1.10.0-20.Final_redhat_00019.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-20.Final_redhat_00019.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-20.Final_redhat_00019.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-core-0:1.10.0-20.Final_redhat_00019.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-all-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-netty-all-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-buffer-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-netty-buffer-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-netty-codec-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-dns-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-netty-codec-dns-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-haproxy-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-netty-codec-haproxy-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-http-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-netty-codec-http-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-http2-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-netty-codec-http2-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-memcache-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-netty-codec-memcache-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-mqtt-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-netty-codec-mqtt-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-redis-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-netty-codec-redis-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-smtp-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-netty-codec-smtp-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-socks-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-netty-codec-socks-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-stomp-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-netty-codec-stomp-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-xml-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-netty-codec-xml-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-common-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-netty-common-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-handler-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-netty-handler-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-handler-proxy-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-netty-handler-proxy-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-resolver-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-netty-resolver-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-resolver-dns-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-netty-resolver-dns-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-resolver-dns-classes-macos-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-netty-resolver-dns-classes-macos-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-netty-transport-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-classes-epoll-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-netty-transport-classes-epoll-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-classes-kqueue-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-netty-transport-classes-kqueue-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el8eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el8eap.x86_64"
},
"product_reference": "eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el8eap.x86_64",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-native-epoll-debuginfo-0:4.1.77-3.Final_redhat_00001.1.el8eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.77-3.Final_redhat_00001.1.el8eap.x86_64"
},
"product_reference": "eap7-netty-transport-native-epoll-debuginfo-0:4.1.77-3.Final_redhat_00001.1.el8eap.x86_64",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-native-unix-common-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-netty-transport-native-unix-common-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-rxtx-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-netty-transport-rxtx-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-sctp-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-netty-transport-sctp-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-udt-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-netty-transport-udt-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-atom-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-resteasy-atom-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-cdi-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-resteasy-cdi-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-client-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-resteasy-client-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-crypto-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-resteasy-crypto-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jackson-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-resteasy-jackson-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jackson2-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-resteasy-jackson2-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jaxb-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-resteasy-jaxb-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jaxrs-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-resteasy-jaxrs-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jettison-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-resteasy-jettison-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jose-jwt-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-resteasy-jose-jwt-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jsapi-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-resteasy-jsapi-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-json-binding-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-resteasy-json-binding-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-json-p-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-resteasy-json-p-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-multipart-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-resteasy-multipart-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-rxjava2-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-resteasy-rxjava2-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-spring-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-resteasy-spring-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-validator-provider-11-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-resteasy-validator-provider-11-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-yaml-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-resteasy-yaml-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el8eap.src"
},
"product_reference": "eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-tool-0:1.15.14-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.14-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-tool-0:1.15.14-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-client-0:1.1.13-1.SP1_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.13-1.SP1_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-wildfly-http-client-0:1.1.13-1.SP1_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-client-common-0:1.1.13-1.SP1_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.13-1.SP1_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-http-client-common-0:1.1.13-1.SP1_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-ejb-client-0:1.1.13-1.SP1_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.13-1.SP1_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-http-ejb-client-0:1.1.13-1.SP1_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-naming-client-0:1.1.13-1.SP1_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.13-1.SP1_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-http-naming-client-0:1.1.13-1.SP1_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-transaction-client-0:1.1.13-1.SP1_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.13-1.SP1_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-http-transaction-client-0:1.1.13-1.SP1_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.4.7-3.GA_redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.7-3.GA_redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-javadocs-0:7.4.7-3.GA_redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-modules-0:7.4.7-3.GA_redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.7-3.GA_redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-modules-0:7.4.7-3.GA_redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-1259",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2022-04-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.28-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.28-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.28-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.28-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-20.Final_redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-20.Final_redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-all-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-common-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.77-3.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.13-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.13-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.13-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.13-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.13-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.7-3.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.7-3.GA_redhat_00003.1.el8eap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2072339"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Undertow. A potential security issue in flow control handling by the browser over HTTP/2 may cause overhead or a denial of service in the server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: potential security issue in flow control over HTTP/2 may lead to DOS(incomplete fix for CVE-2021-3629)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw occurs because of an incomplete fix for CVE-2021-3629.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.28-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.28-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.28-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.28-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-20.Final_redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-20.Final_redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-all-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-common-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.77-3.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.13-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.13-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.13-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.13-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.13-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.7-3.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.7-3.GA_redhat_00003.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-1259"
},
{
"category": "external",
"summary": "RHBZ#2072339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072339"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-1259",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1259"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1259",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1259"
}
],
"release_date": "2022-04-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-05T17:03:10+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied. For details about how to apply this update, see: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6822"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.28-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.28-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.28-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.28-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-20.Final_redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-20.Final_redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-all-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-common-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.77-3.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.13-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.13-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.13-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.13-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.13-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.7-3.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.7-3.GA_redhat_00003.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undertow: potential security issue in flow control over HTTP/2 may lead to DOS(incomplete fix for CVE-2021-3629)"
},
{
"cve": "CVE-2022-2053",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2022-06-10T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.28-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.28-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.28-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.28-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-20.Final_redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-20.Final_redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-all-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-common-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.77-3.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.13-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.13-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.13-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.13-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.13-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.7-3.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.7-3.GA_redhat_00003.1.el8eap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2095862"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Undertow. AJP requests to the server may allow an attacker to send a malicious request and trigger server errors, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: Large AJP request may cause DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Fuse 7 is now in Maintenance Support Phase and is marked Fixed. However, Red Hat Fuse Online does not contain the fix for this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.28-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.28-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.28-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.28-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-20.Final_redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-20.Final_redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-all-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-common-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.77-3.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.13-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.13-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.13-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.13-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.13-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.7-3.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.7-3.GA_redhat_00003.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-2053"
},
{
"category": "external",
"summary": "RHBZ#2095862",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095862"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-2053",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2053"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-2053",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2053"
}
],
"release_date": "2022-06-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-05T17:03:10+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied. For details about how to apply this update, see: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6822"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.28-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.28-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.28-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.28-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-20.Final_redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-20.Final_redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-all-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-common-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.77-3.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.13-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.13-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.13-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.13-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.13-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.7-3.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.7-3.GA_redhat_00003.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undertow: Large AJP request may cause DoS"
},
{
"cve": "CVE-2022-25857",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-09-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.28-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.28-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.28-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.28-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-20.Final_redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-20.Final_redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-all-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-common-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.77-3.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.13-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.13-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.13-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.13-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.13-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.7-3.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.7-3.GA_redhat_00003.1.el8eap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2126789"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Denial of Service due to missing nested depth limitation for collections",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For RHEL-8 it\u0027s downgraded to moderate because \"snakeyaml\" itself in RHEL 8 or RHEL-9 isn\u0027t shipped and \"prometheus-jmx-exporter\" is needed as build dependency. And it\u0027s not directly exploitable, hence severity marked as moderate.\nRed Hat Integration and AMQ products are not vulnerable to this flaw, so their severity has been lowered to moderate.\nRed Hat Single Sign-On uses snakeyaml from liquibase-core and is only used when performing migrations and would require administrator privileges to execute, hence severity marked as Low.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be present soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.28-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.28-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.28-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.28-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-20.Final_redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-20.Final_redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-all-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-common-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.77-3.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.13-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.13-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.13-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.13-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.13-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.7-3.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.7-3.GA_redhat_00003.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25857"
},
{
"category": "external",
"summary": "RHBZ#2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25857",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25857"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857"
},
{
"category": "external",
"summary": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525",
"url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525"
}
],
"release_date": "2022-08-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-05T17:03:10+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied. For details about how to apply this update, see: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6822"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-10.redhat_00045.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.28-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.28-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.28-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.28-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.3-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-20.Final_redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-20.Final_redhat_00019.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-all-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-common-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.77-3.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.77-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.4-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.13-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.13-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.13-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.13-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.13-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.7-3.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.7-3.GA_redhat_00003.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "snakeyaml: Denial of Service due to missing nested depth limitation for collections"
}
]
}
RHSA-2022:6820
Vulnerability from csaf_redhat - Published: 2022-10-06 07:40 - Updated: 2026-04-01 18:38Summary
Red Hat Security Advisory: prometheus-jmx-exporter security update
Severity
Moderate
Notes
Topic: An update for prometheus-jmx-exporter is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
[Updated 20th October 2022]
The product listing in this erratum has been updated to include missing openjdk8 and openjdk17 sub-packages for Red Hat Enterprise Linux 8.
Details: Prometheus JMX Exporter is a JMX to Prometheus exporter: a collector that can be configured to scrape and expose MBeans of a JMX target.
Security Fix(es):
* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.
7.5 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2022:6820
References
| URL | Category | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for prometheus-jmx-exporter is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\n[Updated 20th October 2022]\nThe product listing in this erratum has been updated to include missing openjdk8 and openjdk17 sub-packages for Red Hat Enterprise Linux 8.",
"title": "Topic"
},
{
"category": "general",
"text": "Prometheus JMX Exporter is a JMX to Prometheus exporter: a collector that can be configured to scrape and expose MBeans of a JMX target.\n\nSecurity Fix(es):\n\n* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:6820",
"url": "https://access.redhat.com/errata/RHSA-2022:6820"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_6820.json"
}
],
"title": "Red Hat Security Advisory: prometheus-jmx-exporter security update",
"tracking": {
"current_release_date": "2026-04-01T18:38:09+00:00",
"generator": {
"date": "2026-04-01T18:38:09+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.4"
}
},
"id": "RHSA-2022:6820",
"initial_release_date": "2022-10-06T07:40:42+00:00",
"revision_history": [
{
"date": "2022-10-06T07:40:42+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-10-20T13:11:37+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-01T18:38:09+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "prometheus-jmx-exporter-0:0.12.0-8.el8_6.src",
"product": {
"name": "prometheus-jmx-exporter-0:0.12.0-8.el8_6.src",
"product_id": "prometheus-jmx-exporter-0:0.12.0-8.el8_6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/prometheus-jmx-exporter@0.12.0-8.el8_6?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "prometheus-jmx-exporter-0:0.12.0-8.el8_6.noarch",
"product": {
"name": "prometheus-jmx-exporter-0:0.12.0-8.el8_6.noarch",
"product_id": "prometheus-jmx-exporter-0:0.12.0-8.el8_6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/prometheus-jmx-exporter@0.12.0-8.el8_6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "prometheus-jmx-exporter-openjdk11-0:0.12.0-8.el8_6.noarch",
"product": {
"name": "prometheus-jmx-exporter-openjdk11-0:0.12.0-8.el8_6.noarch",
"product_id": "prometheus-jmx-exporter-openjdk11-0:0.12.0-8.el8_6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/prometheus-jmx-exporter-openjdk11@0.12.0-8.el8_6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "prometheus-jmx-exporter-openjdk17-0:0.12.0-8.el8_6.noarch",
"product": {
"name": "prometheus-jmx-exporter-openjdk17-0:0.12.0-8.el8_6.noarch",
"product_id": "prometheus-jmx-exporter-openjdk17-0:0.12.0-8.el8_6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/prometheus-jmx-exporter-openjdk17@0.12.0-8.el8_6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "prometheus-jmx-exporter-openjdk8-0:0.12.0-8.el8_6.noarch",
"product": {
"name": "prometheus-jmx-exporter-openjdk8-0:0.12.0-8.el8_6.noarch",
"product_id": "prometheus-jmx-exporter-openjdk8-0:0.12.0-8.el8_6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/prometheus-jmx-exporter-openjdk8@0.12.0-8.el8_6?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-jmx-exporter-0:0.12.0-8.el8_6.noarch as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:prometheus-jmx-exporter-0:0.12.0-8.el8_6.noarch"
},
"product_reference": "prometheus-jmx-exporter-0:0.12.0-8.el8_6.noarch",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-jmx-exporter-0:0.12.0-8.el8_6.src as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:prometheus-jmx-exporter-0:0.12.0-8.el8_6.src"
},
"product_reference": "prometheus-jmx-exporter-0:0.12.0-8.el8_6.src",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-jmx-exporter-openjdk11-0:0.12.0-8.el8_6.noarch as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:prometheus-jmx-exporter-openjdk11-0:0.12.0-8.el8_6.noarch"
},
"product_reference": "prometheus-jmx-exporter-openjdk11-0:0.12.0-8.el8_6.noarch",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-jmx-exporter-openjdk17-0:0.12.0-8.el8_6.noarch as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:prometheus-jmx-exporter-openjdk17-0:0.12.0-8.el8_6.noarch"
},
"product_reference": "prometheus-jmx-exporter-openjdk17-0:0.12.0-8.el8_6.noarch",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-jmx-exporter-openjdk8-0:0.12.0-8.el8_6.noarch as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:prometheus-jmx-exporter-openjdk8-0:0.12.0-8.el8_6.noarch"
},
"product_reference": "prometheus-jmx-exporter-openjdk8-0:0.12.0-8.el8_6.noarch",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-25857",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-09-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2126789"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Denial of Service due to missing nested depth limitation for collections",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For RHEL-8 it\u0027s downgraded to moderate because \"snakeyaml\" itself in RHEL 8 or RHEL-9 isn\u0027t shipped and \"prometheus-jmx-exporter\" is needed as build dependency. And it\u0027s not directly exploitable, hence severity marked as moderate.\nRed Hat Integration and AMQ products are not vulnerable to this flaw, so their severity has been lowered to moderate.\nRed Hat Single Sign-On uses snakeyaml from liquibase-core and is only used when performing migrations and would require administrator privileges to execute, hence severity marked as Low.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be present soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.6.0.Z.MAIN.EUS:prometheus-jmx-exporter-0:0.12.0-8.el8_6.noarch",
"AppStream-8.6.0.Z.MAIN.EUS:prometheus-jmx-exporter-0:0.12.0-8.el8_6.src",
"AppStream-8.6.0.Z.MAIN.EUS:prometheus-jmx-exporter-openjdk11-0:0.12.0-8.el8_6.noarch",
"AppStream-8.6.0.Z.MAIN.EUS:prometheus-jmx-exporter-openjdk17-0:0.12.0-8.el8_6.noarch",
"AppStream-8.6.0.Z.MAIN.EUS:prometheus-jmx-exporter-openjdk8-0:0.12.0-8.el8_6.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25857"
},
{
"category": "external",
"summary": "RHBZ#2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25857",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25857"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857"
},
{
"category": "external",
"summary": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525",
"url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525"
}
],
"release_date": "2022-08-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-06T07:40:42+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.6.0.Z.MAIN.EUS:prometheus-jmx-exporter-0:0.12.0-8.el8_6.noarch",
"AppStream-8.6.0.Z.MAIN.EUS:prometheus-jmx-exporter-0:0.12.0-8.el8_6.src",
"AppStream-8.6.0.Z.MAIN.EUS:prometheus-jmx-exporter-openjdk11-0:0.12.0-8.el8_6.noarch",
"AppStream-8.6.0.Z.MAIN.EUS:prometheus-jmx-exporter-openjdk17-0:0.12.0-8.el8_6.noarch",
"AppStream-8.6.0.Z.MAIN.EUS:prometheus-jmx-exporter-openjdk8-0:0.12.0-8.el8_6.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6820"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.6.0.Z.MAIN.EUS:prometheus-jmx-exporter-0:0.12.0-8.el8_6.noarch",
"AppStream-8.6.0.Z.MAIN.EUS:prometheus-jmx-exporter-0:0.12.0-8.el8_6.src",
"AppStream-8.6.0.Z.MAIN.EUS:prometheus-jmx-exporter-openjdk11-0:0.12.0-8.el8_6.noarch",
"AppStream-8.6.0.Z.MAIN.EUS:prometheus-jmx-exporter-openjdk17-0:0.12.0-8.el8_6.noarch",
"AppStream-8.6.0.Z.MAIN.EUS:prometheus-jmx-exporter-openjdk8-0:0.12.0-8.el8_6.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Denial of Service due to missing nested depth limitation for collections"
}
]
}
RHSA-2023_2100
Vulnerability from csaf_redhat - Published: 2023-05-03 14:05 - Updated: 2024-12-17 22:55Summary
Red Hat Security Advisory: Red Hat Integration Camel for Spring Boot 3.20.1 security update
Severity
Important
Notes
Topic: Red Hat Integration Camel for Spring Boot 3.20.1 release and security update is now available.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: This release of Camel for Spring Boot 3.20.1 serves as a replacement for Camel for Spring Boot 3.18.3 and includes bug fixes and enhancements, which are documented in the Release Notes document linked in the References.
The purpose of this text-only errata is to inform you about the security issues fixed.
Security Fix(es):
* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)
* JXPath: untrusted XPath expressions may lead to RCE attack (CVE-2022-41852)
* hsqldb: Untrusted input may lead to RCE attack (CVE-2022-41853)
* xstream: Denial of Service by injecting recursive collections or maps based on element's hash values raising a stack overflow (CVE-2022-41966)
* springframework: Security Bypass With Un-Prefixed Double Wildcard Pattern (CVE-2023-20860)
* apache-commons-net: FTP client trusts the host from PASV response by default (CVE-2021-37533)
* undertow: Server identity in https connection is not checked by the undertow client (CVE-2022-4492)
* apache-spark: XSS vulnerability in log viewer UI Javascript (CVE-2022-31777)
* Apache Pulsar: Improper Hostname Verification in Java Client and Proxy can expose authentication data via MITM (CVE-2022-33681)
* apache-ivy: Directory Traversal (CVE-2022-37865)
* : Apache Ivy: Ivy Path traversal (CVE-2022-37866)
* batik: Server-Side Request Forgery (CVE-2022-38398)
* batik: Server-Side Request Forgery (CVE-2022-38648)
* snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode (CVE-2022-38749)
* snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject (CVE-2022-38750)
* snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match (CVE-2022-38751)
* snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode (CVE-2022-38752)
* scandium: Failing DTLS handshakes may cause throttling to block processing of records (CVE-2022-39368)
* batik: Server-Side Request Forgery (SSRF) vulnerability (CVE-2022-40146)
* xstream: Xstream to serialise XML data was vulnerable to Denial of Service attacks (CVE-2022-40151)
* woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks (CVE-2022-40152)
* xstream: Xstream to serialise XML data was vulnerable to Denial of Service attacks (CVE-2022-40156)
* batik: Apache XML Graphics Batik vulnerable to code execution via SVG (CVE-2022-41704)
* dev-java/snakeyaml: DoS via stack overflow (CVE-2022-41854)
* codec-haproxy: HAProxyMessageDecoder Stack Exhaustion DoS (CVE-2022-41881)
* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)
* jackson-databind: use of deeply nested arrays (CVE-2022-42004)
* batik: Untrusted code execution in Apache XML Graphics Batik (CVE-2022-42890)
* jettison: Uncontrolled Recursion in JSONArray (CVE-2023-1436)
* springframework: Spring Expression DoS Vulnerability (CVE-2023-20861)
* shiro: Authentication bypass through a specially crafted HTTP request (CVE-2023-22602)
* Apache Commons FileUpload: FileUpload DoS with excessive parts (CVE-2023-24998)
* jettison: memory exhaustion via user-supplied XML or JSON data (CVE-2022-40150)
* springframework: Spring Expression DoS Vulnerability (CVE-2023-20863)
* json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion) (CVE-2023-1370)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in Apache Commons Net's FTP, where the client trusts the host from PASV response by default. A malicious server could redirect the Commons Net code to use a different host, but the user has to connect to the malicious server in the first place. This issue could lead to leakage of information about services running on the private network of the client.
6.5 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2100
A flaw was found in undertow. The undertow client is not checking the server identity the server certificate presents in HTTPS connections. This is a compulsory step ( that should at least be performed by default) in HTTPS and in http/2.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2100
A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2100
A stored cross-site scripting (XSS) flaw was found in Apache Spark. This issue allows an attacker to execute arbitrary JavaScript in the web browser of a user, including a malicious payload into the logs which are returned in logs rendered in the UI.
5.4 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2100
A flaw was found in the Apache Pulsar Java Client. This flaw allows an attacker to use a Man-in-the-Middle (MITM) attack, manipulating network traffic and gaining the client's authentication data.
5.9 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2100
A flaw was found in Apache Ivy. With Apache Ivy 2.4.0, an optional packaging attribute was introduced that allows artifacts to be unpacked on the fly if pack200 or zip packaging was used. This issue could allow a malicious used to have unwanted access.
9.1 (Critical)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2100
A flaw was found in Apache Ivy. This may allow an attacker to place artifacts inside and outside of Ivy's repository and overwrite artifacts that the user will use later.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2100
Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to load a url thru the jar protocol. This issue affects Apache XML Graphics Batik 1.14.
5.3 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2100
Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to fetch external resources. This issue affects Apache XML Graphics Batik 1.14.
5.3 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2100
A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash, resulting in a denial of service.
6.5 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2100
A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.
5.5 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2100
A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.
6.5 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2100
A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.
6.5 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2100
A flaw was found in the Eclipse Californium Scandium package. This issue occurs when failing handshakes don't clean up counters for throttling, causing the threshold to be reached without being released again, resulting in a denial of service. An attacker could submit a high quantity of server requests, leaving the server unable to respond.
8.2 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2100
Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to access files using a Jar url. This issue affects Apache XML Graphics Batik 1.14.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2100
A vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. If the parser is running on user-supplied input, an attacker may supply content that causes the parser to crash, causing memory exhaustion. This effect may support a denial of service attack.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2100
A flaw was found in the XStream package. This flaw allows an attacker to cause a denial of service (DoS) in its target via XML serialization.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2100
A flaw was found in the FasterXML/woodstox package. This flaw allows an attacker to cause a denial of service (DoS) in its target via XML serialization. An attacker may benefit from the parser sending a malicious input that may cause a crash. This vulnerability is only relevant for users using the DTD parsing functionality.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2100
A flaw was found in the XStream package. This flaw allows an attacker to cause a denial of service (DoS) in its target via XML serialization.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2100
A flaw was found in Batik. This issue may allow a malicious user to run untrusted Java code from an SVG.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2100
A flaw was found in the Apache Commons JXPath package. This flaw allows an attacker to use the interpreter to execute untrusted expressions and a remote code attack.
9.8 (Critical)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2100
A flaw was found in the HSQLDB package. This flaw allows untrusted inputs to execute remote code due to any static method of any Java class in the classpath, resulting in code execution by default.
9.8 (Critical)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2100
Workaround
By default, the static methods of any class that is on the classpath are available for use and can compromise security in some systems. The optional Java system property, hsqldb.method_class_names, allows preventing access to classes other than java.lang.Math or specifying a semicolon-separated list of allowed classes. A property value that ends with .* is treated as a wild card and allows access to all class or method names formed by substitution of the * (asterisk).
In the example below, the property has been included as an argument to the Java command.
java -Dhsqldb.method_class_names="org.me.MyClass;org.you.YourClass;org.you.lib.*" [the rest of the command line]
The above example allows access to the methods in the two classes: org.me.MyClass and org.you.YourClass together with all the classes in the org.you.lib package. Note that if the property is not defined, no access control is performed at this level.
The user who creates a Java routine must have the relevant access privileges on the tables that are used inside the Java method.
Once the routine has been defined, the normal database access control applies to its user. The routine can be executed only by those users who have been granted EXECUTE privileges on it. Access to routines can be granted to users with GRANT EXECUTE or GRANT ALL. For example, GRANT EXECUTE ON myroutine TO PUBLIC.
In hsqldb 2.7.1, all classes by default are not accessible, except those in java.lang.Math and need to be manually enabled.
Those using Snakeyaml to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack overflow. This effect may support a denial of service attack.
6.5 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2100
A flaw was found in codec-haproxy from the Netty project. This flaw allows an attacker to build a malformed crafted message and cause infinite recursion, causing stack exhaustion and leading to a denial of service (DoS).
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2100
A flaw was found in the xstream package. This flaw allows an attacker to cause a denial of service by injecting recursive collections or maps, raising a stack overflow.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2100
A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2100
A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2100
A flaw was found in Batik of Apache XML Graphics. This issue may allow a malicious user to run Java code from untrusted SVG via JavaScript.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2100
A flaw was found in the json-smart package. This security flaw occurs when reaching a ‘[‘ or ‘{‘ character in the JSON input, and the code parses an array or an object, respectively. The 3PP does not have any limit to the nesting of such arrays or objects. Since nested arrays and objects are parsed recursively, nesting too many of them can cause stack exhaustion (stack overflow) and crash the software.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2100
A flaw was found in Jettison. Infinite recursion is triggered in Jettison when constructing a JSONArray from a Collection that contains a self-reference in one of its elements. This issue leads to a StackOverflowError exception being thrown.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2100
A flaw was found in Spring Framework. In this vulnerability, a security bypass is possible due to the behavior of the wildcard pattern.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2100
A flaw found was found in Spring Framework. This flaw allows a malicious user to use a specially crafted SpEL expression that causes a denial of service (DoS).
5.3 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2100
A flaw was found in Spring Framework. Certain versions of Spring Framework's Expression Language were not restricting the size of Spring Expressions. This could allow an attacker to craft a malicious Spring Expression to cause a denial of service on the server.
6.5 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2100
A flaw was found in Apache Shiro. This issue may allow a malicious user to send a specially crafted HTTP request that could cause an authentication bypass.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2100
A flaw was found in Apache Commons FileUpload, where it does not limit the number of parts being processed in a request. This issue may allow an attacker to use a malicious upload or series of uploads to trigger a denial of service. While Red Hat Satellite relies upon Apache Tomcat, it does not directly ship it. Tomcat is shipped with Red Hat Enterprise Linux and consumed by the Candlepin component of Satellite. Red Hat Satellite users are therefore advised to check the impact state of Red Hat Enterprise Linux, since any necessary fixes will be distributed through the platform.
6.5 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2100
References
| URL | Category | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat Integration Camel for Spring Boot 3.20.1 release and security update is now available.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This release of Camel for Spring Boot 3.20.1 serves as a replacement for Camel for Spring Boot 3.18.3 and includes bug fixes and enhancements, which are documented in the Release Notes document linked in the References.\n\nThe purpose of this text-only errata is to inform you about the security issues fixed.\n\nSecurity Fix(es):\n\n* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)\n\n* JXPath: untrusted XPath expressions may lead to RCE attack (CVE-2022-41852)\n\n* hsqldb: Untrusted input may lead to RCE attack (CVE-2022-41853)\n\n* xstream: Denial of Service by injecting recursive collections or maps based on element\u0027s hash values raising a stack overflow (CVE-2022-41966)\n\n* springframework: Security Bypass With Un-Prefixed Double Wildcard Pattern (CVE-2023-20860)\n\n* apache-commons-net: FTP client trusts the host from PASV response by default (CVE-2021-37533)\n\n* undertow: Server identity in https connection is not checked by the undertow client (CVE-2022-4492)\n\n* apache-spark: XSS vulnerability in log viewer UI Javascript (CVE-2022-31777)\n\n* Apache Pulsar: Improper Hostname Verification in Java Client and Proxy can expose authentication data via MITM (CVE-2022-33681)\n\n* apache-ivy: Directory Traversal (CVE-2022-37865)\n\n* : Apache Ivy: Ivy Path traversal (CVE-2022-37866)\n\n* batik: Server-Side Request Forgery (CVE-2022-38398)\n\n* batik: Server-Side Request Forgery (CVE-2022-38648)\n\n* snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode (CVE-2022-38749)\n\n* snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject (CVE-2022-38750)\n\n* snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match (CVE-2022-38751)\n\n* snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode (CVE-2022-38752)\n\n* scandium: Failing DTLS handshakes may cause throttling to block processing of records (CVE-2022-39368)\n\n* batik: Server-Side Request Forgery (SSRF) vulnerability (CVE-2022-40146)\n\n* xstream: Xstream to serialise XML data was vulnerable to Denial of Service attacks (CVE-2022-40151)\n\n* woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks (CVE-2022-40152)\n\n* xstream: Xstream to serialise XML data was vulnerable to Denial of Service attacks (CVE-2022-40156)\n\n* batik: Apache XML Graphics Batik vulnerable to code execution via SVG (CVE-2022-41704)\n\n* dev-java/snakeyaml: DoS via stack overflow (CVE-2022-41854)\n\n* codec-haproxy: HAProxyMessageDecoder Stack Exhaustion DoS (CVE-2022-41881)\n\n* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)\n\n* jackson-databind: use of deeply nested arrays (CVE-2022-42004)\n\n* batik: Untrusted code execution in Apache XML Graphics Batik (CVE-2022-42890)\n\n* jettison: Uncontrolled Recursion in JSONArray (CVE-2023-1436)\n\n* springframework: Spring Expression DoS Vulnerability (CVE-2023-20861)\n\n* shiro: Authentication bypass through a specially crafted HTTP request (CVE-2023-22602)\n\n* Apache Commons FileUpload: FileUpload DoS with excessive parts (CVE-2023-24998)\n\n* jettison: memory exhaustion via user-supplied XML or JSON data (CVE-2022-40150)\n\n* springframework: Spring Expression DoS Vulnerability (CVE-2023-20863)\n\n* json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion) (CVE-2023-1370)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:2100",
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=red.hat.integration\u0026version=2023-Q2",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=red.hat.integration\u0026version=2023-Q2"
},
{
"category": "external",
"summary": "2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "2129706",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129706"
},
{
"category": "external",
"summary": "2129707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129707"
},
{
"category": "external",
"summary": "2129709",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129709"
},
{
"category": "external",
"summary": "2129710",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129710"
},
{
"category": "external",
"summary": "2134288",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134288"
},
{
"category": "external",
"summary": "2134291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134291"
},
{
"category": "external",
"summary": "2134292",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134292"
},
{
"category": "external",
"summary": "2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "2135770",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770"
},
{
"category": "external",
"summary": "2136128",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136128"
},
{
"category": "external",
"summary": "2136141",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136141"
},
{
"category": "external",
"summary": "2136207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136207"
},
{
"category": "external",
"summary": "2145205",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145205"
},
{
"category": "external",
"summary": "2145264",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145264"
},
{
"category": "external",
"summary": "2150011",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150011"
},
{
"category": "external",
"summary": "2151988",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2151988"
},
{
"category": "external",
"summary": "2153260",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153260"
},
{
"category": "external",
"summary": "2153379",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153379"
},
{
"category": "external",
"summary": "2155291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155291"
},
{
"category": "external",
"summary": "2155292",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155292"
},
{
"category": "external",
"summary": "2155295",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155295"
},
{
"category": "external",
"summary": "2169924",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2169924"
},
{
"category": "external",
"summary": "2170431",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170431"
},
{
"category": "external",
"summary": "2172298",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2172298"
},
{
"category": "external",
"summary": "2180528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2180528"
},
{
"category": "external",
"summary": "2180530",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2180530"
},
{
"category": "external",
"summary": "2182182",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182182"
},
{
"category": "external",
"summary": "2182183",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182183"
},
{
"category": "external",
"summary": "2182188",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182188"
},
{
"category": "external",
"summary": "2182198",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182198"
},
{
"category": "external",
"summary": "2182788",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182788"
},
{
"category": "external",
"summary": "2187742",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187742"
},
{
"category": "external",
"summary": "2188542",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2188542"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_2100.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Integration Camel for Spring Boot 3.20.1 security update",
"tracking": {
"current_release_date": "2024-12-17T22:55:43+00:00",
"generator": {
"date": "2024-12-17T22:55:43+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2023:2100",
"initial_release_date": "2023-05-03T14:05:29+00:00",
"revision_history": [
{
"date": "2023-05-03T14:05:29+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-05-03T14:05:29+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-17T22:55:43+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHINT Camel-Springboot 3.20.1",
"product": {
"name": "RHINT Camel-Springboot 3.20.1",
"product_id": "RHINT Camel-Springboot 3.20.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:camel_spring_boot:3.20.1"
}
}
}
],
"category": "product_family",
"name": "Red Hat Integration"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-37533",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2023-02-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2169924"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Commons Net\u0027s FTP, where the client trusts the host from PASV response by default. A malicious server could redirect the Commons Net code to use a different host, but the user has to connect to the malicious server in the first place. This issue could lead to leakage of information about services running on the private network of the client.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-commons-net: FTP client trusts the host from PASV response by default",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-37533"
},
{
"category": "external",
"summary": "RHBZ#2169924",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2169924"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-37533",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37533"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-37533",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37533"
}
],
"release_date": "2023-02-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache-commons-net: FTP client trusts the host from PASV response by default"
},
{
"cve": "CVE-2022-4492",
"cwe": {
"id": "CWE-550",
"name": "Server-generated Error Message Containing Sensitive Information"
},
"discovery_date": "2022-12-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2153260"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in undertow. The undertow client is not checking the server identity the server certificate presents in HTTPS connections. This is a compulsory step ( that should at least be performed by default) in HTTPS and in http/2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: Server identity in https connection is not checked by the undertow client",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-4492"
},
{
"category": "external",
"summary": "RHBZ#2153260",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153260"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-4492",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4492"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-4492",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4492"
}
],
"release_date": "2022-12-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undertow: Server identity in https connection is not checked by the undertow client"
},
{
"cve": "CVE-2022-25857",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-09-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2126789"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Denial of Service due to missing nested depth limitation for collections",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For RHEL-8 it\u0027s downgraded to moderate because \"snakeyaml\" itself in RHEL 8 or RHEL-9 isn\u0027t shipped and \"prometheus-jmx-exporter\" is needed as build dependency. And it\u0027s not directly exploitable, hence severity marked as moderate.\nRed Hat Integration and AMQ products are not vulnerable to this flaw, so their severity has been lowered to moderate.\nRed Hat Single Sign-On uses snakeyaml from liquibase-core and is only used when performing migrations and would require administrator privileges to execute, hence severity marked as Low.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be present soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25857"
},
{
"category": "external",
"summary": "RHBZ#2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25857",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25857"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857"
},
{
"category": "external",
"summary": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525",
"url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525"
}
],
"release_date": "2022-08-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Denial of Service due to missing nested depth limitation for collections"
},
{
"cve": "CVE-2022-31777",
"cwe": {
"id": "CWE-74",
"name": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)"
},
"discovery_date": "2022-11-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2145264"
}
],
"notes": [
{
"category": "description",
"text": "A stored cross-site scripting (XSS) flaw was found in Apache Spark. This issue allows an attacker to execute arbitrary JavaScript in the web browser of a user, including a malicious payload into the logs which are returned in logs rendered in the UI.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-spark: XSS vulnerability in log viewer UI Javascript",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-31777"
},
{
"category": "external",
"summary": "RHBZ#2145264",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145264"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-31777",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31777"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-31777",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-31777"
}
],
"release_date": "2022-11-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache-spark: XSS vulnerability in log viewer UI Javascript"
},
{
"cve": "CVE-2022-33681",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2022-10-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2136207"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Pulsar Java Client. This flaw allows an attacker to use a Man-in-the-Middle (MITM) attack, manipulating network traffic and gaining the client\u0027s authentication data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Pulsar: Improper Hostname Verification in Java Client and Proxy can expose authentication data via MITM",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-33681"
},
{
"category": "external",
"summary": "RHBZ#2136207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136207"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-33681",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33681"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-33681",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-33681"
}
],
"release_date": "2022-09-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Pulsar: Improper Hostname Verification in Java Client and Proxy can expose authentication data via MITM"
},
{
"cve": "CVE-2022-37865",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2023-03-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2182188"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Ivy. With Apache Ivy 2.4.0, an optional packaging attribute was introduced that allows artifacts to be unpacked on the fly if pack200 or zip packaging was used. This issue could allow a malicious used to have unwanted access.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-ivy: Directory Traversal",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Although the CVSS states High according to NIST, due to the nature of this flaw, considering it\u0027s an optional attribute and there must be restrictions in other layers to prevent attacks, this flaw is taken as a Moderate following the Medium impact from Apache.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-37865"
},
{
"category": "external",
"summary": "RHBZ#2182188",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182188"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-37865",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37865"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-37865",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-37865"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/gqvvv7qsm2dfjg6xzsw1s2h08tbr0sdy",
"url": "https://lists.apache.org/thread/gqvvv7qsm2dfjg6xzsw1s2h08tbr0sdy"
}
],
"release_date": "2022-11-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache-ivy: Directory Traversal"
},
{
"cve": "CVE-2022-37866",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2022-12-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2150011"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Ivy. This may allow an attacker to place artifacts inside and outside of Ivy\u0027s repository and overwrite artifacts that the user will use later.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Ivy: Ivy Path traversal",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-37866"
},
{
"category": "external",
"summary": "RHBZ#2150011",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150011"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-37866",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37866"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-37866",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-37866"
}
],
"release_date": "2022-11-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Ivy: Ivy Path traversal"
},
{
"cve": "CVE-2022-38398",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2022-12-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155292"
}
],
"notes": [
{
"category": "description",
"text": "Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to load a url thru the jar protocol. This issue affects Apache XML Graphics Batik 1.14.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "batik: Server-Side Request Forgery",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38398"
},
{
"category": "external",
"summary": "RHBZ#2155292",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155292"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38398",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38398"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38398",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38398"
},
{
"category": "external",
"summary": "http://svn.apache.org/viewvc?view=revision\u0026revision=1903462",
"url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1903462"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/BATIK-1331",
"url": "https://issues.apache.org/jira/browse/BATIK-1331"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/712c9xwtmyghyokzrm2ml6sps4xlmbsx",
"url": "https://lists.apache.org/thread/712c9xwtmyghyokzrm2ml6sps4xlmbsx"
}
],
"release_date": "2022-09-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "batik: Server-Side Request Forgery"
},
{
"cve": "CVE-2022-38648",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2022-12-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155295"
}
],
"notes": [
{
"category": "description",
"text": "Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to fetch external resources. This issue affects Apache XML Graphics Batik 1.14.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "batik: Server-Side Request Forgery",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38648"
},
{
"category": "external",
"summary": "RHBZ#2155295",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155295"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38648",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38648"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38648",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38648"
},
{
"category": "external",
"summary": "http://svn.apache.org/viewvc?view=revision\u0026revision=1903625",
"url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1903625"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/BATIK-1333",
"url": "https://issues.apache.org/jira/browse/BATIK-1333"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/gfsktxvj7jtwyovmhhbrw0bs13wfjd7b",
"url": "https://lists.apache.org/thread/gfsktxvj7jtwyovmhhbrw0bs13wfjd7b"
}
],
"release_date": "2022-09-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "batik: Server-Side Request Forgery"
},
{
"cve": "CVE-2022-38749",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129706"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38749"
},
{
"category": "external",
"summary": "RHBZ#2129706",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129706"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38749",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38749"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38749",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38749"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode"
},
{
"cve": "CVE-2022-38750",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129707"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38750"
},
{
"category": "external",
"summary": "RHBZ#2129707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129707"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38750",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38750"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38750",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38750"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject"
},
{
"cve": "CVE-2022-38751",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129709"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38751"
},
{
"category": "external",
"summary": "RHBZ#2129709",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129709"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38751",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38751"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38751",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38751"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match"
},
{
"cve": "CVE-2022-38752",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129710"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38752"
},
{
"category": "external",
"summary": "RHBZ#2129710",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129710"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38752",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38752"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38752",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38752"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode"
},
{
"cve": "CVE-2022-39368",
"cwe": {
"id": "CWE-459",
"name": "Incomplete Cleanup"
},
"discovery_date": "2022-11-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2145205"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Eclipse Californium Scandium package. This issue occurs when failing handshakes don\u0027t clean up counters for throttling, causing the threshold to be reached without being released again, resulting in a denial of service. An attacker could submit a high quantity of server requests, leaving the server unable to respond.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "scandium: Failing DTLS handshakes may cause throttling to block processing of records",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-39368"
},
{
"category": "external",
"summary": "RHBZ#2145205",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145205"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-39368",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39368"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-39368",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-39368"
},
{
"category": "external",
"summary": "https://github.com/eclipse-californium/californium/security/advisories/GHSA-p72g-cgh9-ghjgc",
"url": "https://github.com/eclipse-californium/californium/security/advisories/GHSA-p72g-cgh9-ghjgc"
}
],
"release_date": "2022-11-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "scandium: Failing DTLS handshakes may cause throttling to block processing of records"
},
{
"cve": "CVE-2022-40146",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2022-12-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155291"
}
],
"notes": [
{
"category": "description",
"text": "Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to access files using a Jar url. This issue affects Apache XML Graphics Batik 1.14.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "batik: Server-Side Request Forgery (SSRF) vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40146"
},
{
"category": "external",
"summary": "RHBZ#2155291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155291"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40146",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40146"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40146",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40146"
},
{
"category": "external",
"summary": "http://svn.apache.org/viewvc?view=revision\u0026revision=1903910",
"url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1903910"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/BATIK-1335",
"url": "https://issues.apache.org/jira/browse/BATIK-1335"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/hxtddqjty2sbs12y97c8g7xfh17jzxsx",
"url": "https://lists.apache.org/thread/hxtddqjty2sbs12y97c8g7xfh17jzxsx"
}
],
"release_date": "2022-09-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "batik: Server-Side Request Forgery (SSRF) vulnerability"
},
{
"cve": "CVE-2022-40150",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-10-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135770"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. If the parser is running on user-supplied input, an attacker may supply content that causes the parser to crash, causing memory exhaustion. This effect may support a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: memory exhaustion via user-supplied XML or JSON data",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40150"
},
{
"category": "external",
"summary": "RHBZ#2135770",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40150",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40150"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150"
},
{
"category": "external",
"summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1",
"url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1"
}
],
"release_date": "2022-09-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jettison: memory exhaustion via user-supplied XML or JSON data"
},
{
"cve": "CVE-2022-40151",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-10-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2134292"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the XStream package. This flaw allows an attacker to cause a denial of service (DoS) in its target via XML serialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "xstream: Xstream to serialise XML data was vulnerable to Denial of Service attacks",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40151"
},
{
"category": "external",
"summary": "RHBZ#2134292",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134292"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40151",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40151"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40151",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40151"
}
],
"release_date": "2022-09-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "xstream: Xstream to serialise XML data was vulnerable to Denial of Service attacks"
},
{
"cve": "CVE-2022-40152",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-10-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2134291"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the FasterXML/woodstox package. This flaw allows an attacker to cause a denial of service (DoS) in its target via XML serialization. An attacker may benefit from the parser sending a malicious input that may cause a crash. This vulnerability is only relevant for users using the DTD parsing functionality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40152"
},
{
"category": "external",
"summary": "RHBZ#2134291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134291"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40152",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40152"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40152",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40152"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-3f7h-mf4q-vrm4",
"url": "https://github.com/advisories/GHSA-3f7h-mf4q-vrm4"
}
],
"release_date": "2022-09-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks"
},
{
"cve": "CVE-2022-40156",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-10-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2134288"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the XStream package. This flaw allows an attacker to cause a denial of service (DoS) in its target via XML serialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "xstream: Xstream to serialise XML data was vulnerable to Denial of Service attacks",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40156"
},
{
"category": "external",
"summary": "RHBZ#2134288",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134288"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40156",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40156"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40156",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40156"
}
],
"release_date": "2022-09-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "xstream: Xstream to serialise XML data was vulnerable to Denial of Service attacks"
},
{
"cve": "CVE-2022-41704",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2023-03-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2182182"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Batik.\u00a0This issue may allow a malicious user to run untrusted Java code from an SVG.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "batik: Apache XML Graphics Batik vulnerable to code execution via SVG",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41704"
},
{
"category": "external",
"summary": "RHBZ#2182182",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182182"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41704",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41704"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41704",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41704"
}
],
"release_date": "2022-10-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "batik: Apache XML Graphics Batik vulnerable to code execution via SVG"
},
{
"cve": "CVE-2022-41852",
"cwe": {
"id": "CWE-470",
"name": "Use of Externally-Controlled Input to Select Classes or Code (\u0027Unsafe Reflection\u0027)"
},
"discovery_date": "2022-10-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2136128"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Commons JXPath package. This flaw allows an attacker to use the interpreter to execute untrusted expressions and a remote code attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JXPath: untrusted XPath expressions may lead to RCE attack",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41852"
},
{
"category": "external",
"summary": "RHBZ#2136128",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136128"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41852",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41852"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41852",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41852"
}
],
"release_date": "2022-10-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "JXPath: untrusted XPath expressions may lead to RCE attack"
},
{
"cve": "CVE-2022-41853",
"cwe": {
"id": "CWE-470",
"name": "Use of Externally-Controlled Input to Select Classes or Code (\u0027Unsafe Reflection\u0027)"
},
"discovery_date": "2022-10-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2136141"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the HSQLDB package. This flaw allows untrusted inputs to execute remote code due to any static method of any Java class in the classpath, resulting in code execution by default.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hsqldb: Untrusted input may lead to RCE attack",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41853"
},
{
"category": "external",
"summary": "RHBZ#2136141",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136141"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41853",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41853"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41853",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41853"
},
{
"category": "external",
"summary": "http://hsqldb.org/doc/2.0/guide/sqlroutines-chapt.html#src_jrt_access_control",
"url": "http://hsqldb.org/doc/2.0/guide/sqlroutines-chapt.html#src_jrt_access_control"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-77xx-rxvh-q682",
"url": "https://github.com/advisories/GHSA-77xx-rxvh-q682"
}
],
"release_date": "2022-10-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
},
{
"category": "workaround",
"details": "By default, the static methods of any class that is on the classpath are available for use and can compromise security in some systems. The optional Java system property, hsqldb.method_class_names, allows preventing access to classes other than java.lang.Math or specifying a semicolon-separated list of allowed classes. A property value that ends with .* is treated as a wild card and allows access to all class or method names formed by substitution of the * (asterisk).\n\nIn the example below, the property has been included as an argument to the Java command.\n\n java -Dhsqldb.method_class_names=\"org.me.MyClass;org.you.YourClass;org.you.lib.*\" [the rest of the command line]\n\nThe above example allows access to the methods in the two classes: org.me.MyClass and org.you.YourClass together with all the classes in the org.you.lib package. Note that if the property is not defined, no access control is performed at this level.\n\nThe user who creates a Java routine must have the relevant access privileges on the tables that are used inside the Java method.\n\nOnce the routine has been defined, the normal database access control applies to its user. The routine can be executed only by those users who have been granted EXECUTE privileges on it. Access to routines can be granted to users with GRANT EXECUTE or GRANT ALL. For example, GRANT EXECUTE ON myroutine TO PUBLIC.\n\nIn hsqldb 2.7.1, all classes by default are not accessible, except those in java.lang.Math and need to be manually enabled.",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "hsqldb: Untrusted input may lead to RCE attack"
},
{
"cve": "CVE-2022-41854",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-12-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2151988"
}
],
"notes": [
{
"category": "description",
"text": "Those using Snakeyaml to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack overflow. This effect may support a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "dev-java/snakeyaml: DoS via stack overflow",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41854"
},
{
"category": "external",
"summary": "RHBZ#2151988",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2151988"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41854",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41854"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41854",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41854"
},
{
"category": "external",
"summary": "https://bitbucket.org/snakeyaml/snakeyaml/issues/543/stackoverflow-oss-fuzz-50355",
"url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/543/stackoverflow-oss-fuzz-50355"
},
{
"category": "external",
"summary": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50355",
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50355"
}
],
"release_date": "2022-11-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "dev-java/snakeyaml: DoS via stack overflow"
},
{
"cve": "CVE-2022-41881",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2022-12-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2153379"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in codec-haproxy from the Netty project. This flaw allows an attacker to build a malformed crafted message and cause infinite recursion, causing stack exhaustion and leading to a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "codec-haproxy: HAProxyMessageDecoder Stack Exhaustion DoS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41881"
},
{
"category": "external",
"summary": "RHBZ#2153379",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153379"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41881",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41881"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41881",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41881"
}
],
"release_date": "2022-12-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "codec-haproxy: HAProxyMessageDecoder Stack Exhaustion DoS"
},
{
"cve": "CVE-2022-41966",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2023-02-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2170431"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the xstream package. This flaw allows an attacker to cause a denial of service by injecting recursive collections or maps, raising a stack overflow.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "xstream: Denial of Service by injecting recursive collections or maps based on element\u0027s hash values raising a stack overflow",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Fuse 7 ships an affected version of XStream. No endpoint in any flavor of Fuse is accepting by default an unverified input stream passed directly to XStream unmarshaller. Documentation always recommend all the endpoints (TCP/UDP/HTTP(S)/other listeners) to have at least one layer of authentication/authorization and Fuse in general itself in particular has a lot of mechanisms to protect the endpoints.\n\nRed Hat Single Sign-On contains XStream as a transitive dependency from Infinispan and the same is not affected as NO_REFERENCE is in use.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41966"
},
{
"category": "external",
"summary": "RHBZ#2170431",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170431"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41966",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41966"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41966",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41966"
},
{
"category": "external",
"summary": "https://github.com/x-stream/xstream/security/advisories/GHSA-j563-grx4-pjpv",
"url": "https://github.com/x-stream/xstream/security/advisories/GHSA-j563-grx4-pjpv"
}
],
"release_date": "2022-12-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "xstream: Denial of Service by injecting recursive collections or maps based on element\u0027s hash values raising a stack overflow"
},
{
"cve": "CVE-2022-42003",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135244"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42003"
},
{
"category": "external",
"summary": "RHBZ#2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42003",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS"
},
{
"cve": "CVE-2022-42004",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135247"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: use of deeply nested arrays",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42004"
},
{
"category": "external",
"summary": "RHBZ#2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42004",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: use of deeply nested arrays"
},
{
"cve": "CVE-2022-42890",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2023-03-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2182183"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Batik of Apache XML Graphics. This issue may allow a malicious user to run Java code from untrusted SVG via JavaScript.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "batik: Untrusted code execution in Apache XML Graphics Batik",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42890"
},
{
"category": "external",
"summary": "RHBZ#2182183",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182183"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42890",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42890"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42890",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42890"
}
],
"release_date": "2022-10-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "batik: Untrusted code execution in Apache XML Graphics Batik"
},
{
"cve": "CVE-2023-1370",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2023-04-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2188542"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the json-smart package. This security flaw occurs when reaching a \u2018[\u2018 or \u2018{\u2018 character in the JSON input, and the code parses an array or an object, respectively. The 3PP does not have any limit to the nesting of such arrays or objects. Since nested arrays and objects are parsed recursively, nesting too many of them can cause stack exhaustion (stack overflow) and crash the software.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-1370"
},
{
"category": "external",
"summary": "RHBZ#2188542",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2188542"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-1370",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1370"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-1370",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1370"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-493p-pfq6-5258",
"url": "https://github.com/advisories/GHSA-493p-pfq6-5258"
},
{
"category": "external",
"summary": "https://research.jfrog.com/vulnerabilities/stack-exhaustion-in-json-smart-leads-to-denial-of-service-when-parsing-malformed-json-xray-427633/",
"url": "https://research.jfrog.com/vulnerabilities/stack-exhaustion-in-json-smart-leads-to-denial-of-service-when-parsing-malformed-json-xray-427633/"
}
],
"release_date": "2023-03-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion)"
},
{
"cve": "CVE-2023-1436",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2023-03-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2182788"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jettison. Infinite recursion is triggered in Jettison when constructing a JSONArray from a Collection that contains a self-reference in one of its elements. This issue leads to a StackOverflowError exception being thrown.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: Uncontrolled Recursion in JSONArray",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-1436"
},
{
"category": "external",
"summary": "RHBZ#2182788",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182788"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-1436",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1436"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-1436",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1436"
},
{
"category": "external",
"summary": "https://research.jfrog.com/vulnerabilities/jettison-json-array-dos-xray-427911/",
"url": "https://research.jfrog.com/vulnerabilities/jettison-json-array-dos-xray-427911/"
}
],
"release_date": "2023-03-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jettison: Uncontrolled Recursion in JSONArray"
},
{
"cve": "CVE-2023-20860",
"cwe": {
"id": "CWE-155",
"name": "Improper Neutralization of Wildcards or Matching Symbols"
},
"discovery_date": "2023-03-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2180528"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Spring Framework. In this vulnerability, a security bypass is possible due to the behavior of the wildcard pattern.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "springframework: Security Bypass With Un-Prefixed Double Wildcard Pattern",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-20860"
},
{
"category": "external",
"summary": "RHBZ#2180528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2180528"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-20860",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20860"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-20860",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-20860"
},
{
"category": "external",
"summary": "https://spring.io/blog/2023/03/20/spring-framework-6-0-7-and-5-3-26-fix-cve-2023-20860-and-cve-2023-20861",
"url": "https://spring.io/blog/2023/03/20/spring-framework-6-0-7-and-5-3-26-fix-cve-2023-20860-and-cve-2023-20861"
}
],
"release_date": "2023-03-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "springframework: Security Bypass With Un-Prefixed Double Wildcard Pattern"
},
{
"cve": "CVE-2023-20861",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2023-03-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2180530"
}
],
"notes": [
{
"category": "description",
"text": "A flaw found was found in Spring Framework. This flaw allows a malicious user to use a specially crafted SpEL expression that causes a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "springframework: Spring Expression DoS Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-20861"
},
{
"category": "external",
"summary": "RHBZ#2180530",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2180530"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-20861",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20861"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-20861",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-20861"
},
{
"category": "external",
"summary": "https://spring.io/blog/2023/03/20/spring-framework-6-0-7-and-5-3-26-fix-cve-2023-20860-and-cve-2023-20861",
"url": "https://spring.io/blog/2023/03/20/spring-framework-6-0-7-and-5-3-26-fix-cve-2023-20860-and-cve-2023-20861"
}
],
"release_date": "2023-03-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "springframework: Spring Expression DoS Vulnerability"
},
{
"cve": "CVE-2023-20863",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-04-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2187742"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Spring Framework. Certain versions of Spring Framework\u0027s Expression Language were not restricting the size of Spring Expressions. This could allow an attacker to craft a malicious Spring Expression to cause a denial of service on the server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "springframework: Spring Expression DoS Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-20863"
},
{
"category": "external",
"summary": "RHBZ#2187742",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187742"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-20863",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20863"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-20863",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-20863"
},
{
"category": "external",
"summary": "https://spring.io/security/cve-2023-20863",
"url": "https://spring.io/security/cve-2023-20863"
}
],
"release_date": "2023-04-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "springframework: Spring Expression DoS Vulnerability"
},
{
"cve": "CVE-2023-22602",
"cwe": {
"id": "CWE-436",
"name": "Interpretation Conflict"
},
"discovery_date": "2023-03-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2182198"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Shiro. This issue may allow a malicious user to send a specially crafted HTTP request that could cause an authentication bypass.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "shiro: Authentication bypass through a specially crafted HTTP request",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-22602"
},
{
"category": "external",
"summary": "RHBZ#2182198",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182198"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-22602",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22602"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-22602",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-22602"
}
],
"release_date": "2023-01-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "shiro: Authentication bypass through a specially crafted HTTP request"
},
{
"cve": "CVE-2023-24998",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2023-02-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2172298"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Commons FileUpload, where it does not limit the number of parts being processed in a request. This issue may allow an attacker to use a malicious upload or series of uploads to trigger a denial of service.\r\n\r\nWhile Red Hat Satellite relies upon Apache Tomcat, it does not directly ship it. Tomcat is shipped with Red Hat Enterprise Linux and consumed by the Candlepin component of Satellite. Red Hat Satellite users are therefore advised to check the impact state of Red Hat Enterprise Linux, since any necessary fixes will be distributed through the platform.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "FileUpload: FileUpload DoS with excessive parts",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-24998"
},
{
"category": "external",
"summary": "RHBZ#2172298",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2172298"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-24998",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24998"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-24998",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24998"
},
{
"category": "external",
"summary": "https://commons.apache.org/proper/commons-fileupload/security-reports.html#Fixed_in_Apache_Commons_FileUpload_1.5",
"url": "https://commons.apache.org/proper/commons-fileupload/security-reports.html#Fixed_in_Apache_Commons_FileUpload_1.5"
}
],
"release_date": "2023-02-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "FileUpload: FileUpload DoS with excessive parts"
}
]
}
RHSA-2023:0560
Vulnerability from csaf_redhat - Published: 2023-02-08 18:41 - Updated: 2026-04-01 18:42Summary
Red Hat Security Advisory: OpenShift Container Platform 4.10.51 security update
Severity
Critical
Notes
Topic: Red Hat OpenShift Container Platform release 4.10.51 is now available with updates to packages and images that fix several bugs and add enhancements.
Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
Security Fix(es):
* jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins
Script Security Plugin (CVE-2022-43401)
* jenkins-plugin/workflow-cps: Sandbox bypass vulnerabilities in Pipeline:
Groovy Plugin (CVE-2022-43402)
* jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins
Script Security Plugin (CVE-2022-43403)
* jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins
Script Security Plugin (CVE-2022-43404)
* jenkins-plugin/pipeline-groovy-lib: Sandbox bypass vulnerability in
Pipeline: Groovy Libraries Plugin (CVE-2022-43405)
* jenkins-plugin/workflow-cps-global-lib: Sandbox bypass vulnerability in
Pipeline: Deprecated Groovy Libraries Plugin (CVE-2022-43406)
* google-oauth-client: missing PKCE support in accordance with the RFC for
OAuth 2.0 for Native Apps can lead to improper authorization
(CVE-2020-7692)
* snakeyaml: Denial of Service due to missing nested depth limitation for
collections (CVE-2022-25857)
* jenkins-plugin/pipeline-input-step: CSRF protection for any URL can be
bypassed in Pipeline: Input Step Plugin (CVE-2022-43407)
* mina-sshd: Java unsafe deserialization vulnerability (CVE-2022-45047)
* jenkins-plugin/script-security: Whole-script approval in Script Security
Plugin vulnerable to SHA-1 collisions (CVE-2022-45379)
* jenkins-plugin/JUnit: Stored XSS vulnerability in JUnit Plugin
(CVE-2022-45380)
* jenkins-plugin/pipeline-utility-steps: Arbitrary file read vulnerability
in Pipeline Utility Steps Plugin (CVE-2022-45381)
* Jenkins plugin: CSRF vulnerability in Script Security Plugin
(CVE-2022-30946)
* Jenkins plugin: User-scoped credentials exposed to other users by
Pipeline SCM API for Blue Ocean Plugin (CVE-2022-30952)
* Jenkins plugin: CSRF vulnerability in Blue Ocean Plugin (CVE-2022-30953)
* Jenkins plugin: missing permission checks in Blue Ocean Plugin
(CVE-2022-30954)
* jenkins-plugin: Cross-site Request Forgery (CSRF) in
org.jenkins-ci.plugins:git (CVE-2022-36882)
* jenkins plugin: Lack of authentication mechanism in Git Plugin webhook
(CVE-2022-36883)
* jenkins plugin: Lack of authentication mechanism in Git Plugin webhook
(CVE-2022-36884)
* jenkins plugin: Non-constant time webhook signature comparison in GitHub
Plugin (CVE-2022-36885)
* jenkins-plugin/pipeline-stage-view: CSRF protection for any URL can be
bypassed in Pipeline: Stage View Plugin (CVE-2022-43408)
* jenkins-plugin/workflow-support: Stored XSS vulnerability in Pipeline:
Supporting APIs Plugin (CVE-2022-43409)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
PKCE support is not implemented in accordance with the RFC for OAuth 2.0 for Native Apps. Without the use of PKCE, the authorization code returned by an authorization server is not enough to guarantee that the client that issued the initial authorization request is the one that will be authorized. An attacker is able to obtain the authorization code using a malicious app on the client-side and use it to gain authorization to the protected resource. This affects the package com.google.oauth-client:google-oauth-client before 1.31.0.
7.4 (High)
Vendor Fix
For OpenShift Container Platform 4.10 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:0560
A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.
7.5 (High)
Vendor Fix
For OpenShift Container Platform 4.10 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:0560
A cross-site request forgery (CSRF) vulnerability in Jenkins Script Security Plugin 1158.v7c1b_73a_69a_08 and earlier allows attackers to have Jenkins send an HTTP request to an attacker-specified webserver.
4.3 (Medium)
Vendor Fix
For OpenShift Container Platform 4.10 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:0560
Jenkins Pipeline SCM API for Blue Ocean Plugin 1.25.3 and earlier allows attackers with Job/Configure permission to access credentials with attacker-specified IDs stored in the private per-user credentials stores of any attacker-specified user in Jenkins.
6.5 (Medium)
Vendor Fix
For OpenShift Container Platform 4.10 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:0560
A cross-site request forgery (CSRF) vulnerability in Jenkins Blue Ocean Plugin 1.25.3 and earlier allows attackers to connect to an attacker-specified HTTP server.
6.5 (Medium)
Vendor Fix
For OpenShift Container Platform 4.10 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:0560
Jenkins Blue Ocean Plugin 1.25.3 and earlier does not perform a permission check in several HTTP endpoints, allowing attackers with Overall/Read permission to connect to an attacker-specified HTTP server.
6.5 (Medium)
Vendor Fix
For OpenShift Container Platform 4.10 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:0560
A flaw was found in the Git Jenkins plugin. The affected versions of the Git Jenkins Plugin allow attackers to trigger the builds of jobs configured to use an attacker-specified Git repository and to cause them to check out an attacker-specified commit.
8.8 (High)
Vendor Fix
For OpenShift Container Platform 4.10 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:0560
A missing permission check in Jenkins Git Plugin 4.11.3 and earlier allows unauthenticated attackers to trigger builds of jobs configured to use an attacker-specified Git repository and to cause them to check out an attacker-specified commit.
7.5 (High)
Vendor Fix
For OpenShift Container Platform 4.10 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:0560
The webhook endpoint in Jenkins Git Plugin 4.11.3 and earlier provide unauthenticated attackers information about the existence of jobs configured to use an attacker-specified Git repository.
5.3 (Medium)
Vendor Fix
For OpenShift Container Platform 4.10 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:0560
Jenkins GitHub Plugin 1.34.4 and earlier uses a non-constant time comparison function when checking whether the provided and computed webhook signatures are equal, allowing attackers to use statistical methods to obtain a valid webhook signature.
5.3 (Medium)
Vendor Fix
For OpenShift Container Platform 4.10 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:0560
A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and confidentiality of Jenkins.
9.9 (Critical)
Vendor Fix
For OpenShift Container Platform 4.10 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:0560
A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and confidentiality of Jenkins.
9.9 (Critical)
Vendor Fix
For OpenShift Container Platform 4.10 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:0560
A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and confidentiality of Jenkins.
9.9 (Critical)
Vendor Fix
For OpenShift Container Platform 4.10 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:0560
A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and confidentiality of Jenkins.
9.9 (Critical)
Vendor Fix
For OpenShift Container Platform 4.10 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:0560
A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and confidentiality of Jenkins.
9.9 (Critical)
Vendor Fix
For OpenShift Container Platform 4.10 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:0560
A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and confidentiality of Jenkins.
9.9 (Critical)
Vendor Fix
For OpenShift Container Platform 4.10 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:0560
A cross-site request forgery (CSRF) vulnerability was found in a Jenkins plugin. This issue may allow an unauthenticated attacker to access Jenkins builds, bypassing CSRF protections. This could compromise the integrity, availability, and confidentiality of Jenkins.
8.8 (High)
Vendor Fix
For OpenShift Container Platform 4.10 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:0560
A Cross-site request forgery (CSRF) vulnerability was found in a Jenkins plugin. This issue may allow an authenticated attacker to access Jenkins builds, bypassing CSRF protections.
5.7 (Medium)
Vendor Fix
For OpenShift Container Platform 4.10 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:0560
A Cross-site scripting (XSS) vulnerability was found in a Jenkins plugin. This issue may allow an authenticated remote attacker to create Pipelines.
5.4 (Medium)
Vendor Fix
For OpenShift Container Platform 4.10 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:0560
A flaw was found in Apache MINA SSHD, when using Java deserialization to load a serialized java.security.PrivateKey. An attacker could benefit from unsafe deserialization by inserting unsecured data that may affect the application or server.
9.8 (Critical)
Vendor Fix
For OpenShift Container Platform 4.10 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:0560
Workaround
From the maintainer:
For Apache MINA SSHD <= 2.9.1, do not use org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to generate and later load your server's host key. Use separately generated host key files, for instance in OpenSSH format, and load them via a org.apache.sshd.common.keyprovider.FileKeyPairProvider instead. Or use a custom implementation instead of
SimpleGeneratorHostKeyProvider that uses the OpenSSH format for storing and loading the host key (via classes OpenSSHKeyPairResourceWriter and OpenSSHKeyPairResourceParser).
A flaw was found in the script-security Jenkins Plugin. SHA-1 no longer meets the security standards for producing a cryptographically secure message digest. The affected version of the script-security Plugin stores whole-script approvals as the SHA-1 hash of the approved script.
8.0 (High)
Vendor Fix
For OpenShift Container Platform 4.10 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:0560
A flaw was found in the JUnit Jenkins Plugin. The affected version of the JUnit plugin converts HTTP(S) URLs in test report output to clickable links, which leads to a stored Cross-site scripting (XSS) attack.
8.0 (High)
Vendor Fix
For OpenShift Container Platform 4.10 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:0560
A flaw was found in the Pipeline Utility Steps Jenkins Plugin. The affected version of the Pipeline Utility Steps Plugin does not restrict the set of enabled prefix interpolators and bundles versions of this library that enable the file: prefix interpolator by default. This flaw allows attackers who can configure Pipelines to read arbitrary files from the Jenkins controller file system.
8.1 (High)
Vendor Fix
For OpenShift Container Platform 4.10 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:0560
References
| URL | Category | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Container Platform release 4.10.51 is now available with updates to packages and images that fix several bugs and add enhancements.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.\n\nSecurity Fix(es):\n\n* jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins\nScript Security Plugin (CVE-2022-43401)\n* jenkins-plugin/workflow-cps: Sandbox bypass vulnerabilities in Pipeline:\nGroovy Plugin (CVE-2022-43402)\n* jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins\nScript Security Plugin (CVE-2022-43403)\n* jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins\nScript Security Plugin (CVE-2022-43404)\n* jenkins-plugin/pipeline-groovy-lib: Sandbox bypass vulnerability in\nPipeline: Groovy Libraries Plugin (CVE-2022-43405)\n* jenkins-plugin/workflow-cps-global-lib: Sandbox bypass vulnerability in\nPipeline: Deprecated Groovy Libraries Plugin (CVE-2022-43406)\n* google-oauth-client: missing PKCE support in accordance with the RFC for\nOAuth 2.0 for Native Apps can lead to improper authorization\n(CVE-2020-7692)\n* snakeyaml: Denial of Service due to missing nested depth limitation for\ncollections (CVE-2022-25857)\n* jenkins-plugin/pipeline-input-step: CSRF protection for any URL can be\nbypassed in Pipeline: Input Step Plugin (CVE-2022-43407)\n* mina-sshd: Java unsafe deserialization vulnerability (CVE-2022-45047)\n* jenkins-plugin/script-security: Whole-script approval in Script Security\nPlugin vulnerable to SHA-1 collisions (CVE-2022-45379)\n* jenkins-plugin/JUnit: Stored XSS vulnerability in JUnit Plugin\n(CVE-2022-45380)\n* jenkins-plugin/pipeline-utility-steps: Arbitrary file read vulnerability\nin Pipeline Utility Steps Plugin (CVE-2022-45381)\n* Jenkins plugin: CSRF vulnerability in Script Security Plugin\n(CVE-2022-30946)\n* Jenkins plugin: User-scoped credentials exposed to other users by\nPipeline SCM API for Blue Ocean Plugin (CVE-2022-30952)\n* Jenkins plugin: CSRF vulnerability in Blue Ocean Plugin (CVE-2022-30953)\n* Jenkins plugin: missing permission checks in Blue Ocean Plugin\n(CVE-2022-30954)\n* jenkins-plugin: Cross-site Request Forgery (CSRF) in\norg.jenkins-ci.plugins:git (CVE-2022-36882)\n* jenkins plugin: Lack of authentication mechanism in Git Plugin webhook\n(CVE-2022-36883)\n* jenkins plugin: Lack of authentication mechanism in Git Plugin webhook\n(CVE-2022-36884)\n* jenkins plugin: Non-constant time webhook signature comparison in GitHub\nPlugin (CVE-2022-36885)\n* jenkins-plugin/pipeline-stage-view: CSRF protection for any URL can be\nbypassed in Pipeline: Stage View Plugin (CVE-2022-43408)\n* jenkins-plugin/workflow-support: Stored XSS vulnerability in Pipeline:\nSupporting APIs Plugin (CVE-2022-43409)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:0560",
"url": "https://access.redhat.com/errata/RHSA-2023:0560"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "1856376",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1856376"
},
{
"category": "external",
"summary": "2116840",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2116840"
},
{
"category": "external",
"summary": "2119643",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119643"
},
{
"category": "external",
"summary": "2119645",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119645"
},
{
"category": "external",
"summary": "2119646",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119646"
},
{
"category": "external",
"summary": "2119647",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119647"
},
{
"category": "external",
"summary": "2119656",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119656"
},
{
"category": "external",
"summary": "2119657",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119657"
},
{
"category": "external",
"summary": "2119658",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119658"
},
{
"category": "external",
"summary": "2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "2136370",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136370"
},
{
"category": "external",
"summary": "2136374",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136374"
},
{
"category": "external",
"summary": "2136379",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136379"
},
{
"category": "external",
"summary": "2136381",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136381"
},
{
"category": "external",
"summary": "2136382",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136382"
},
{
"category": "external",
"summary": "2136383",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136383"
},
{
"category": "external",
"summary": "2136386",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136386"
},
{
"category": "external",
"summary": "2136388",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136388"
},
{
"category": "external",
"summary": "2136391",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136391"
},
{
"category": "external",
"summary": "2143086",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143086"
},
{
"category": "external",
"summary": "2143089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143089"
},
{
"category": "external",
"summary": "2143090",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143090"
},
{
"category": "external",
"summary": "2145194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_0560.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Container Platform 4.10.51 security update",
"tracking": {
"current_release_date": "2026-04-01T18:42:59+00:00",
"generator": {
"date": "2026-04-01T18:42:59+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.4"
}
},
"id": "RHSA-2023:0560",
"initial_release_date": "2023-02-08T18:41:32+00:00",
"revision_history": [
{
"date": "2023-02-08T18:41:32+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-02-08T18:41:32+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-01T18:42:59+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.10",
"product": {
"name": "Red Hat OpenShift Container Platform 4.10",
"product_id": "7Server-RH7-RHOSE-4.10",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.10::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.10",
"product": {
"name": "Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.10::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.src",
"product": {
"name": "cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.src",
"product_id": "cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o@1.23.5-5.rhaos4.10.gitd9dec98.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.src",
"product": {
"name": "cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.src",
"product_id": "cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o@1.23.5-5.rhaos4.10.gitd9dec98.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "jenkins-2-plugins-0:4.10.1675144701-1.el8.src",
"product": {
"name": "jenkins-2-plugins-0:4.10.1675144701-1.el8.src",
"product_id": "jenkins-2-plugins-0:4.10.1675144701-1.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins-2-plugins@4.10.1675144701-1.el8?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"product": {
"name": "cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"product_id": "cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o@1.23.5-5.rhaos4.10.gitd9dec98.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"product": {
"name": "cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"product_id": "cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debuginfo@1.23.5-5.rhaos4.10.gitd9dec98.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"product": {
"name": "cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"product_id": "cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o@1.23.5-5.rhaos4.10.gitd9dec98.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"product": {
"name": "cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"product_id": "cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debugsource@1.23.5-5.rhaos4.10.gitd9dec98.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"product": {
"name": "cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"product_id": "cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debuginfo@1.23.5-5.rhaos4.10.gitd9dec98.el8?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"product": {
"name": "cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"product_id": "cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o@1.23.5-5.rhaos4.10.gitd9dec98.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"product": {
"name": "cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"product_id": "cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debugsource@1.23.5-5.rhaos4.10.gitd9dec98.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"product": {
"name": "cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"product_id": "cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debuginfo@1.23.5-5.rhaos4.10.gitd9dec98.el8?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"product": {
"name": "cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"product_id": "cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o@1.23.5-5.rhaos4.10.gitd9dec98.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"product": {
"name": "cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"product_id": "cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debugsource@1.23.5-5.rhaos4.10.gitd9dec98.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"product": {
"name": "cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"product_id": "cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debuginfo@1.23.5-5.rhaos4.10.gitd9dec98.el8?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"product": {
"name": "cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"product_id": "cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o@1.23.5-5.rhaos4.10.gitd9dec98.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"product": {
"name": "cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"product_id": "cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debugsource@1.23.5-5.rhaos4.10.gitd9dec98.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"product": {
"name": "cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"product_id": "cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debuginfo@1.23.5-5.rhaos4.10.gitd9dec98.el8?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "jenkins-2-plugins-0:4.10.1675144701-1.el8.noarch",
"product": {
"name": "jenkins-2-plugins-0:4.10.1675144701-1.el8.noarch",
"product_id": "jenkins-2-plugins-0:4.10.1675144701-1.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins-2-plugins@4.10.1675144701-1.el8?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.src as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.src"
},
"product_reference": "cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64"
},
"product_reference": "cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64"
},
"product_reference": "cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64"
},
"product_reference": "cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le"
},
"product_reference": "cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x"
},
"product_reference": "cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.src as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.src"
},
"product_reference": "cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64"
},
"product_reference": "cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64"
},
"product_reference": "cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le"
},
"product_reference": "cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x"
},
"product_reference": "cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64"
},
"product_reference": "cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64"
},
"product_reference": "cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le"
},
"product_reference": "cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x"
},
"product_reference": "cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64"
},
"product_reference": "cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-2-plugins-0:4.10.1675144701-1.el8.noarch as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.noarch"
},
"product_reference": "jenkins-2-plugins-0:4.10.1675144701-1.el8.noarch",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-2-plugins-0:4.10.1675144701-1.el8.src as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.src"
},
"product_reference": "jenkins-2-plugins-0:4.10.1675144701-1.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.10"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-7692",
"cwe": {
"id": "CWE-306",
"name": "Missing Authentication for Critical Function"
},
"discovery_date": "2020-07-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1856376"
}
],
"notes": [
{
"category": "description",
"text": "PKCE support is not implemented in accordance with the RFC for OAuth 2.0 for Native Apps. Without the use of PKCE, the authorization code returned by an authorization server is not enough to guarantee that the client that issued the initial authorization request is the one that will be authorized. An attacker is able to obtain the authorization code using a malicious app on the client-side and use it to gain authorization to the protected resource. This affects the package com.google.oauth-client:google-oauth-client before 1.31.0.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "google-oauth-client: missing PKCE support in accordance with the RFC for OAuth 2.0 for Native Apps can lead to improper authorization",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.src"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-7692"
},
{
"category": "external",
"summary": "RHBZ#1856376",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1856376"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-7692",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7692"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-7692",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7692"
}
],
"release_date": "2020-07-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-08T18:41:32+00:00",
"details": "For OpenShift Container Platform 4.10 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html\n\nBefore applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0560"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "google-oauth-client: missing PKCE support in accordance with the RFC for OAuth 2.0 for Native Apps can lead to improper authorization"
},
{
"cve": "CVE-2022-25857",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-09-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2126789"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Denial of Service due to missing nested depth limitation for collections",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For RHEL-8 it\u0027s downgraded to moderate because \"snakeyaml\" itself in RHEL 8 or RHEL-9 isn\u0027t shipped and \"prometheus-jmx-exporter\" is needed as build dependency. And it\u0027s not directly exploitable, hence severity marked as moderate.\nRed Hat Integration and AMQ products are not vulnerable to this flaw, so their severity has been lowered to moderate.\nRed Hat Single Sign-On uses snakeyaml from liquibase-core and is only used when performing migrations and would require administrator privileges to execute, hence severity marked as Low.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be present soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.src"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25857"
},
{
"category": "external",
"summary": "RHBZ#2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25857",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25857"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857"
},
{
"category": "external",
"summary": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525",
"url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525"
}
],
"release_date": "2022-08-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-08T18:41:32+00:00",
"details": "For OpenShift Container Platform 4.10 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html\n\nBefore applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0560"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "snakeyaml: Denial of Service due to missing nested depth limitation for collections"
},
{
"cve": "CVE-2022-30946",
"cwe": {
"id": "CWE-352",
"name": "Cross-Site Request Forgery (CSRF)"
},
"discovery_date": "2022-08-19T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2119643"
}
],
"notes": [
{
"category": "description",
"text": "A cross-site request forgery (CSRF) vulnerability in Jenkins Script Security Plugin 1158.v7c1b_73a_69a_08 and earlier allows attackers to have Jenkins send an HTTP request to an attacker-specified webserver.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "plugin: CSRF vulnerability in Script Security Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.src"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-30946"
},
{
"category": "external",
"summary": "RHBZ#2119643",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119643"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-30946",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30946"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-30946",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30946"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-05-17/#SECURITY-2116",
"url": "https://www.jenkins.io/security/advisory/2022-05-17/#SECURITY-2116"
}
],
"release_date": "2022-05-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-08T18:41:32+00:00",
"details": "For OpenShift Container Platform 4.10 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html\n\nBefore applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0560"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "plugin: CSRF vulnerability in Script Security Plugin"
},
{
"cve": "CVE-2022-30952",
"cwe": {
"id": "CWE-1220",
"name": "Insufficient Granularity of Access Control"
},
"discovery_date": "2022-08-19T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2119645"
}
],
"notes": [
{
"category": "description",
"text": "Jenkins Pipeline SCM API for Blue Ocean Plugin 1.25.3 and earlier allows attackers with Job/Configure permission to access credentials with attacker-specified IDs stored in the private per-user credentials stores of any attacker-specified user in Jenkins.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "plugin: User-scoped credentials exposed to other users by Pipeline SCM API for Blue Ocean Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.src"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-30952"
},
{
"category": "external",
"summary": "RHBZ#2119645",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119645"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-30952",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30952"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-30952",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30952"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-05-17/#SECURITY-714",
"url": "https://www.jenkins.io/security/advisory/2022-05-17/#SECURITY-714"
}
],
"release_date": "2022-05-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-08T18:41:32+00:00",
"details": "For OpenShift Container Platform 4.10 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html\n\nBefore applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0560"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "plugin: User-scoped credentials exposed to other users by Pipeline SCM API for Blue Ocean Plugin"
},
{
"cve": "CVE-2022-30953",
"cwe": {
"id": "CWE-352",
"name": "Cross-Site Request Forgery (CSRF)"
},
"discovery_date": "2022-08-19T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2119646"
}
],
"notes": [
{
"category": "description",
"text": "A cross-site request forgery (CSRF) vulnerability in Jenkins Blue Ocean Plugin 1.25.3 and earlier allows attackers to connect to an attacker-specified HTTP server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "plugin: CSRF vulnerability in Blue Ocean Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.src"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-30953"
},
{
"category": "external",
"summary": "RHBZ#2119646",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119646"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-30953",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30953"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-30953",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30953"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-05-17/#SECURITY-2502",
"url": "https://www.jenkins.io/security/advisory/2022-05-17/#SECURITY-2502"
}
],
"release_date": "2022-05-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-08T18:41:32+00:00",
"details": "For OpenShift Container Platform 4.10 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html\n\nBefore applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0560"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "plugin: CSRF vulnerability in Blue Ocean Plugin"
},
{
"cve": "CVE-2022-30954",
"cwe": {
"id": "CWE-862",
"name": "Missing Authorization"
},
"discovery_date": "2022-08-19T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2119647"
}
],
"notes": [
{
"category": "description",
"text": "Jenkins Blue Ocean Plugin 1.25.3 and earlier does not perform a permission check in several HTTP endpoints, allowing attackers with Overall/Read permission to connect to an attacker-specified HTTP server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "plugin: missing permission checks in Blue Ocean Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.src"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-30954"
},
{
"category": "external",
"summary": "RHBZ#2119647",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119647"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-30954",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30954"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-30954",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30954"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-05-17/#SECURITY-2502",
"url": "https://www.jenkins.io/security/advisory/2022-05-17/#SECURITY-2502"
}
],
"release_date": "2022-05-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-08T18:41:32+00:00",
"details": "For OpenShift Container Platform 4.10 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html\n\nBefore applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0560"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "plugin: missing permission checks in Blue Ocean Plugin"
},
{
"cve": "CVE-2022-36882",
"cwe": {
"id": "CWE-352",
"name": "Cross-Site Request Forgery (CSRF)"
},
"discovery_date": "2022-08-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2116840"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Git Jenkins plugin. The affected versions of the Git Jenkins Plugin allow attackers to trigger the builds of jobs configured to use an attacker-specified Git repository and to cause them to check out an attacker-specified commit.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin: Cross-site Request Forgery (CSRF) in org.jenkins-ci.plugins:git",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.src"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-36882"
},
{
"category": "external",
"summary": "RHBZ#2116840",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2116840"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-36882",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36882"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-36882",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-36882"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-284",
"url": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-284"
}
],
"release_date": "2022-08-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-08T18:41:32+00:00",
"details": "For OpenShift Container Platform 4.10 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html\n\nBefore applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0560"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins-plugin: Cross-site Request Forgery (CSRF) in org.jenkins-ci.plugins:git"
},
{
"cve": "CVE-2022-36883",
"cwe": {
"id": "CWE-862",
"name": "Missing Authorization"
},
"discovery_date": "2022-08-19T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2119656"
}
],
"notes": [
{
"category": "description",
"text": "A missing permission check in Jenkins Git Plugin 4.11.3 and earlier allows unauthenticated attackers to trigger builds of jobs configured to use an attacker-specified Git repository and to cause them to check out an attacker-specified commit.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "plugin: Lack of authentication mechanism in Git Plugin webhook",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.src"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-36883"
},
{
"category": "external",
"summary": "RHBZ#2119656",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119656"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-36883",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36883"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-36883",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-36883"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-284",
"url": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-284"
}
],
"release_date": "2022-07-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-08T18:41:32+00:00",
"details": "For OpenShift Container Platform 4.10 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html\n\nBefore applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0560"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "plugin: Lack of authentication mechanism in Git Plugin webhook"
},
{
"cve": "CVE-2022-36884",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2022-08-19T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2119657"
}
],
"notes": [
{
"category": "description",
"text": "The webhook endpoint in Jenkins Git Plugin 4.11.3 and earlier provide unauthenticated attackers information about the existence of jobs configured to use an attacker-specified Git repository.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "plugin: Lack of authentication mechanism in Git Plugin webhook",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.src"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-36884"
},
{
"category": "external",
"summary": "RHBZ#2119657",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119657"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-36884",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36884"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-36884",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-36884"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-284",
"url": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-284"
}
],
"release_date": "2022-07-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-08T18:41:32+00:00",
"details": "For OpenShift Container Platform 4.10 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html\n\nBefore applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0560"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "plugin: Lack of authentication mechanism in Git Plugin webhook"
},
{
"cve": "CVE-2022-36885",
"cwe": {
"id": "CWE-208",
"name": "Observable Timing Discrepancy"
},
"discovery_date": "2022-08-19T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2119658"
}
],
"notes": [
{
"category": "description",
"text": "Jenkins GitHub Plugin 1.34.4 and earlier uses a non-constant time comparison function when checking whether the provided and computed webhook signatures are equal, allowing attackers to use statistical methods to obtain a valid webhook signature.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "plugin: Non-constant time webhook signature comparison in GitHub Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.src"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-36885"
},
{
"category": "external",
"summary": "RHBZ#2119658",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119658"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-36885",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36885"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-36885",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-36885"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-1849",
"url": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-1849"
}
],
"release_date": "2022-07-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-08T18:41:32+00:00",
"details": "For OpenShift Container Platform 4.10 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html\n\nBefore applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0560"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "plugin: Non-constant time webhook signature comparison in GitHub Plugin"
},
{
"cve": "CVE-2022-43401",
"cwe": {
"id": "CWE-693",
"name": "Protection Mechanism Failure"
},
"discovery_date": "2022-10-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2136381"
}
],
"notes": [
{
"category": "description",
"text": "A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and confidentiality of Jenkins.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.src"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-43401"
},
{
"category": "external",
"summary": "RHBZ#2136381",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136381"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-43401",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43401"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43401",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43401"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(1)",
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(1)"
}
],
"release_date": "2022-10-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-08T18:41:32+00:00",
"details": "For OpenShift Container Platform 4.10 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html\n\nBefore applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0560"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin"
},
{
"cve": "CVE-2022-43402",
"cwe": {
"id": "CWE-693",
"name": "Protection Mechanism Failure"
},
"discovery_date": "2022-10-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2136379"
}
],
"notes": [
{
"category": "description",
"text": "A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and confidentiality of Jenkins.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin/workflow-cps: Sandbox bypass vulnerabilities in Pipeline: Groovy Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.src"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-43402"
},
{
"category": "external",
"summary": "RHBZ#2136379",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136379"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-43402",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43402"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43402",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43402"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(1)",
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(1)"
}
],
"release_date": "2022-10-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-08T18:41:32+00:00",
"details": "For OpenShift Container Platform 4.10 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html\n\nBefore applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0560"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "jenkins-plugin/workflow-cps: Sandbox bypass vulnerabilities in Pipeline: Groovy Plugin"
},
{
"cve": "CVE-2022-43403",
"cwe": {
"id": "CWE-693",
"name": "Protection Mechanism Failure"
},
"discovery_date": "2022-10-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2136382"
}
],
"notes": [
{
"category": "description",
"text": "A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and confidentiality of Jenkins.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.src"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-43403"
},
{
"category": "external",
"summary": "RHBZ#2136382",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136382"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-43403",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43403"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43403",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43403"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(1)",
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(1)"
}
],
"release_date": "2022-10-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-08T18:41:32+00:00",
"details": "For OpenShift Container Platform 4.10 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html\n\nBefore applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0560"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin"
},
{
"cve": "CVE-2022-43404",
"cwe": {
"id": "CWE-693",
"name": "Protection Mechanism Failure"
},
"discovery_date": "2022-10-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2136383"
}
],
"notes": [
{
"category": "description",
"text": "A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and confidentiality of Jenkins.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.src"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-43404"
},
{
"category": "external",
"summary": "RHBZ#2136383",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136383"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-43404",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43404"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43404",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43404"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(1)",
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(1)"
}
],
"release_date": "2022-10-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-08T18:41:32+00:00",
"details": "For OpenShift Container Platform 4.10 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html\n\nBefore applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0560"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin"
},
{
"cve": "CVE-2022-43405",
"cwe": {
"id": "CWE-693",
"name": "Protection Mechanism Failure"
},
"discovery_date": "2022-10-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2136374"
}
],
"notes": [
{
"category": "description",
"text": "A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and confidentiality of Jenkins.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin/pipeline-groovy-lib: Sandbox bypass vulnerability in Pipeline: Groovy Libraries Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.src"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-43405"
},
{
"category": "external",
"summary": "RHBZ#2136374",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136374"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-43405",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43405"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43405",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43405"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(2)",
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(2)"
}
],
"release_date": "2022-10-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-08T18:41:32+00:00",
"details": "For OpenShift Container Platform 4.10 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html\n\nBefore applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0560"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "jenkins-plugin/pipeline-groovy-lib: Sandbox bypass vulnerability in Pipeline: Groovy Libraries Plugin"
},
{
"cve": "CVE-2022-43406",
"cwe": {
"id": "CWE-693",
"name": "Protection Mechanism Failure"
},
"discovery_date": "2022-10-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2136370"
}
],
"notes": [
{
"category": "description",
"text": "A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and confidentiality of Jenkins.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin/workflow-cps-global-lib: Sandbox bypass vulnerability in Pipeline: Deprecated Groovy Libraries Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.src"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-43406"
},
{
"category": "external",
"summary": "RHBZ#2136370",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136370"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-43406",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43406"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43406",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43406"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(2)",
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(2)"
}
],
"release_date": "2022-10-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-08T18:41:32+00:00",
"details": "For OpenShift Container Platform 4.10 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html\n\nBefore applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0560"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "jenkins-plugin/workflow-cps-global-lib: Sandbox bypass vulnerability in Pipeline: Deprecated Groovy Libraries Plugin"
},
{
"cve": "CVE-2022-43407",
"cwe": {
"id": "CWE-838",
"name": "Inappropriate Encoding for Output Context"
},
"discovery_date": "2022-10-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2136386"
}
],
"notes": [
{
"category": "description",
"text": "A cross-site request forgery (CSRF) vulnerability was found in a Jenkins plugin. This issue may allow an unauthenticated attacker to access Jenkins builds, bypassing CSRF protections. This could compromise the integrity, availability, and confidentiality of Jenkins.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin/pipeline-input-step: CSRF protection for any URL can be bypassed in Pipeline: Input Step Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.src"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-43407"
},
{
"category": "external",
"summary": "RHBZ#2136386",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136386"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-43407",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43407"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43407",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43407"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2880",
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2880"
}
],
"release_date": "2022-10-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-08T18:41:32+00:00",
"details": "For OpenShift Container Platform 4.10 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html\n\nBefore applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0560"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jenkins-plugin/pipeline-input-step: CSRF protection for any URL can be bypassed in Pipeline: Input Step Plugin"
},
{
"cve": "CVE-2022-43408",
"cwe": {
"id": "CWE-838",
"name": "Inappropriate Encoding for Output Context"
},
"discovery_date": "2022-10-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2136388"
}
],
"notes": [
{
"category": "description",
"text": "A Cross-site request forgery (CSRF) vulnerability was found in a Jenkins plugin. This issue may allow an authenticated attacker to access Jenkins builds, bypassing CSRF protections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin/pipeline-stage-view: CSRF protection for any URL can be bypassed in Pipeline: Stage View Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.src"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-43408"
},
{
"category": "external",
"summary": "RHBZ#2136388",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136388"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-43408",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43408"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43408",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43408"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2828",
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2828"
}
],
"release_date": "2022-10-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-08T18:41:32+00:00",
"details": "For OpenShift Container Platform 4.10 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html\n\nBefore applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0560"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins-plugin/pipeline-stage-view: CSRF protection for any URL can be bypassed in Pipeline: Stage View Plugin"
},
{
"cve": "CVE-2022-43409",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2022-10-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2136391"
}
],
"notes": [
{
"category": "description",
"text": "A Cross-site scripting (XSS) vulnerability was found in a Jenkins plugin. This issue may allow an authenticated remote attacker to create Pipelines.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin/workflow-support: Stored XSS vulnerability in Pipeline: Supporting APIs Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.src"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-43409"
},
{
"category": "external",
"summary": "RHBZ#2136391",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136391"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-43409",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43409"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43409",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43409"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2881",
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2881"
}
],
"release_date": "2022-10-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-08T18:41:32+00:00",
"details": "For OpenShift Container Platform 4.10 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html\n\nBefore applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0560"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins-plugin/workflow-support: Stored XSS vulnerability in Pipeline: Supporting APIs Plugin"
},
{
"cve": "CVE-2022-45047",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-11-23T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2145194"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache MINA SSHD, when using Java deserialization to load a serialized java.security.PrivateKey. An attacker could benefit from unsafe deserialization by inserting unsecured data that may affect the application or server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mina-sshd: Java unsafe deserialization vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Impact as High as there\u0027s a mitigation for minimizing the impact which the flaw requires org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to be impacted, which would require an external/public API for an attacker to benefit from it. \n\nRed Hat Fuse 7 and Red Hat JBoss Enterprise Application Platform 7 have a lower rate (moderate) as it\u0027s very unlikely to be exploited since those are for internal usage or use a custom implementation in their case.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.src"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45047"
},
{
"category": "external",
"summary": "RHBZ#2145194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45047",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45047"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047"
},
{
"category": "external",
"summary": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html",
"url": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html"
}
],
"release_date": "2022-11-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-08T18:41:32+00:00",
"details": "For OpenShift Container Platform 4.10 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html\n\nBefore applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0560"
},
{
"category": "workaround",
"details": "From the maintainer:\n\nFor Apache MINA SSHD \u003c= 2.9.1, do not use org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to generate and later load your server\u0027s host key. Use separately generated host key files, for instance in OpenSSH format, and load them via a org.apache.sshd.common.keyprovider.FileKeyPairProvider instead. Or use a custom implementation instead of \nSimpleGeneratorHostKeyProvider that uses the OpenSSH format for storing and loading the host key (via classes OpenSSHKeyPairResourceWriter and OpenSSHKeyPairResourceParser).",
"product_ids": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "mina-sshd: Java unsafe deserialization vulnerability"
},
{
"cve": "CVE-2022-45379",
"cwe": {
"id": "CWE-328",
"name": "Use of Weak Hash"
},
"discovery_date": "2022-11-16T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2143090"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the script-security Jenkins Plugin. SHA-1 no longer meets the security standards for producing a cryptographically secure message digest. The affected version of the script-security Plugin stores whole-script approvals as the SHA-1 hash of the approved script.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin/script-security: Whole-script approval in Script Security Plugin vulnerable to SHA-1 collisions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift 3.11 is already in the ELS support model phase. The Jenkins components are out of scope of the ELS support; hence OpenShift 3.11 Jenkins component is marked in this CVE as out of support scope.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.src"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45379"
},
{
"category": "external",
"summary": "RHBZ#2143090",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143090"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45379",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45379"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45379",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45379"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2564",
"url": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2564"
}
],
"release_date": "2022-11-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-08T18:41:32+00:00",
"details": "For OpenShift Container Platform 4.10 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html\n\nBefore applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0560"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jenkins-plugin/script-security: Whole-script approval in Script Security Plugin vulnerable to SHA-1 collisions"
},
{
"cve": "CVE-2022-45380",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2022-11-16T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2143086"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the JUnit Jenkins Plugin. The affected version of the JUnit plugin converts HTTP(S) URLs in test report output to clickable links, which leads to a stored Cross-site scripting (XSS) attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin/JUnit: Stored XSS vulnerability in JUnit Plugin",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift 3.11 is already in the ELS support model phase. The Jenkins components are out of scope of the ELS support; hence OpenShift 3.11 Jenkins component is marked in this CVE as Out of Support Scope.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.src"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45380"
},
{
"category": "external",
"summary": "RHBZ#2143086",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143086"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45380",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45380"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45380",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45380"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2888",
"url": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2888"
}
],
"release_date": "2022-11-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-08T18:41:32+00:00",
"details": "For OpenShift Container Platform 4.10 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html\n\nBefore applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0560"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jenkins-plugin/JUnit: Stored XSS vulnerability in JUnit Plugin"
},
{
"cve": "CVE-2022-45381",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2022-11-16T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2143089"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Pipeline Utility Steps Jenkins Plugin. The affected version of the Pipeline Utility Steps Plugin does not restrict the set of enabled prefix interpolators and bundles versions of this library that enable the file: prefix interpolator by default. This flaw allows attackers who can configure Pipelines to read arbitrary files from the Jenkins controller file system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin/pipeline-utility-steps: Arbitrary file read vulnerability in Pipeline Utility Steps Plugin",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift 3.11 is already in the ELS support model phase. The Jenkins components are out of scope of the ELS support; hence the OpenShift 3.11 Jenkins component is marked in this CVE as out of support scope.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.src"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45381"
},
{
"category": "external",
"summary": "RHBZ#2143089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143089"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45381",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45381"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45381",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45381"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2949",
"url": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2949"
}
],
"release_date": "2022-11-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-08T18:41:32+00:00",
"details": "For OpenShift Container Platform 4.10 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html\n\nBefore applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0560"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.src",
"7Server-RH7-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"7Server-RH7-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el7.x86_64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.src",
"8Base-RHOSE-4.10:cri-o-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debuginfo-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.aarch64",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.ppc64le",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.s390x",
"8Base-RHOSE-4.10:cri-o-debugsource-0:1.23.5-5.rhaos4.10.gitd9dec98.el8.x86_64",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.noarch",
"8Base-RHOSE-4.10:jenkins-2-plugins-0:4.10.1675144701-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jenkins-plugin/pipeline-utility-steps: Arbitrary file read vulnerability in Pipeline Utility Steps Plugin"
}
]
}
RHSA-2022:8876
Vulnerability from csaf_redhat - Published: 2022-12-07 08:19 - Updated: 2026-04-01 18:38Summary
Red Hat Security Advisory: Red Hat AMQ Broker 7.10.2 release and security update
Severity
Moderate
Notes
Topic: Red Hat AMQ Broker 7.10.2 is now available from the Red Hat Customer Portal.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: AMQ Broker is a high-performance messaging implementation based on ActiveMQ Artemis. It uses an asynchronous journal for fast message persistence, and supports multiple languages, protocols, and platforms.
This release of Red Hat AMQ Broker 7.10.2 includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.
Security Fix(es):
* (CVE-2022-25857) snakeyaml: Denial of Service due to missing nested depth limitation for collections
* (CVE-2022-42003) jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS
* (CVE-2022-42004) jackson-databind: use of deeply nested arrays
* (CVE-2022-42889) apache-commons-text: variable interpolation RCE
* (CVE-2022-38749) snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode
* (CVE-2022-38750) snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject
* (CVE-2022-38751) snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.
7.5 (High)
Vendor Fix
Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings.
The References section of this erratum contains a download link (you must log in to download the update).
https://access.redhat.com/errata/RHSA-2022:8876
A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash, resulting in a denial of service.
6.5 (Medium)
Vendor Fix
Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings.
The References section of this erratum contains a download link (you must log in to download the update).
https://access.redhat.com/errata/RHSA-2022:8876
A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.
5.5 (Medium)
Vendor Fix
Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings.
The References section of this erratum contains a download link (you must log in to download the update).
https://access.redhat.com/errata/RHSA-2022:8876
A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.
6.5 (Medium)
Vendor Fix
Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings.
The References section of this erratum contains a download link (you must log in to download the update).
https://access.redhat.com/errata/RHSA-2022:8876
A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.
7.5 (High)
Vendor Fix
Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings.
The References section of this erratum contains a download link (you must log in to download the update).
https://access.redhat.com/errata/RHSA-2022:8876
A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.
7.5 (High)
Vendor Fix
Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings.
The References section of this erratum contains a download link (you must log in to download the update).
https://access.redhat.com/errata/RHSA-2022:8876
A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code execution (RCE) and unintentional contact with untrusted remote servers.
9.8 (Critical)
Vendor Fix
Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings.
The References section of this erratum contains a download link (you must log in to download the update).
https://access.redhat.com/errata/RHSA-2022:8876
Workaround
This flaw may be avoided by ensuring that any external inputs used with the Commons-Text lookup methods are sanitized properly. Untrusted input should always be thoroughly sanitized before using in any potentially risky situations.
References
| URL | Category | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat AMQ Broker 7.10.2 is now available from the Red Hat Customer Portal.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "AMQ Broker is a high-performance messaging implementation based on ActiveMQ Artemis. It uses an asynchronous journal for fast message persistence, and supports multiple languages, protocols, and platforms.\n\nThis release of Red Hat AMQ Broker 7.10.2 includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.\n\nSecurity Fix(es):\n\n* (CVE-2022-25857) snakeyaml: Denial of Service due to missing nested depth limitation for collections\n* (CVE-2022-42003) jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS\n* (CVE-2022-42004) jackson-databind: use of deeply nested arrays\n* (CVE-2022-42889) apache-commons-text: variable interpolation RCE\n* (CVE-2022-38749) snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode\n* (CVE-2022-38750) snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject\n* (CVE-2022-38751) snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:8876",
"url": "https://access.redhat.com/errata/RHSA-2022:8876"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=jboss.amq.broker\u0026version=7.10.2",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=jboss.amq.broker\u0026version=7.10.2"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_amq_broker/7.10",
"url": "https://access.redhat.com/documentation/en-us/red_hat_amq_broker/7.10"
},
{
"category": "external",
"summary": "2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "2129706",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129706"
},
{
"category": "external",
"summary": "2129707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129707"
},
{
"category": "external",
"summary": "2129709",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129709"
},
{
"category": "external",
"summary": "2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "2135435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135435"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_8876.json"
}
],
"title": "Red Hat Security Advisory: Red Hat AMQ Broker 7.10.2 release and security update",
"tracking": {
"current_release_date": "2026-04-01T18:38:34+00:00",
"generator": {
"date": "2026-04-01T18:38:34+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.4"
}
},
"id": "RHSA-2022:8876",
"initial_release_date": "2022-12-07T08:19:44+00:00",
"revision_history": [
{
"date": "2022-12-07T08:19:44+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-12-07T08:19:44+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-01T18:38:34+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat AMQ Broker 7",
"product": {
"name": "Red Hat AMQ Broker 7",
"product_id": "Red Hat AMQ Broker 7",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:amq_broker:7"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss AMQ"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-25857",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-09-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2126789"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Denial of Service due to missing nested depth limitation for collections",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For RHEL-8 it\u0027s downgraded to moderate because \"snakeyaml\" itself in RHEL 8 or RHEL-9 isn\u0027t shipped and \"prometheus-jmx-exporter\" is needed as build dependency. And it\u0027s not directly exploitable, hence severity marked as moderate.\nRed Hat Integration and AMQ products are not vulnerable to this flaw, so their severity has been lowered to moderate.\nRed Hat Single Sign-On uses snakeyaml from liquibase-core and is only used when performing migrations and would require administrator privileges to execute, hence severity marked as Low.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be present soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ Broker 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25857"
},
{
"category": "external",
"summary": "RHBZ#2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25857",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25857"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857"
},
{
"category": "external",
"summary": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525",
"url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525"
}
],
"release_date": "2022-08-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-12-07T08:19:44+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ Broker 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8876"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AMQ Broker 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Denial of Service due to missing nested depth limitation for collections"
},
{
"cve": "CVE-2022-38749",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129706"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ Broker 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38749"
},
{
"category": "external",
"summary": "RHBZ#2129706",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129706"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38749",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38749"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38749",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38749"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-12-07T08:19:44+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ Broker 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8876"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AMQ Broker 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode"
},
{
"cve": "CVE-2022-38750",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129707"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ Broker 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38750"
},
{
"category": "external",
"summary": "RHBZ#2129707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129707"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38750",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38750"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38750",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38750"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-12-07T08:19:44+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ Broker 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8876"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AMQ Broker 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject"
},
{
"cve": "CVE-2022-38751",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129709"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ Broker 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38751"
},
{
"category": "external",
"summary": "RHBZ#2129709",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129709"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38751",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38751"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38751",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38751"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-12-07T08:19:44+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ Broker 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8876"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AMQ Broker 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match"
},
{
"cve": "CVE-2022-42003",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135244"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ Broker 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42003"
},
{
"category": "external",
"summary": "RHBZ#2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42003",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-12-07T08:19:44+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ Broker 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8876"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AMQ Broker 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS"
},
{
"cve": "CVE-2022-42004",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135247"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: use of deeply nested arrays",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ Broker 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42004"
},
{
"category": "external",
"summary": "RHBZ#2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42004",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-12-07T08:19:44+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ Broker 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8876"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AMQ Broker 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: use of deeply nested arrays"
},
{
"cve": "CVE-2022-42889",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2022-10-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135435"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code execution (RCE) and unintentional contact with untrusted remote servers.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-commons-text: variable interpolation RCE",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In order to carry successful exploitation of this vulnerability, the following conditions must be in place on the affected target:\n - Usage of specific methods that interpolate the variables as described in the flaw\n - Usage of external input for those methods\n - Usage of that external input has to be unsanitized/no \"allow list\"/etc.\n\nThe following products have *Low* impact because they have maven references to the affected package but do not ship it nor use the code:\n- Red Hat EAP Expansion Pack (EAP-XP)\n- Red Hat Camel-K\n- Red Hat Camel-Quarkus\n\nRed Hat Satellite ships Candlepin that embeds Apache Commons Text, however, it is not vulnerable to the flaw since the library has not been exposed in the product code. In Candlepin, the Commons Text is being pulled for the Liquibase and ActiveMQ Artemis libraries as a dependency. Red Hat Product Security has evaluated and rated the impact of the flaw as Low for Satellite since there was no harm identified to the confidentiality, integrity, or availability of systems.\n\n- The OCP has a *Moderate* impact because the affected library is a third-party library in the OCP jenkins-2-plugin component which reduces the possibilities of successful exploitation.\n- The OCP-4.8 is affected by this CVE and is in an extended life phase. For versions of products in the Extended Life Phase, Red Hat will provide limited ongoing technical support. No bug fixes, security fixes, hardware enablement or root-cause analysis will be available during this phase, and support will be provided on existing installations only.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ Broker 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42889"
},
{
"category": "external",
"summary": "RHBZ#2135435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135435"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42889",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42889"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42889",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42889"
},
{
"category": "external",
"summary": "https://blogs.apache.org/security/entry/cve-2022-42889",
"url": "https://blogs.apache.org/security/entry/cve-2022-42889"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om",
"url": "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om"
},
{
"category": "external",
"summary": "https://seclists.org/oss-sec/2022/q4/22",
"url": "https://seclists.org/oss-sec/2022/q4/22"
}
],
"release_date": "2022-10-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-12-07T08:19:44+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ Broker 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8876"
},
{
"category": "workaround",
"details": "This flaw may be avoided by ensuring that any external inputs used with the Commons-Text lookup methods are sanitized properly. Untrusted input should always be thoroughly sanitized before using in any potentially risky situations.",
"product_ids": [
"Red Hat AMQ Broker 7"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AMQ Broker 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache-commons-text: variable interpolation RCE"
}
]
}
RHSA-2024_0777
Vulnerability from csaf_redhat - Published: 2024-02-12 10:27 - Updated: 2024-12-18 05:01Summary
Red Hat Security Advisory: jenkins and jenkins-2-plugins security update
Severity
Important
Notes
Topic: An update for jenkins and jenkins-2-plugins is now available for OpenShift Developer Tools and Services for OCP 4.14.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron.
Security Fix(es):
* golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) (CVE-2023-39325)
* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)
* apache-commons-text: variable interpolation RCE (CVE-2022-42889)
* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)
* maven-shared-utils: Command injection via Commandline class (CVE-2022-29599)
* jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin (CVE-2023-24422)
* Jenkins: Session fixation vulnerability in OpenShift Login Plugin (CVE-2023-37946)
* jenkins-plugins: cloudbees-folder: CSRF vulnerability in Folders Plugin may approve unsandboxed scripts (CVE-2023-40336)
* guava: insecure temporary directory creation (CVE-2023-2976)
* jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin (CVE-2023-25761)
* jenkins-2-plugins/pipeline-build-step: Stored XSS vulnerability in Pipeline: Build Step Plugin (CVE-2023-25762)
* jackson-databind: denial of service via cylic dependencies (CVE-2023-35116)
* Jenkins: Open redirect vulnerability in OpenShift Login Plugin (CVE-2023-37947)
* jenkins-plugins: cloudbees-folder: CSRF vulnerability in Folders Plugin (CVE-2023-40337)
* jenkins-plugins: cloudbees-folder: Information disclosure in Folders Plugin (CVE-2023-40338)
* jenkins-plugins: config-file-provider: Improper masking of credentials in Config File Provider Plugin (CVE-2023-40339)
* jenkins-plugins: blueocean: CSRF vulnerability in Blue Ocean Plugin allows capturing credentials (CVE-2023-40341)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.
7.5 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0777
A flaw was found in the maven-shared-utils package. This issue allows a Command Injection due to improper escaping, allowing a shell injection attack.
9.8 (Critical)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0777
A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code execution (RCE) and unintentional contact with untrusted remote servers.
9.8 (Critical)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0777
Workaround
This flaw may be avoided by ensuring that any external inputs used with the Commons-Text lookup methods are sanitized properly. Untrusted input should always be thoroughly sanitized before using in any potentially risky situations.
A flaw was found in Guava. The methodology for temporary directories and files can allow other local users or apps with accordant permissions to access the temp files, possibly leading to information exposure or tampering in the files created in the directory.
4.4 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0777
Workaround
Temp files should be created with sufficiently non-predictable names and in a secure-permissioned, dedicated temp folder.
A flaw was found in the script-security Jenkins Plugin. In affected versions of the script-security plugin, property assignments performed implicitly by the Groovy language runtime when invoking map constructors were not intercepted by the sandbox. This vulnerability allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM.
8.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0777
A flaw was found in the Jenkins JUnit plugin. The affected versions of the JUnit Plugin do not escape test case class names in JavaScript expressions, resulting in a stored cross-site scripting (XSS) vulnerability. This may allow an attacker to control test case class names in the JUnit resources processed by the plugin.
5.4 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0777
A flaw was found in the Jenkins pipeline-build-step plugin. Affected versions of the pipeline-build-step plugin do not escape job names in a JavaScript expression used in the Pipeline Snippet Generator. This can result in a stored cross-site scripting (XSS) vulnerability that may allow attackers to control job names.
5.4 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0777
jackson-databind through 2.15.2 allows attackers to cause a denial of service or other unspecified impact via a crafted object that uses cyclic dependencies. NOTE: the vendor's perspective is that this is not a valid vulnerability report, because the steps of constructing a cyclic data structure and trying to serialize it cannot be achieved by an external attacker.
4.7 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0777
Workaround
jackson-databind should not be used to deserialize untrusted inputs. User inputs should be validated and sanitized before processing.
A flaw was found in the Jenkins OpenShift Login Plugin. Affected versions of this plugin could allow a remote attacker to bypass security restrictions caused by not invalidating the existing session on login. By persuading a victim to visit a specially crafted Web site, an attacker can gain administrator access to Jenkins.
8.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0777
A flaw was found in the Jenkins OpenShift Login Plugin. Affected versions of this plugin could allow a remote attacker to conduct phishing attacks caused by an open redirect vulnerability. An attacker can use a specially crafted URL to redirect a victim to arbitrary web sites.
4.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0777
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.
7.5 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0777
Workaround
The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.
A flaw was found in the Jenkins Folders Plugin. Affected versions of this plugin allow attackers to copy folders.
8.0 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0777
A flaw was found in the Jenkins Folders plugin. Affected versions of this plugin allow attackers to copy a view inside a folder.
4.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0777
A flaw was found in the Jenkins Folders plugin. Affected versions of this plugin display an error message that includes an absolute path of a log file when attempting to access the Scan Organization Folder Log if no logs are available. This flaw exposes information about the Jenkins controller file system.
4.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0777
A flaw was found in the Config File Provider Jenkins Plugin. Affected versions of this plugin do not mask (replace with asterisks) credentials specified in configuration files when they're written to the build log.
7.5 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0777
A flaw was found in the blueocean Jenkins plugin. Affected versions of this plugin allow attackers to connect to an attacker-specified URL, capturing GitHub credentials associated with an attacker-specified job.
5.4 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0777
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages. Security Bulletin https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
7.5 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0777
Workaround
Users are strongly urged to update their software as soon as fixes are available.
There are several mitigation approaches for this flaw.
1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.
2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.
3. Several package specific mitigations are also available.
a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/
b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p
c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487
d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg
e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.
References
| URL | Category | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for jenkins and jenkins-2-plugins is now available for OpenShift Developer Tools and Services for OCP 4.14.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron.\n\nSecurity Fix(es):\n\n* golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) (CVE-2023-39325)\n\n* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)\n\n* apache-commons-text: variable interpolation RCE (CVE-2022-42889)\n\n* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)\n\n* maven-shared-utils: Command injection via Commandline class (CVE-2022-29599)\n\n* jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin (CVE-2023-24422)\n\n* Jenkins: Session fixation vulnerability in OpenShift Login Plugin (CVE-2023-37946)\n\n* jenkins-plugins: cloudbees-folder: CSRF vulnerability in Folders Plugin may approve unsandboxed scripts (CVE-2023-40336)\n\n* guava: insecure temporary directory creation (CVE-2023-2976)\n\n* jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin (CVE-2023-25761)\n\n* jenkins-2-plugins/pipeline-build-step: Stored XSS vulnerability in Pipeline: Build Step Plugin (CVE-2023-25762)\n\n* jackson-databind: denial of service via cylic dependencies (CVE-2023-35116)\n\n* Jenkins: Open redirect vulnerability in OpenShift Login Plugin (CVE-2023-37947)\n\n* jenkins-plugins: cloudbees-folder: CSRF vulnerability in Folders Plugin (CVE-2023-40337)\n\n* jenkins-plugins: cloudbees-folder: Information disclosure in Folders Plugin (CVE-2023-40338)\n\n* jenkins-plugins: config-file-provider: Improper masking of credentials in Config File Provider Plugin (CVE-2023-40339)\n\n* jenkins-plugins: blueocean: CSRF vulnerability in Blue Ocean Plugin allows capturing credentials (CVE-2023-40341)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:0777",
"url": "https://access.redhat.com/errata/RHSA-2024:0777"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "2066479",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066479"
},
{
"category": "external",
"summary": "2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "2135435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135435"
},
{
"category": "external",
"summary": "2164278",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164278"
},
{
"category": "external",
"summary": "2170039",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170039"
},
{
"category": "external",
"summary": "2170041",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170041"
},
{
"category": "external",
"summary": "2215214",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215214"
},
{
"category": "external",
"summary": "2215229",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215229"
},
{
"category": "external",
"summary": "2222709",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222709"
},
{
"category": "external",
"summary": "2222710",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222710"
},
{
"category": "external",
"summary": "2232422",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2232422"
},
{
"category": "external",
"summary": "2232423",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2232423"
},
{
"category": "external",
"summary": "2232424",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2232424"
},
{
"category": "external",
"summary": "2232425",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2232425"
},
{
"category": "external",
"summary": "2232426",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2232426"
},
{
"category": "external",
"summary": "2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "external",
"summary": "JKNS-271",
"url": "https://issues.redhat.com/browse/JKNS-271"
},
{
"category": "external",
"summary": "JKNS-289",
"url": "https://issues.redhat.com/browse/JKNS-289"
},
{
"category": "external",
"summary": "JKNS-337",
"url": "https://issues.redhat.com/browse/JKNS-337"
},
{
"category": "external",
"summary": "JKNS-344",
"url": "https://issues.redhat.com/browse/JKNS-344"
},
{
"category": "external",
"summary": "JKNS-345",
"url": "https://issues.redhat.com/browse/JKNS-345"
},
{
"category": "external",
"summary": "OCPBUGS-11158",
"url": "https://issues.redhat.com/browse/OCPBUGS-11158"
},
{
"category": "external",
"summary": "OCPBUGS-11253",
"url": "https://issues.redhat.com/browse/OCPBUGS-11253"
},
{
"category": "external",
"summary": "OCPBUGS-11254",
"url": "https://issues.redhat.com/browse/OCPBUGS-11254"
},
{
"category": "external",
"summary": "OCPBUGS-11446",
"url": "https://issues.redhat.com/browse/OCPBUGS-11446"
},
{
"category": "external",
"summary": "OCPBUGS-1357",
"url": "https://issues.redhat.com/browse/OCPBUGS-1357"
},
{
"category": "external",
"summary": "OCPBUGS-13869",
"url": "https://issues.redhat.com/browse/OCPBUGS-13869"
},
{
"category": "external",
"summary": "OCPBUGS-14111",
"url": "https://issues.redhat.com/browse/OCPBUGS-14111"
},
{
"category": "external",
"summary": "OCPBUGS-14609",
"url": "https://issues.redhat.com/browse/OCPBUGS-14609"
},
{
"category": "external",
"summary": "OCPBUGS-15646",
"url": "https://issues.redhat.com/browse/OCPBUGS-15646"
},
{
"category": "external",
"summary": "OCPBUGS-15902",
"url": "https://issues.redhat.com/browse/OCPBUGS-15902"
},
{
"category": "external",
"summary": "OCPBUGS-1709",
"url": "https://issues.redhat.com/browse/OCPBUGS-1709"
},
{
"category": "external",
"summary": "OCPBUGS-1942",
"url": "https://issues.redhat.com/browse/OCPBUGS-1942"
},
{
"category": "external",
"summary": "OCPBUGS-2099",
"url": "https://issues.redhat.com/browse/OCPBUGS-2099"
},
{
"category": "external",
"summary": "OCPBUGS-2184",
"url": "https://issues.redhat.com/browse/OCPBUGS-2184"
},
{
"category": "external",
"summary": "OCPBUGS-2318",
"url": "https://issues.redhat.com/browse/OCPBUGS-2318"
},
{
"category": "external",
"summary": "OCPBUGS-23438",
"url": "https://issues.redhat.com/browse/OCPBUGS-23438"
},
{
"category": "external",
"summary": "OCPBUGS-27388",
"url": "https://issues.redhat.com/browse/OCPBUGS-27388"
},
{
"category": "external",
"summary": "OCPBUGS-655",
"url": "https://issues.redhat.com/browse/OCPBUGS-655"
},
{
"category": "external",
"summary": "OCPBUGS-6579",
"url": "https://issues.redhat.com/browse/OCPBUGS-6579"
},
{
"category": "external",
"summary": "OCPBUGS-6870",
"url": "https://issues.redhat.com/browse/OCPBUGS-6870"
},
{
"category": "external",
"summary": "OCPBUGS-710",
"url": "https://issues.redhat.com/browse/OCPBUGS-710"
},
{
"category": "external",
"summary": "OCPBUGS-8377",
"url": "https://issues.redhat.com/browse/OCPBUGS-8377"
},
{
"category": "external",
"summary": "OCPBUGS-8442",
"url": "https://issues.redhat.com/browse/OCPBUGS-8442"
},
{
"category": "external",
"summary": "OCPTOOLS-244",
"url": "https://issues.redhat.com/browse/OCPTOOLS-244"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_0777.json"
}
],
"title": "Red Hat Security Advisory: jenkins and jenkins-2-plugins security update",
"tracking": {
"current_release_date": "2024-12-18T05:01:18+00:00",
"generator": {
"date": "2024-12-18T05:01:18+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2024:0777",
"initial_release_date": "2024-02-12T10:27:23+00:00",
"revision_history": [
{
"date": "2024-02-12T10:27:23+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-02-12T10:27:23+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-18T05:01:18+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenShift Developer Tools and Services for OCP 4.14",
"product": {
"name": "OpenShift Developer Tools and Services for OCP 4.14",
"product_id": "8Base-OCP-Tools-4.14",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ocp_tools:4.14::el8"
}
}
}
],
"category": "product_family",
"name": "OpenShift Jenkins"
},
{
"branches": [
{
"category": "product_version",
"name": "jenkins-2-plugins-0:4.14.1706516441-1.el8.src",
"product": {
"name": "jenkins-2-plugins-0:4.14.1706516441-1.el8.src",
"product_id": "jenkins-2-plugins-0:4.14.1706516441-1.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins-2-plugins@4.14.1706516441-1.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "jenkins-0:2.426.3.1706516352-3.el8.src",
"product": {
"name": "jenkins-0:2.426.3.1706516352-3.el8.src",
"product_id": "jenkins-0:2.426.3.1706516352-3.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins@2.426.3.1706516352-3.el8?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"product": {
"name": "jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"product_id": "jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins-2-plugins@4.14.1706516441-1.el8?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jenkins-0:2.426.3.1706516352-3.el8.noarch",
"product": {
"name": "jenkins-0:2.426.3.1706516352-3.el8.noarch",
"product_id": "jenkins-0:2.426.3.1706516352-3.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins@2.426.3.1706516352-3.el8?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-0:2.426.3.1706516352-3.el8.noarch as a component of OpenShift Developer Tools and Services for OCP 4.14",
"product_id": "8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch"
},
"product_reference": "jenkins-0:2.426.3.1706516352-3.el8.noarch",
"relates_to_product_reference": "8Base-OCP-Tools-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-0:2.426.3.1706516352-3.el8.src as a component of OpenShift Developer Tools and Services for OCP 4.14",
"product_id": "8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src"
},
"product_reference": "jenkins-0:2.426.3.1706516352-3.el8.src",
"relates_to_product_reference": "8Base-OCP-Tools-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch as a component of OpenShift Developer Tools and Services for OCP 4.14",
"product_id": "8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch"
},
"product_reference": "jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"relates_to_product_reference": "8Base-OCP-Tools-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-2-plugins-0:4.14.1706516441-1.el8.src as a component of OpenShift Developer Tools and Services for OCP 4.14",
"product_id": "8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
},
"product_reference": "jenkins-2-plugins-0:4.14.1706516441-1.el8.src",
"relates_to_product_reference": "8Base-OCP-Tools-4.14"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-25857",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-09-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2126789"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Denial of Service due to missing nested depth limitation for collections",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For RHEL-8 it\u0027s downgraded to moderate because \"snakeyaml\" itself in RHEL 8 or RHEL-9 isn\u0027t shipped and \"prometheus-jmx-exporter\" is needed as build dependency. And it\u0027s not directly exploitable, hence severity marked as moderate.\nRed Hat Integration and AMQ products are not vulnerable to this flaw, so their severity has been lowered to moderate.\nRed Hat Single Sign-On uses snakeyaml from liquibase-core and is only used when performing migrations and would require administrator privileges to execute, hence severity marked as Low.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be present soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25857"
},
{
"category": "external",
"summary": "RHBZ#2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25857",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25857"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857"
},
{
"category": "external",
"summary": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525",
"url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525"
}
],
"release_date": "2022-08-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:27:23+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "snakeyaml: Denial of Service due to missing nested depth limitation for collections"
},
{
"cve": "CVE-2022-29599",
"cwe": {
"id": "CWE-77",
"name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
},
"discovery_date": "2022-03-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2066479"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the maven-shared-utils package. This issue allows a Command Injection due to improper escaping, allowing a shell injection attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "maven-shared-utils: Command injection via Commandline class",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite ships Candlepin component, which uses the Tomcatjss module from the RHEL AppStream repository. In turn, Tomcatjss relies on Maven, which itself depends on affected Apache Maven Shared Utils. Due to the fact that Satellite does not directly use Apache Maven Shared Utils, or expose it in its code, it is considered not affected by the flaw. Satellite customers can resolve the security warning by updating to the fixed Apache Maven Shared Utils through the updated Maven module, which is available in the RHEL 8 AppStream repository. It\u0027s worth noting that this solution applies solely to RHEL 8, which supports modules exclusively, and it is not applicable to earlier versions including RHEL 7.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-29599"
},
{
"category": "external",
"summary": "RHBZ#2066479",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066479"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-29599",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29599"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-29599",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-29599"
}
],
"release_date": "2020-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:27:23+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "maven-shared-utils: Command injection via Commandline class"
},
{
"cve": "CVE-2022-42889",
"cwe": {
"id": "CWE-1188",
"name": "Initialization of a Resource with an Insecure Default"
},
"discovery_date": "2022-10-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135435"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code execution (RCE) and unintentional contact with untrusted remote servers.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-commons-text: variable interpolation RCE",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In order to carry successful exploitation of this vulnerability, the following conditions must be in place on the affected target:\n - Usage of specific methods that interpolate the variables as described in the flaw\n - Usage of external input for those methods\n - Usage of that external input has to be unsanitized/no \"allow list\"/etc.\n\nThe following products have *Low* impact because they have maven references to the affected package but do not ship it nor use the code:\n- Red Hat EAP Expansion Pack (EAP-XP)\n- Red Hat Camel-K\n- Red Hat Camel-Quarkus\n\nRed Hat Satellite ships Candlepin that embeds Apache Commons Text, however, it is not vulnerable to the flaw since the library has not been exposed in the product code. In Candlepin, the Commons Text is being pulled for the Liquibase and ActiveMQ Artemis libraries as a dependency. Red Hat Product Security has evaluated and rated the impact of the flaw as Low for Satellite since there was no harm identified to the confidentiality, integrity, or availability of systems.\n\n- The OCP has a *Moderate* impact because the affected library is a third-party library in the OCP jenkins-2-plugin component which reduces the possibilities of successful exploitation.\n- The OCP-4.8 is affected by this CVE and is in an extended life phase. For versions of products in the Extended Life Phase, Red Hat will provide limited ongoing technical support. No bug fixes, security fixes, hardware enablement or root-cause analysis will be available during this phase, and support will be provided on existing installations only.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42889"
},
{
"category": "external",
"summary": "RHBZ#2135435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135435"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42889",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42889"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42889",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42889"
},
{
"category": "external",
"summary": "https://blogs.apache.org/security/entry/cve-2022-42889",
"url": "https://blogs.apache.org/security/entry/cve-2022-42889"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om",
"url": "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om"
},
{
"category": "external",
"summary": "https://seclists.org/oss-sec/2022/q4/22",
"url": "https://seclists.org/oss-sec/2022/q4/22"
}
],
"release_date": "2022-10-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:27:23+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0777"
},
{
"category": "workaround",
"details": "This flaw may be avoided by ensuring that any external inputs used with the Commons-Text lookup methods are sanitized properly. Untrusted input should always be thoroughly sanitized before using in any potentially risky situations.",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache-commons-text: variable interpolation RCE"
},
{
"cve": "CVE-2023-2976",
"cwe": {
"id": "CWE-552",
"name": "Files or Directories Accessible to External Parties"
},
"discovery_date": "2023-06-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2215229"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Guava. The methodology for temporary directories and files can allow other local users or apps with accordant permissions to access the temp files, possibly leading to information exposure or tampering in the files created in the directory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "guava: insecure temporary directory creation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Single Sign-On 7 ships the affected component as a layered product of Red Hat JBoss Enterprise Application 7, and as such is affected by this flaw. However, Single Sign-On 7 does not use the affected code and is not vulnerable to exploit.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-2976"
},
{
"category": "external",
"summary": "RHBZ#2215229",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215229"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-2976",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2976"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-2976",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-2976"
}
],
"release_date": "2023-06-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:27:23+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0777"
},
{
"category": "workaround",
"details": "Temp files should be created with sufficiently non-predictable names and in a secure-permissioned, dedicated temp folder.",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "guava: insecure temporary directory creation"
},
{
"cve": "CVE-2023-24422",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2023-01-25T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2164278"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the script-security Jenkins Plugin. In affected versions of the script-security plugin, property assignments performed implicitly by the Groovy language runtime when invoking map constructors were not intercepted by the sandbox. This vulnerability allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift 3.11 is already in the ELS support model phase. The Jenkins components are out of scope of the ELS support; hence OpenShift 3.11 Jenkins component is marked in this CVE as out of support scope.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-24422"
},
{
"category": "external",
"summary": "RHBZ#2164278",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164278"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-24422",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24422"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-24422",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24422"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-01-24/#SECURITY-3016",
"url": "https://www.jenkins.io/security/advisory/2023-01-24/#SECURITY-3016"
}
],
"release_date": "2023-01-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:27:23+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin"
},
{
"cve": "CVE-2023-25761",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2023-02-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2170039"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Jenkins JUnit plugin. The affected versions of the JUnit Plugin do not escape test case class names in JavaScript expressions, resulting in a stored cross-site scripting (XSS) vulnerability. This may allow an attacker to control test case class names in the JUnit resources processed by the plugin.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift 3.11 is already in the ELS support model phase. The Jenkins components are out of scope of the ELS support, therefore, the OpenShift 3.11 Jenkins component is marked as out of support scope in this CVE.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-25761"
},
{
"category": "external",
"summary": "RHBZ#2170039",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170039"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-25761",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25761"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-25761",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25761"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-3032",
"url": "https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-3032"
}
],
"release_date": "2023-02-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:27:23+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin"
},
{
"cve": "CVE-2023-25762",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2023-02-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2170041"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Jenkins pipeline-build-step plugin. Affected versions of the pipeline-build-step plugin do not escape job names in a JavaScript expression used in the Pipeline Snippet Generator. This can result in a stored cross-site scripting (XSS) vulnerability that may allow attackers to control job names.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-2-plugins/pipeline-build-step: Stored XSS vulnerability in Pipeline: Build Step Plugin",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift 3.11 is already in the ELS support model phase. The Jenkins components are out of scope of the ELS support, therefore, the OpenShift 3.11 Jenkins component is marked as out of support scope in this CVE.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-25762"
},
{
"category": "external",
"summary": "RHBZ#2170041",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170041"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-25762",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25762"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-25762",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25762"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-3019",
"url": "https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-3019"
}
],
"release_date": "2023-02-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:27:23+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins-2-plugins/pipeline-build-step: Stored XSS vulnerability in Pipeline: Build Step Plugin"
},
{
"cve": "CVE-2023-35116",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2023-06-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2215214"
}
],
"notes": [
{
"category": "description",
"text": "jackson-databind through 2.15.2 allows attackers to cause a denial of service or other unspecified impact via a crafted object that uses cyclic dependencies. NOTE: the vendor\u0027s perspective is that this is not a valid vulnerability report, because the steps of constructing a cyclic data structure and trying to serialize it cannot be achieved by an external attacker.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: denial of service via cylic dependencies",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE is disputed by the component developers and is under reconsideration by NIST. As such, it should be excluded from scanning utilities or other compliance systems until the dispute is finalized.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-35116"
},
{
"category": "external",
"summary": "RHBZ#2215214",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215214"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-35116",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35116"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-35116",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-35116"
}
],
"release_date": "2023-06-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:27:23+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0777"
},
{
"category": "workaround",
"details": "jackson-databind should not be used to deserialize untrusted inputs. User inputs should be validated and sanitized before processing.",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: denial of service via cylic dependencies"
},
{
"cve": "CVE-2023-37946",
"cwe": {
"id": "CWE-384",
"name": "Session Fixation"
},
"discovery_date": "2023-07-12T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2222709"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Jenkins OpenShift Login Plugin. Affected versions of this plugin could allow a remote attacker to bypass security restrictions caused by not invalidating the existing session on login. By persuading a victim to visit a specially crafted Web site, an attacker can gain administrator access to Jenkins.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Jenkins: Session fixation vulnerability in OpenShift Login Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-37946"
},
{
"category": "external",
"summary": "RHBZ#2222709",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222709"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-37946",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-37946"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-37946",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-37946"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-07-12/#SECURITY-2998",
"url": "https://www.jenkins.io/security/advisory/2023-07-12/#SECURITY-2998"
}
],
"release_date": "2023-07-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:27:23+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Jenkins: Session fixation vulnerability in OpenShift Login Plugin"
},
{
"cve": "CVE-2023-37947",
"cwe": {
"id": "CWE-601",
"name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
},
"discovery_date": "2023-07-12T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2222710"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Jenkins OpenShift Login Plugin. Affected versions of this plugin could allow a remote attacker to conduct phishing attacks caused by an open redirect vulnerability. An attacker can use a specially crafted URL to redirect a victim to arbitrary web sites.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Jenkins: Open redirect vulnerability in OpenShift Login Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-37947"
},
{
"category": "external",
"summary": "RHBZ#2222710",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222710"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-37947",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-37947"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-37947",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-37947"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-07-12/#SECURITY-2999",
"url": "https://www.jenkins.io/security/advisory/2023-07-12/#SECURITY-2999"
}
],
"release_date": "2023-07-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:27:23+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Jenkins: Open redirect vulnerability in OpenShift Login Plugin"
},
{
"cve": "CVE-2023-39325",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-10T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2243296"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE is related to CVE-2023-44487.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39325"
},
{
"category": "external",
"summary": "RHBZ#2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-44487",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://go.dev/issue/63417",
"url": "https://go.dev/issue/63417"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:27:23+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0777"
},
{
"category": "workaround",
"details": "The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)"
},
{
"cve": "CVE-2023-40336",
"cwe": {
"id": "CWE-352",
"name": "Cross-Site Request Forgery (CSRF)"
},
"discovery_date": "2023-08-16T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2232424"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Jenkins Folders Plugin. Affected versions of this plugin allow attackers to copy folders.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugins: cloudbees-folder: CSRF vulnerability in Folders Plugin may approve unsandboxed scripts",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-40336"
},
{
"category": "external",
"summary": "RHBZ#2232424",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2232424"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-40336",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40336"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-40336",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-40336"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3106",
"url": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3106"
}
],
"release_date": "2023-08-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:27:23+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jenkins-plugins: cloudbees-folder: CSRF vulnerability in Folders Plugin may approve unsandboxed scripts"
},
{
"cve": "CVE-2023-40337",
"cwe": {
"id": "CWE-352",
"name": "Cross-Site Request Forgery (CSRF)"
},
"discovery_date": "2023-08-16T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2232425"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Jenkins Folders plugin. Affected versions of this plugin allow attackers to copy a view inside a folder.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugins: cloudbees-folder: CSRF vulnerability in Folders Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-40337"
},
{
"category": "external",
"summary": "RHBZ#2232425",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2232425"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-40337",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40337"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-40337",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-40337"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3105",
"url": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3105"
}
],
"release_date": "2023-08-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:27:23+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins-plugins: cloudbees-folder: CSRF vulnerability in Folders Plugin"
},
{
"cve": "CVE-2023-40338",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2023-08-16T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2232426"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Jenkins Folders plugin. Affected versions of this plugin display an error message that includes an absolute path of a log file when attempting to access the Scan Organization Folder Log if no logs are available. This flaw exposes information about the Jenkins controller file system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugins: cloudbees-folder: Information disclosure in Folders Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-40338"
},
{
"category": "external",
"summary": "RHBZ#2232426",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2232426"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-40338",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40338"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-40338",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-40338"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3109",
"url": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3109"
}
],
"release_date": "2023-08-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:27:23+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins-plugins: cloudbees-folder: Information disclosure in Folders Plugin"
},
{
"cve": "CVE-2023-40339",
"discovery_date": "2023-08-16T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2232423"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Config File Provider Jenkins Plugin. Affected versions of this plugin do not mask (replace with asterisks) credentials specified in configuration files when they\u0027re written to the build log.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugins: config-file-provider: Improper masking of credentials in Config File Provider Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-40339"
},
{
"category": "external",
"summary": "RHBZ#2232423",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2232423"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-40339",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40339"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-40339",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-40339"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3090",
"url": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3090"
}
],
"release_date": "2023-08-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:27:23+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins-plugins: config-file-provider: Improper masking of credentials in Config File Provider Plugin"
},
{
"cve": "CVE-2023-40341",
"cwe": {
"id": "CWE-352",
"name": "Cross-Site Request Forgery (CSRF)"
},
"discovery_date": "2023-08-16T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2232422"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the blueocean Jenkins plugin. Affected versions of this plugin allow attackers to connect to an attacker-specified URL, capturing GitHub credentials associated with an attacker-specified job.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugins: blueocean: CSRF vulnerability in Blue Ocean Plugin allows capturing credentials",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-40341"
},
{
"category": "external",
"summary": "RHBZ#2232422",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2232422"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-40341",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40341"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-40341",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-40341"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3116",
"url": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3116"
}
],
"release_date": "2023-08-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:27:23+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins-plugins: blueocean: CSRF vulnerability in Blue Ocean Plugin allows capturing credentials"
},
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242803"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages.\r\n\r\nSecurity Bulletin\r\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "NGINX has been marked as Moderate Impact because, for performance and resource consumption reasons, NGINX limits the number of concurrent streams to a default of 128. In addition, to optimally balance network and server performance, NGINX allows the client to persist HTTP connections for up to 1000 requests by default using an HTTP keepalive.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nrhc component is no longer impacted by CVE-2023-44487 \u0026 CVE-2023-39325.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "RHBZ#2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://github.com/dotnet/announcements/issues/277",
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/",
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:27:23+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0777"
},
{
"category": "workaround",
"details": "Users are strongly urged to update their software as soon as fixes are available. \nThere are several mitigation approaches for this flaw. \n\n1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.\n2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.\n3. Several package specific mitigations are also available. \n a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\n b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p\n c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\n d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg\n e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.426.3.1706516352-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1706516441-1.el8.src"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-10-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)"
}
]
}
RHSA-2023:3198
Vulnerability from csaf_redhat - Published: 2023-05-17 17:53 - Updated: 2026-04-01 18:43Summary
Red Hat Security Advisory: jenkins and jenkins-2-plugins security update
Severity
Critical
Notes
Topic: An update for jenkins and jenkins-2-plugins is now available for OpenShift Developer Tools and Services for OCP 4.11.
Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron.
Security Fix(es):
* apache-commons-text: variable interpolation RCE (CVE-2022-42889)
* jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin (CVE-2022-43401)
* jenkins-plugin/workflow-cps: Sandbox bypass vulnerabilities in Pipeline: Groovy Plugin (CVE-2022-43402)
* jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin (CVE-2022-43403)
* jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin (CVE-2022-43404)
* jenkins-plugin/pipeline-groovy-lib: Sandbox bypass vulnerability in Pipeline: Groovy Libraries Plugin (CVE-2022-43405)
* jenkins-plugin/workflow-cps-global-lib: Sandbox bypass vulnerability in Pipeline: Deprecated Groovy Libraries Plugin (CVE-2022-43406)
* maven: Block repositories using http by default (CVE-2021-26291)
* SnakeYaml: Constructor Deserialization Remote Code Execution (CVE-2022-1471)
* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)
* maven-shared-utils: Command injection via Commandline class (CVE-2022-29599)
* jenkins-plugin/pipeline-input-step: CSRF protection for any URL can be bypassed in Pipeline: Input Step Plugin (CVE-2022-43407)
* mina-sshd: Java unsafe deserialization vulnerability (CVE-2022-45047)
* jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin (CVE-2023-24422)
* Jenkins plugin: CSRF vulnerability in Blue Ocean Plugin (CVE-2022-30953)
* Jenkins plugin: missing permission checks in Blue Ocean Plugin (CVE-2022-30954)
* jenkins-plugin/pipeline-stage-view: CSRF protection for any URL can be bypassed in Pipeline: Stage View Plugin (CVE-2022-43408)
* jenkins-plugin/workflow-support: Stored XSS vulnerability in Pipeline: Supporting APIs Plugin (CVE-2022-43409)
* jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin (CVE-2023-25761)
* jenkins-2-plugins/pipeline-build-step: Stored XSS vulnerability in Pipeline: Build Step Plugin (CVE-2023-25762)
* Jenkins: Temporary file parameter created with insecure permissions (CVE-2023-27903)
* Jenkins: Information disclosure through error stack traces related to agents (CVE-2023-27904)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in maven. Repositories that are defined in a dependency’s Project Object Model (pom), which may be unknown to users, are used by default resulting in potential risk if a malicious actor takes over that repository or is able to insert themselves into a position to pretend to be that repository. The highest threat from this vulnerability is to data confidentiality and integrity.
7.4 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:3198
Workaround
To avoid possible man-in-the-middle related attacks with this flaw, ensure any linked repositories in maven POMs use https and not http.
A flaw was found in the SnakeYaml package. This flaw allows an attacker to benefit from remote code execution by sending malicious YAML content and this content being deserialized by the constructor. Deserialization is unsafe and leads to Remote Code Execution (RCE).
9.8 (Critical)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:3198
A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.
7.5 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:3198
A flaw was found in the maven-shared-utils package. This issue allows a Command Injection due to improper escaping, allowing a shell injection attack.
9.8 (Critical)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:3198
A cross-site request forgery (CSRF) vulnerability in Jenkins Blue Ocean Plugin 1.25.3 and earlier allows attackers to connect to an attacker-specified HTTP server.
6.5 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:3198
Jenkins Blue Ocean Plugin 1.25.3 and earlier does not perform a permission check in several HTTP endpoints, allowing attackers with Overall/Read permission to connect to an attacker-specified HTTP server.
6.5 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:3198
A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code execution (RCE) and unintentional contact with untrusted remote servers.
9.8 (Critical)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:3198
Workaround
This flaw may be avoided by ensuring that any external inputs used with the Commons-Text lookup methods are sanitized properly. Untrusted input should always be thoroughly sanitized before using in any potentially risky situations.
A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and confidentiality of Jenkins.
9.9 (Critical)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:3198
A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and confidentiality of Jenkins.
9.9 (Critical)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:3198
A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and confidentiality of Jenkins.
9.9 (Critical)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:3198
A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and confidentiality of Jenkins.
9.9 (Critical)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:3198
A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and confidentiality of Jenkins.
9.9 (Critical)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:3198
A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and confidentiality of Jenkins.
9.9 (Critical)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:3198
A cross-site request forgery (CSRF) vulnerability was found in a Jenkins plugin. This issue may allow an unauthenticated attacker to access Jenkins builds, bypassing CSRF protections. This could compromise the integrity, availability, and confidentiality of Jenkins.
8.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:3198
A Cross-site request forgery (CSRF) vulnerability was found in a Jenkins plugin. This issue may allow an authenticated attacker to access Jenkins builds, bypassing CSRF protections.
5.7 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:3198
A Cross-site scripting (XSS) vulnerability was found in a Jenkins plugin. This issue may allow an authenticated remote attacker to create Pipelines.
5.4 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:3198
A flaw was found in Apache MINA SSHD, when using Java deserialization to load a serialized java.security.PrivateKey. An attacker could benefit from unsafe deserialization by inserting unsecured data that may affect the application or server.
9.8 (Critical)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:3198
Workaround
From the maintainer:
For Apache MINA SSHD <= 2.9.1, do not use org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to generate and later load your server's host key. Use separately generated host key files, for instance in OpenSSH format, and load them via a org.apache.sshd.common.keyprovider.FileKeyPairProvider instead. Or use a custom implementation instead of
SimpleGeneratorHostKeyProvider that uses the OpenSSH format for storing and loading the host key (via classes OpenSSHKeyPairResourceWriter and OpenSSHKeyPairResourceParser).
A flaw was found in the script-security Jenkins Plugin. In affected versions of the script-security plugin, property assignments performed implicitly by the Groovy language runtime when invoking map constructors were not intercepted by the sandbox. This vulnerability allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM.
8.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:3198
A flaw was found in the Jenkins JUnit plugin. The affected versions of the JUnit Plugin do not escape test case class names in JavaScript expressions, resulting in a stored cross-site scripting (XSS) vulnerability. This may allow an attacker to control test case class names in the JUnit resources processed by the plugin.
5.4 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:3198
A flaw was found in the Jenkins pipeline-build-step plugin. Affected versions of the pipeline-build-step plugin do not escape job names in a JavaScript expression used in the Pipeline Snippet Generator. This can result in a stored cross-site scripting (XSS) vulnerability that may allow attackers to control job names.
5.4 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:3198
A flaw was found in Jenkins. When triggering a build from the Jenkins CLI, Jenkins creates a temporary file on the controller if a file parameter is provided through the CLI’s standard input. Affected versions of Jenkins create this temporary file in the default temporary directory with the default permissions for newly created files. If these permissions are overly permissive, they may allow attackers with access to the Jenkins controller file system to read and write the file before it is used in the build.
4.4 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:3198
A flaw was found in Jenkins. The affected version of Jenkins prints an error stack trace on agent-related pages when agent connections are broken. This stack trace may contain information about Jenkins configuration that is otherwise inaccessible to attackers.
5.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:3198
References
| URL | Category | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for jenkins and jenkins-2-plugins is now available for OpenShift Developer Tools and Services for OCP 4.11.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron.\n\nSecurity Fix(es):\n\n* apache-commons-text: variable interpolation RCE (CVE-2022-42889)\n\n* jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin (CVE-2022-43401)\n\n* jenkins-plugin/workflow-cps: Sandbox bypass vulnerabilities in Pipeline: Groovy Plugin (CVE-2022-43402)\n\n* jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin (CVE-2022-43403)\n\n* jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin (CVE-2022-43404)\n\n* jenkins-plugin/pipeline-groovy-lib: Sandbox bypass vulnerability in Pipeline: Groovy Libraries Plugin (CVE-2022-43405)\n\n* jenkins-plugin/workflow-cps-global-lib: Sandbox bypass vulnerability in Pipeline: Deprecated Groovy Libraries Plugin (CVE-2022-43406)\n\n* maven: Block repositories using http by default (CVE-2021-26291)\n\n* SnakeYaml: Constructor Deserialization Remote Code Execution (CVE-2022-1471)\n\n* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)\n\n* maven-shared-utils: Command injection via Commandline class (CVE-2022-29599)\n\n* jenkins-plugin/pipeline-input-step: CSRF protection for any URL can be bypassed in Pipeline: Input Step Plugin (CVE-2022-43407)\n\n* mina-sshd: Java unsafe deserialization vulnerability (CVE-2022-45047)\n\n* jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin (CVE-2023-24422)\n\n* Jenkins plugin: CSRF vulnerability in Blue Ocean Plugin (CVE-2022-30953)\n\n* Jenkins plugin: missing permission checks in Blue Ocean Plugin (CVE-2022-30954)\n\n* jenkins-plugin/pipeline-stage-view: CSRF protection for any URL can be bypassed in Pipeline: Stage View Plugin (CVE-2022-43408)\n\n* jenkins-plugin/workflow-support: Stored XSS vulnerability in Pipeline: Supporting APIs Plugin (CVE-2022-43409)\n\n* jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin (CVE-2023-25761)\n\n* jenkins-2-plugins/pipeline-build-step: Stored XSS vulnerability in Pipeline: Build Step Plugin (CVE-2023-25762)\n\n* Jenkins: Temporary file parameter created with insecure permissions (CVE-2023-27903)\n\n* Jenkins: Information disclosure through error stack traces related to agents (CVE-2023-27904)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:3198",
"url": "https://access.redhat.com/errata/RHSA-2023:3198"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "https://docs.openshift.com/container-platform/4.11/cicd/jenkins/important-changes-to-openshift-jenkins-images.html",
"url": "https://docs.openshift.com/container-platform/4.11/cicd/jenkins/important-changes-to-openshift-jenkins-images.html"
},
{
"category": "external",
"summary": "1955739",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1955739"
},
{
"category": "external",
"summary": "2066479",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066479"
},
{
"category": "external",
"summary": "2119646",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119646"
},
{
"category": "external",
"summary": "2119647",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119647"
},
{
"category": "external",
"summary": "2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "2135435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135435"
},
{
"category": "external",
"summary": "2136370",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136370"
},
{
"category": "external",
"summary": "2136374",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136374"
},
{
"category": "external",
"summary": "2136379",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136379"
},
{
"category": "external",
"summary": "2136381",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136381"
},
{
"category": "external",
"summary": "2136382",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136382"
},
{
"category": "external",
"summary": "2136383",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136383"
},
{
"category": "external",
"summary": "2136386",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136386"
},
{
"category": "external",
"summary": "2136388",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136388"
},
{
"category": "external",
"summary": "2136391",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136391"
},
{
"category": "external",
"summary": "2145194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
},
{
"category": "external",
"summary": "2150009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150009"
},
{
"category": "external",
"summary": "2164278",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164278"
},
{
"category": "external",
"summary": "2170039",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170039"
},
{
"category": "external",
"summary": "2170041",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170041"
},
{
"category": "external",
"summary": "2177632",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177632"
},
{
"category": "external",
"summary": "2177634",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177634"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_3198.json"
}
],
"title": "Red Hat Security Advisory: jenkins and jenkins-2-plugins security update",
"tracking": {
"current_release_date": "2026-04-01T18:43:06+00:00",
"generator": {
"date": "2026-04-01T18:43:06+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.4"
}
},
"id": "RHSA-2023:3198",
"initial_release_date": "2023-05-17T17:53:04+00:00",
"revision_history": [
{
"date": "2023-05-17T17:53:04+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-05-17T17:53:04+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-01T18:43:06+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenShift Developer Tools and Services for OCP 4.11 for RHEL 8",
"product": {
"name": "OpenShift Developer Tools and Services for OCP 4.11 for RHEL 8",
"product_id": "8Base-OCP-Tools-4.11",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ocp_tools:4.11::el8"
}
}
}
],
"category": "product_family",
"name": "OpenShift Jenkins"
},
{
"branches": [
{
"category": "product_version",
"name": "jenkins-0:2.387.1.1683009763-3.el8.src",
"product": {
"name": "jenkins-0:2.387.1.1683009763-3.el8.src",
"product_id": "jenkins-0:2.387.1.1683009763-3.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins@2.387.1.1683009763-3.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "jenkins-2-plugins-0:4.11.1683009941-1.el8.src",
"product": {
"name": "jenkins-2-plugins-0:4.11.1683009941-1.el8.src",
"product_id": "jenkins-2-plugins-0:4.11.1683009941-1.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins-2-plugins@4.11.1683009941-1.el8?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "jenkins-0:2.387.1.1683009763-3.el8.noarch",
"product": {
"name": "jenkins-0:2.387.1.1683009763-3.el8.noarch",
"product_id": "jenkins-0:2.387.1.1683009763-3.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins@2.387.1.1683009763-3.el8?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"product": {
"name": "jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"product_id": "jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins-2-plugins@4.11.1683009941-1.el8?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-0:2.387.1.1683009763-3.el8.noarch as a component of OpenShift Developer Tools and Services for OCP 4.11 for RHEL 8",
"product_id": "8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch"
},
"product_reference": "jenkins-0:2.387.1.1683009763-3.el8.noarch",
"relates_to_product_reference": "8Base-OCP-Tools-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-0:2.387.1.1683009763-3.el8.src as a component of OpenShift Developer Tools and Services for OCP 4.11 for RHEL 8",
"product_id": "8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
},
"product_reference": "jenkins-0:2.387.1.1683009763-3.el8.src",
"relates_to_product_reference": "8Base-OCP-Tools-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch as a component of OpenShift Developer Tools and Services for OCP 4.11 for RHEL 8",
"product_id": "8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch"
},
"product_reference": "jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"relates_to_product_reference": "8Base-OCP-Tools-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-2-plugins-0:4.11.1683009941-1.el8.src as a component of OpenShift Developer Tools and Services for OCP 4.11 for RHEL 8",
"product_id": "8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
},
"product_reference": "jenkins-2-plugins-0:4.11.1683009941-1.el8.src",
"relates_to_product_reference": "8Base-OCP-Tools-4.11"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-26291",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-04-23T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1955739"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in maven. Repositories that are defined in a dependency\u2019s Project Object Model (pom), which may be unknown to users, are used by default resulting in potential risk if a malicious actor takes over that repository or is able to insert themselves into a position to pretend to be that repository. The highest threat from this vulnerability is to data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "maven: Block repositories using http by default",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-26291"
},
{
"category": "external",
"summary": "RHBZ#1955739",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1955739"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-26291",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26291"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-26291",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-26291"
},
{
"category": "external",
"summary": "https://maven.apache.org/docs/3.8.1/release-notes.html#cve-2021-26291",
"url": "https://maven.apache.org/docs/3.8.1/release-notes.html#cve-2021-26291"
}
],
"release_date": "2021-04-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-17T17:53:04+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3198"
},
{
"category": "workaround",
"details": "To avoid possible man-in-the-middle related attacks with this flaw, ensure any linked repositories in maven POMs use https and not http.",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "maven: Block repositories using http by default"
},
{
"cve": "CVE-2022-1471",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-12-01T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2150009"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the SnakeYaml package. This flaw allows an attacker to benefit from remote code execution by sending malicious YAML content and this content being deserialized by the constructor. Deserialization is unsafe and leads to Remote Code Execution (RCE).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "SnakeYaml: Constructor Deserialization Remote Code Execution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In the Red Hat Process Automation 7 (RHPAM) the untrusted, malicious YAML file for deserialization by the vulnerable Snakeyaml\u0027s SafeConstructor class must be provided intentionally by the RHPAM user which requires high privileges. The potential attack complexity is also high because it depends on conditions that are beyond the attacker\u0027s control. Due to that the impact for RHPAM is reduced to Low.\n\nRed Hat Fuse 7 does not expose by default any endpoint that passes incoming data/request into vulnerable Snakeyaml\u0027s Constructor class nor pass untrusted data to this class. When this class is used, it\u2019s still only used to parse internal configuration, hence the impact by this vulnerability to Red Hat Fuse 7 is reduced to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-1471"
},
{
"category": "external",
"summary": "RHBZ#2150009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-1471",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1471"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1471",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1471"
},
{
"category": "external",
"summary": "https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2",
"url": "https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2"
}
],
"release_date": "2022-10-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-17T17:53:04+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3198"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "SnakeYaml: Constructor Deserialization Remote Code Execution"
},
{
"cve": "CVE-2022-25857",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-09-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2126789"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Denial of Service due to missing nested depth limitation for collections",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For RHEL-8 it\u0027s downgraded to moderate because \"snakeyaml\" itself in RHEL 8 or RHEL-9 isn\u0027t shipped and \"prometheus-jmx-exporter\" is needed as build dependency. And it\u0027s not directly exploitable, hence severity marked as moderate.\nRed Hat Integration and AMQ products are not vulnerable to this flaw, so their severity has been lowered to moderate.\nRed Hat Single Sign-On uses snakeyaml from liquibase-core and is only used when performing migrations and would require administrator privileges to execute, hence severity marked as Low.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be present soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25857"
},
{
"category": "external",
"summary": "RHBZ#2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25857",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25857"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857"
},
{
"category": "external",
"summary": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525",
"url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525"
}
],
"release_date": "2022-08-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-17T17:53:04+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3198"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "snakeyaml: Denial of Service due to missing nested depth limitation for collections"
},
{
"cve": "CVE-2022-29599",
"cwe": {
"id": "CWE-77",
"name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
},
"discovery_date": "2022-03-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2066479"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the maven-shared-utils package. This issue allows a Command Injection due to improper escaping, allowing a shell injection attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "maven-shared-utils: Command injection via Commandline class",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite ships Candlepin component, which uses the Tomcatjss module from the RHEL AppStream repository. In turn, Tomcatjss relies on Maven, which itself depends on affected Apache Maven Shared Utils. Due to the fact that Satellite does not directly use Apache Maven Shared Utils, or expose it in its code, it is considered not affected by the flaw. Satellite customers can resolve the security warning by updating to the fixed Apache Maven Shared Utils through the updated Maven module, which is available in the RHEL 8 AppStream repository. It\u0027s worth noting that this solution applies solely to RHEL 8, which supports modules exclusively, and it is not applicable to earlier versions including RHEL 7.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-29599"
},
{
"category": "external",
"summary": "RHBZ#2066479",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066479"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-29599",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29599"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-29599",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-29599"
}
],
"release_date": "2020-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-17T17:53:04+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3198"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "maven-shared-utils: Command injection via Commandline class"
},
{
"cve": "CVE-2022-30953",
"cwe": {
"id": "CWE-352",
"name": "Cross-Site Request Forgery (CSRF)"
},
"discovery_date": "2022-08-19T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2119646"
}
],
"notes": [
{
"category": "description",
"text": "A cross-site request forgery (CSRF) vulnerability in Jenkins Blue Ocean Plugin 1.25.3 and earlier allows attackers to connect to an attacker-specified HTTP server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "plugin: CSRF vulnerability in Blue Ocean Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-30953"
},
{
"category": "external",
"summary": "RHBZ#2119646",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119646"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-30953",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30953"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-30953",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30953"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-05-17/#SECURITY-2502",
"url": "https://www.jenkins.io/security/advisory/2022-05-17/#SECURITY-2502"
}
],
"release_date": "2022-05-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-17T17:53:04+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3198"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "plugin: CSRF vulnerability in Blue Ocean Plugin"
},
{
"cve": "CVE-2022-30954",
"cwe": {
"id": "CWE-862",
"name": "Missing Authorization"
},
"discovery_date": "2022-08-19T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2119647"
}
],
"notes": [
{
"category": "description",
"text": "Jenkins Blue Ocean Plugin 1.25.3 and earlier does not perform a permission check in several HTTP endpoints, allowing attackers with Overall/Read permission to connect to an attacker-specified HTTP server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "plugin: missing permission checks in Blue Ocean Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-30954"
},
{
"category": "external",
"summary": "RHBZ#2119647",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119647"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-30954",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30954"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-30954",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30954"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-05-17/#SECURITY-2502",
"url": "https://www.jenkins.io/security/advisory/2022-05-17/#SECURITY-2502"
}
],
"release_date": "2022-05-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-17T17:53:04+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3198"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "plugin: missing permission checks in Blue Ocean Plugin"
},
{
"cve": "CVE-2022-42889",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2022-10-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135435"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code execution (RCE) and unintentional contact with untrusted remote servers.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-commons-text: variable interpolation RCE",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In order to carry successful exploitation of this vulnerability, the following conditions must be in place on the affected target:\n - Usage of specific methods that interpolate the variables as described in the flaw\n - Usage of external input for those methods\n - Usage of that external input has to be unsanitized/no \"allow list\"/etc.\n\nThe following products have *Low* impact because they have maven references to the affected package but do not ship it nor use the code:\n- Red Hat EAP Expansion Pack (EAP-XP)\n- Red Hat Camel-K\n- Red Hat Camel-Quarkus\n\nRed Hat Satellite ships Candlepin that embeds Apache Commons Text, however, it is not vulnerable to the flaw since the library has not been exposed in the product code. In Candlepin, the Commons Text is being pulled for the Liquibase and ActiveMQ Artemis libraries as a dependency. Red Hat Product Security has evaluated and rated the impact of the flaw as Low for Satellite since there was no harm identified to the confidentiality, integrity, or availability of systems.\n\n- The OCP has a *Moderate* impact because the affected library is a third-party library in the OCP jenkins-2-plugin component which reduces the possibilities of successful exploitation.\n- The OCP-4.8 is affected by this CVE and is in an extended life phase. For versions of products in the Extended Life Phase, Red Hat will provide limited ongoing technical support. No bug fixes, security fixes, hardware enablement or root-cause analysis will be available during this phase, and support will be provided on existing installations only.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42889"
},
{
"category": "external",
"summary": "RHBZ#2135435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135435"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42889",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42889"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42889",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42889"
},
{
"category": "external",
"summary": "https://blogs.apache.org/security/entry/cve-2022-42889",
"url": "https://blogs.apache.org/security/entry/cve-2022-42889"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om",
"url": "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om"
},
{
"category": "external",
"summary": "https://seclists.org/oss-sec/2022/q4/22",
"url": "https://seclists.org/oss-sec/2022/q4/22"
}
],
"release_date": "2022-10-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-17T17:53:04+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3198"
},
{
"category": "workaround",
"details": "This flaw may be avoided by ensuring that any external inputs used with the Commons-Text lookup methods are sanitized properly. Untrusted input should always be thoroughly sanitized before using in any potentially risky situations.",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache-commons-text: variable interpolation RCE"
},
{
"cve": "CVE-2022-43401",
"cwe": {
"id": "CWE-693",
"name": "Protection Mechanism Failure"
},
"discovery_date": "2022-10-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2136381"
}
],
"notes": [
{
"category": "description",
"text": "A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and confidentiality of Jenkins.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-43401"
},
{
"category": "external",
"summary": "RHBZ#2136381",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136381"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-43401",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43401"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43401",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43401"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(1)",
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(1)"
}
],
"release_date": "2022-10-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-17T17:53:04+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3198"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin"
},
{
"cve": "CVE-2022-43402",
"cwe": {
"id": "CWE-693",
"name": "Protection Mechanism Failure"
},
"discovery_date": "2022-10-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2136379"
}
],
"notes": [
{
"category": "description",
"text": "A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and confidentiality of Jenkins.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin/workflow-cps: Sandbox bypass vulnerabilities in Pipeline: Groovy Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-43402"
},
{
"category": "external",
"summary": "RHBZ#2136379",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136379"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-43402",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43402"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43402",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43402"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(1)",
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(1)"
}
],
"release_date": "2022-10-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-17T17:53:04+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3198"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "jenkins-plugin/workflow-cps: Sandbox bypass vulnerabilities in Pipeline: Groovy Plugin"
},
{
"cve": "CVE-2022-43403",
"cwe": {
"id": "CWE-693",
"name": "Protection Mechanism Failure"
},
"discovery_date": "2022-10-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2136382"
}
],
"notes": [
{
"category": "description",
"text": "A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and confidentiality of Jenkins.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-43403"
},
{
"category": "external",
"summary": "RHBZ#2136382",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136382"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-43403",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43403"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43403",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43403"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(1)",
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(1)"
}
],
"release_date": "2022-10-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-17T17:53:04+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3198"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin"
},
{
"cve": "CVE-2022-43404",
"cwe": {
"id": "CWE-693",
"name": "Protection Mechanism Failure"
},
"discovery_date": "2022-10-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2136383"
}
],
"notes": [
{
"category": "description",
"text": "A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and confidentiality of Jenkins.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-43404"
},
{
"category": "external",
"summary": "RHBZ#2136383",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136383"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-43404",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43404"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43404",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43404"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(1)",
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(1)"
}
],
"release_date": "2022-10-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-17T17:53:04+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3198"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin"
},
{
"cve": "CVE-2022-43405",
"cwe": {
"id": "CWE-693",
"name": "Protection Mechanism Failure"
},
"discovery_date": "2022-10-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2136374"
}
],
"notes": [
{
"category": "description",
"text": "A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and confidentiality of Jenkins.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin/pipeline-groovy-lib: Sandbox bypass vulnerability in Pipeline: Groovy Libraries Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-43405"
},
{
"category": "external",
"summary": "RHBZ#2136374",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136374"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-43405",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43405"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43405",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43405"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(2)",
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(2)"
}
],
"release_date": "2022-10-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-17T17:53:04+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3198"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "jenkins-plugin/pipeline-groovy-lib: Sandbox bypass vulnerability in Pipeline: Groovy Libraries Plugin"
},
{
"cve": "CVE-2022-43406",
"cwe": {
"id": "CWE-693",
"name": "Protection Mechanism Failure"
},
"discovery_date": "2022-10-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2136370"
}
],
"notes": [
{
"category": "description",
"text": "A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and confidentiality of Jenkins.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin/workflow-cps-global-lib: Sandbox bypass vulnerability in Pipeline: Deprecated Groovy Libraries Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-43406"
},
{
"category": "external",
"summary": "RHBZ#2136370",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136370"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-43406",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43406"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43406",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43406"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(2)",
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(2)"
}
],
"release_date": "2022-10-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-17T17:53:04+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3198"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "jenkins-plugin/workflow-cps-global-lib: Sandbox bypass vulnerability in Pipeline: Deprecated Groovy Libraries Plugin"
},
{
"cve": "CVE-2022-43407",
"cwe": {
"id": "CWE-838",
"name": "Inappropriate Encoding for Output Context"
},
"discovery_date": "2022-10-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2136386"
}
],
"notes": [
{
"category": "description",
"text": "A cross-site request forgery (CSRF) vulnerability was found in a Jenkins plugin. This issue may allow an unauthenticated attacker to access Jenkins builds, bypassing CSRF protections. This could compromise the integrity, availability, and confidentiality of Jenkins.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin/pipeline-input-step: CSRF protection for any URL can be bypassed in Pipeline: Input Step Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-43407"
},
{
"category": "external",
"summary": "RHBZ#2136386",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136386"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-43407",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43407"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43407",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43407"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2880",
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2880"
}
],
"release_date": "2022-10-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-17T17:53:04+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3198"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jenkins-plugin/pipeline-input-step: CSRF protection for any URL can be bypassed in Pipeline: Input Step Plugin"
},
{
"cve": "CVE-2022-43408",
"cwe": {
"id": "CWE-838",
"name": "Inappropriate Encoding for Output Context"
},
"discovery_date": "2022-10-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2136388"
}
],
"notes": [
{
"category": "description",
"text": "A Cross-site request forgery (CSRF) vulnerability was found in a Jenkins plugin. This issue may allow an authenticated attacker to access Jenkins builds, bypassing CSRF protections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin/pipeline-stage-view: CSRF protection for any URL can be bypassed in Pipeline: Stage View Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-43408"
},
{
"category": "external",
"summary": "RHBZ#2136388",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136388"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-43408",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43408"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43408",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43408"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2828",
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2828"
}
],
"release_date": "2022-10-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-17T17:53:04+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3198"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins-plugin/pipeline-stage-view: CSRF protection for any URL can be bypassed in Pipeline: Stage View Plugin"
},
{
"cve": "CVE-2022-43409",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2022-10-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2136391"
}
],
"notes": [
{
"category": "description",
"text": "A Cross-site scripting (XSS) vulnerability was found in a Jenkins plugin. This issue may allow an authenticated remote attacker to create Pipelines.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin/workflow-support: Stored XSS vulnerability in Pipeline: Supporting APIs Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-43409"
},
{
"category": "external",
"summary": "RHBZ#2136391",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136391"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-43409",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43409"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43409",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43409"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2881",
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2881"
}
],
"release_date": "2022-10-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-17T17:53:04+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3198"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins-plugin/workflow-support: Stored XSS vulnerability in Pipeline: Supporting APIs Plugin"
},
{
"cve": "CVE-2022-45047",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-11-23T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2145194"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache MINA SSHD, when using Java deserialization to load a serialized java.security.PrivateKey. An attacker could benefit from unsafe deserialization by inserting unsecured data that may affect the application or server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mina-sshd: Java unsafe deserialization vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Impact as High as there\u0027s a mitigation for minimizing the impact which the flaw requires org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to be impacted, which would require an external/public API for an attacker to benefit from it. \n\nRed Hat Fuse 7 and Red Hat JBoss Enterprise Application Platform 7 have a lower rate (moderate) as it\u0027s very unlikely to be exploited since those are for internal usage or use a custom implementation in their case.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45047"
},
{
"category": "external",
"summary": "RHBZ#2145194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45047",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45047"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047"
},
{
"category": "external",
"summary": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html",
"url": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html"
}
],
"release_date": "2022-11-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-17T17:53:04+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3198"
},
{
"category": "workaround",
"details": "From the maintainer:\n\nFor Apache MINA SSHD \u003c= 2.9.1, do not use org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to generate and later load your server\u0027s host key. Use separately generated host key files, for instance in OpenSSH format, and load them via a org.apache.sshd.common.keyprovider.FileKeyPairProvider instead. Or use a custom implementation instead of \nSimpleGeneratorHostKeyProvider that uses the OpenSSH format for storing and loading the host key (via classes OpenSSHKeyPairResourceWriter and OpenSSHKeyPairResourceParser).",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "mina-sshd: Java unsafe deserialization vulnerability"
},
{
"cve": "CVE-2023-24422",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2023-01-25T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2164278"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the script-security Jenkins Plugin. In affected versions of the script-security plugin, property assignments performed implicitly by the Groovy language runtime when invoking map constructors were not intercepted by the sandbox. This vulnerability allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift 3.11 is already in the ELS support model phase. The Jenkins components are out of scope of the ELS support; hence OpenShift 3.11 Jenkins component is marked in this CVE as out of support scope.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-24422"
},
{
"category": "external",
"summary": "RHBZ#2164278",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164278"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-24422",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24422"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-24422",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24422"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-01-24/#SECURITY-3016",
"url": "https://www.jenkins.io/security/advisory/2023-01-24/#SECURITY-3016"
}
],
"release_date": "2023-01-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-17T17:53:04+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3198"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin"
},
{
"cve": "CVE-2023-25761",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2023-02-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2170039"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Jenkins JUnit plugin. The affected versions of the JUnit Plugin do not escape test case class names in JavaScript expressions, resulting in a stored cross-site scripting (XSS) vulnerability. This may allow an attacker to control test case class names in the JUnit resources processed by the plugin.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift 3.11 is already in the ELS support model phase. The Jenkins components are out of scope of the ELS support, therefore, the OpenShift 3.11 Jenkins component is marked as out of support scope in this CVE.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-25761"
},
{
"category": "external",
"summary": "RHBZ#2170039",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170039"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-25761",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25761"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-25761",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25761"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-3032",
"url": "https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-3032"
}
],
"release_date": "2023-02-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-17T17:53:04+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3198"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin"
},
{
"cve": "CVE-2023-25762",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2023-02-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2170041"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Jenkins pipeline-build-step plugin. Affected versions of the pipeline-build-step plugin do not escape job names in a JavaScript expression used in the Pipeline Snippet Generator. This can result in a stored cross-site scripting (XSS) vulnerability that may allow attackers to control job names.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-2-plugins/pipeline-build-step: Stored XSS vulnerability in Pipeline: Build Step Plugin",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift 3.11 is already in the ELS support model phase. The Jenkins components are out of scope of the ELS support, therefore, the OpenShift 3.11 Jenkins component is marked as out of support scope in this CVE.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-25762"
},
{
"category": "external",
"summary": "RHBZ#2170041",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170041"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-25762",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25762"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-25762",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25762"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-3019",
"url": "https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-3019"
}
],
"release_date": "2023-02-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-17T17:53:04+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3198"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins-2-plugins/pipeline-build-step: Stored XSS vulnerability in Pipeline: Build Step Plugin"
},
{
"cve": "CVE-2023-27903",
"cwe": {
"id": "CWE-266",
"name": "Incorrect Privilege Assignment"
},
"discovery_date": "2023-03-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2177632"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jenkins. When triggering a build from the Jenkins CLI, Jenkins creates a temporary file on the controller if a file parameter is provided through the CLI\u2019s standard input. Affected versions of Jenkins create this temporary file in the default temporary directory with the default permissions for newly created files. If these permissions are overly permissive, they may allow attackers with access to the Jenkins controller file system to read and write the file before it is used in the build.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Jenkins: Temporary file parameter created with insecure permissions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift 3.11 is already in the ELS support model phase. The Jenkins components are out of the scope of the ELS support; hence OpenShift 3.11 Jenkins component is marked in this CVE as Out of Support Scope.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-27903"
},
{
"category": "external",
"summary": "RHBZ#2177632",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177632"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-27903",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27903"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-27903",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27903"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-03-08/#SECURITY-3058",
"url": "https://www.jenkins.io/security/advisory/2023-03-08/#SECURITY-3058"
}
],
"release_date": "2023-03-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-17T17:53:04+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3198"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "Jenkins: Temporary file parameter created with insecure permissions"
},
{
"cve": "CVE-2023-27904",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2023-03-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2177634"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jenkins. The affected version of Jenkins prints an error stack trace on agent-related pages when agent connections are broken. This stack trace may contain information about Jenkins configuration that is otherwise inaccessible to attackers.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Jenkins: Information disclosure through error stack traces related to agents",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift 3.11 is already in the ELS support model phase. The Jenkins components are out of the scope of the ELS support; hence OpenShift 3.11 Jenkins component is marked in this CVE as Out of Support Scope.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-27904"
},
{
"category": "external",
"summary": "RHBZ#2177634",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177634"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-27904",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27904"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-27904",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27904"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-03-08/#SECURITY-2120",
"url": "https://www.jenkins.io/security/advisory/2023-03-08/#SECURITY-2120"
}
],
"release_date": "2023-03-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-17T17:53:04+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3198"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "Jenkins: Information disclosure through error stack traces related to agents"
}
]
}
RHSA-2023_7288
Vulnerability from csaf_redhat - Published: 2023-11-16 05:58 - Updated: 2024-12-18 04:56Summary
Red Hat Security Advisory: Red Hat Product OCP Tools 4.14 Openshift Jenkins security update
Severity
Important
Notes
Topic: An update for Openshift Jenkins is now available for Red Hat Product OCP Tools 4.14.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron.
Security Fix(es):
* golang: net/http, x/net/http2: rapid stream resets can cause excessive work (Rapid Reset Attack) (CVE-2023-39325)
* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)
A Red Hat Security Bulletin which addresses further details about the Rapid Reset flaw is available in the References section.
* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)
* maven-shared-utils: Command injection via Commandline class (CVE-2022-29599)
* apache-commons-text: variable interpolation RCE (CVE-2022-42889)
* jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin (CVE-2023-24422)
* jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin (CVE-2023-25761)
* jenkins-2-plugins/pipeline-build-step: Stored XSS vulnerability in Pipeline: Build Step Plugin (CVE-2023-25762)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:7288
A flaw was found in the maven-shared-utils package. This issue allows a Command Injection due to improper escaping, allowing a shell injection attack.
9.8 (Critical)
Vendor Fix
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:7288
A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code execution (RCE) and unintentional contact with untrusted remote servers.
9.8 (Critical)
Vendor Fix
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:7288
Workaround
This flaw may be avoided by ensuring that any external inputs used with the Commons-Text lookup methods are sanitized properly. Untrusted input should always be thoroughly sanitized before using in any potentially risky situations.
A flaw was found in the script-security Jenkins Plugin. In affected versions of the script-security plugin, property assignments performed implicitly by the Groovy language runtime when invoking map constructors were not intercepted by the sandbox. This vulnerability allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM.
8.8 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:7288
A flaw was found in the Jenkins JUnit plugin. The affected versions of the JUnit Plugin do not escape test case class names in JavaScript expressions, resulting in a stored cross-site scripting (XSS) vulnerability. This may allow an attacker to control test case class names in the JUnit resources processed by the plugin.
5.4 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:7288
A flaw was found in the Jenkins pipeline-build-step plugin. Affected versions of the pipeline-build-step plugin do not escape job names in a JavaScript expression used in the Pipeline Snippet Generator. This can result in a stored cross-site scripting (XSS) vulnerability that may allow attackers to control job names.
5.4 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:7288
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:7288
Workaround
The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages. Security Bulletin https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:7288
Workaround
Users are strongly urged to update their software as soon as fixes are available.
There are several mitigation approaches for this flaw.
1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.
2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.
3. Several package specific mitigations are also available.
a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/
b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p
c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487
d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg
e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.
References
| URL | Category | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for Openshift Jenkins is now available for Red Hat Product OCP Tools 4.14. \n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron.\n\nSecurity Fix(es):\n\n* golang: net/http, x/net/http2: rapid stream resets can cause excessive work (Rapid Reset Attack) (CVE-2023-39325)\n\n* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)\n\nA Red Hat Security Bulletin which addresses further details about the Rapid Reset flaw is available in the References section.\n\n* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)\n\n* maven-shared-utils: Command injection via Commandline class (CVE-2022-29599)\n\n* apache-commons-text: variable interpolation RCE (CVE-2022-42889)\n\n* jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin (CVE-2023-24422)\n\n* jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin (CVE-2023-25761)\n\n* jenkins-2-plugins/pipeline-build-step: Stored XSS vulnerability in Pipeline: Build Step Plugin (CVE-2023-25762)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:7288",
"url": "https://access.redhat.com/errata/RHSA-2023:7288"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "2066479",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066479"
},
{
"category": "external",
"summary": "2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "2135435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135435"
},
{
"category": "external",
"summary": "2164278",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164278"
},
{
"category": "external",
"summary": "2170039",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170039"
},
{
"category": "external",
"summary": "2170041",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170041"
},
{
"category": "external",
"summary": "2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_7288.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Product OCP Tools 4.14 Openshift Jenkins security update",
"tracking": {
"current_release_date": "2024-12-18T04:56:03+00:00",
"generator": {
"date": "2024-12-18T04:56:03+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2023:7288",
"initial_release_date": "2023-11-16T05:58:26+00:00",
"revision_history": [
{
"date": "2023-11-16T05:58:26+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-11-16T05:58:26+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-18T04:56:03+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenShift Developer Tools and Services for OCP 4.14",
"product": {
"name": "OpenShift Developer Tools and Services for OCP 4.14",
"product_id": "8Base-OCP-Tools-4.14",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ocp_tools:4.14::el8"
}
}
}
],
"category": "product_family",
"name": "OpenShift Jenkins"
},
{
"branches": [
{
"category": "product_version",
"name": "jenkins-0:2.414.3.1699356615-3.el8.src",
"product": {
"name": "jenkins-0:2.414.3.1699356615-3.el8.src",
"product_id": "jenkins-0:2.414.3.1699356615-3.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins@2.414.3.1699356615-3.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "jenkins-2-plugins-0:4.14.1699356715-1.el8.src",
"product": {
"name": "jenkins-2-plugins-0:4.14.1699356715-1.el8.src",
"product_id": "jenkins-2-plugins-0:4.14.1699356715-1.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins-2-plugins@4.14.1699356715-1.el8?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "jenkins-0:2.414.3.1699356615-3.el8.noarch",
"product": {
"name": "jenkins-0:2.414.3.1699356615-3.el8.noarch",
"product_id": "jenkins-0:2.414.3.1699356615-3.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins@2.414.3.1699356615-3.el8?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"product": {
"name": "jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"product_id": "jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins-2-plugins@4.14.1699356715-1.el8?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-0:2.414.3.1699356615-3.el8.noarch as a component of OpenShift Developer Tools and Services for OCP 4.14",
"product_id": "8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch"
},
"product_reference": "jenkins-0:2.414.3.1699356615-3.el8.noarch",
"relates_to_product_reference": "8Base-OCP-Tools-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-0:2.414.3.1699356615-3.el8.src as a component of OpenShift Developer Tools and Services for OCP 4.14",
"product_id": "8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src"
},
"product_reference": "jenkins-0:2.414.3.1699356615-3.el8.src",
"relates_to_product_reference": "8Base-OCP-Tools-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch as a component of OpenShift Developer Tools and Services for OCP 4.14",
"product_id": "8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch"
},
"product_reference": "jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"relates_to_product_reference": "8Base-OCP-Tools-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-2-plugins-0:4.14.1699356715-1.el8.src as a component of OpenShift Developer Tools and Services for OCP 4.14",
"product_id": "8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
},
"product_reference": "jenkins-2-plugins-0:4.14.1699356715-1.el8.src",
"relates_to_product_reference": "8Base-OCP-Tools-4.14"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-25857",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-09-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2126789"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Denial of Service due to missing nested depth limitation for collections",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For RHEL-8 it\u0027s downgraded to moderate because \"snakeyaml\" itself in RHEL 8 or RHEL-9 isn\u0027t shipped and \"prometheus-jmx-exporter\" is needed as build dependency. And it\u0027s not directly exploitable, hence severity marked as moderate.\nRed Hat Integration and AMQ products are not vulnerable to this flaw, so their severity has been lowered to moderate.\nRed Hat Single Sign-On uses snakeyaml from liquibase-core and is only used when performing migrations and would require administrator privileges to execute, hence severity marked as Low.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be present soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25857"
},
{
"category": "external",
"summary": "RHBZ#2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25857",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25857"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857"
},
{
"category": "external",
"summary": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525",
"url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525"
}
],
"release_date": "2022-08-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-16T05:58:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7288"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "snakeyaml: Denial of Service due to missing nested depth limitation for collections"
},
{
"cve": "CVE-2022-29599",
"cwe": {
"id": "CWE-77",
"name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
},
"discovery_date": "2022-03-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2066479"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the maven-shared-utils package. This issue allows a Command Injection due to improper escaping, allowing a shell injection attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "maven-shared-utils: Command injection via Commandline class",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite ships Candlepin component, which uses the Tomcatjss module from the RHEL AppStream repository. In turn, Tomcatjss relies on Maven, which itself depends on affected Apache Maven Shared Utils. Due to the fact that Satellite does not directly use Apache Maven Shared Utils, or expose it in its code, it is considered not affected by the flaw. Satellite customers can resolve the security warning by updating to the fixed Apache Maven Shared Utils through the updated Maven module, which is available in the RHEL 8 AppStream repository. It\u0027s worth noting that this solution applies solely to RHEL 8, which supports modules exclusively, and it is not applicable to earlier versions including RHEL 7.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-29599"
},
{
"category": "external",
"summary": "RHBZ#2066479",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066479"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-29599",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29599"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-29599",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-29599"
}
],
"release_date": "2020-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-16T05:58:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7288"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "maven-shared-utils: Command injection via Commandline class"
},
{
"cve": "CVE-2022-42889",
"cwe": {
"id": "CWE-1188",
"name": "Initialization of a Resource with an Insecure Default"
},
"discovery_date": "2022-10-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135435"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code execution (RCE) and unintentional contact with untrusted remote servers.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-commons-text: variable interpolation RCE",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In order to carry successful exploitation of this vulnerability, the following conditions must be in place on the affected target:\n - Usage of specific methods that interpolate the variables as described in the flaw\n - Usage of external input for those methods\n - Usage of that external input has to be unsanitized/no \"allow list\"/etc.\n\nThe following products have *Low* impact because they have maven references to the affected package but do not ship it nor use the code:\n- Red Hat EAP Expansion Pack (EAP-XP)\n- Red Hat Camel-K\n- Red Hat Camel-Quarkus\n\nRed Hat Satellite ships Candlepin that embeds Apache Commons Text, however, it is not vulnerable to the flaw since the library has not been exposed in the product code. In Candlepin, the Commons Text is being pulled for the Liquibase and ActiveMQ Artemis libraries as a dependency. Red Hat Product Security has evaluated and rated the impact of the flaw as Low for Satellite since there was no harm identified to the confidentiality, integrity, or availability of systems.\n\n- The OCP has a *Moderate* impact because the affected library is a third-party library in the OCP jenkins-2-plugin component which reduces the possibilities of successful exploitation.\n- The OCP-4.8 is affected by this CVE and is in an extended life phase. For versions of products in the Extended Life Phase, Red Hat will provide limited ongoing technical support. No bug fixes, security fixes, hardware enablement or root-cause analysis will be available during this phase, and support will be provided on existing installations only.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42889"
},
{
"category": "external",
"summary": "RHBZ#2135435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135435"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42889",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42889"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42889",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42889"
},
{
"category": "external",
"summary": "https://blogs.apache.org/security/entry/cve-2022-42889",
"url": "https://blogs.apache.org/security/entry/cve-2022-42889"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om",
"url": "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om"
},
{
"category": "external",
"summary": "https://seclists.org/oss-sec/2022/q4/22",
"url": "https://seclists.org/oss-sec/2022/q4/22"
}
],
"release_date": "2022-10-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-16T05:58:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7288"
},
{
"category": "workaround",
"details": "This flaw may be avoided by ensuring that any external inputs used with the Commons-Text lookup methods are sanitized properly. Untrusted input should always be thoroughly sanitized before using in any potentially risky situations.",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache-commons-text: variable interpolation RCE"
},
{
"cve": "CVE-2023-24422",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2023-01-25T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2164278"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the script-security Jenkins Plugin. In affected versions of the script-security plugin, property assignments performed implicitly by the Groovy language runtime when invoking map constructors were not intercepted by the sandbox. This vulnerability allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift 3.11 is already in the ELS support model phase. The Jenkins components are out of scope of the ELS support; hence OpenShift 3.11 Jenkins component is marked in this CVE as out of support scope.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-24422"
},
{
"category": "external",
"summary": "RHBZ#2164278",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164278"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-24422",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24422"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-24422",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24422"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-01-24/#SECURITY-3016",
"url": "https://www.jenkins.io/security/advisory/2023-01-24/#SECURITY-3016"
}
],
"release_date": "2023-01-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-16T05:58:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7288"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin"
},
{
"cve": "CVE-2023-25761",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2023-02-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2170039"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Jenkins JUnit plugin. The affected versions of the JUnit Plugin do not escape test case class names in JavaScript expressions, resulting in a stored cross-site scripting (XSS) vulnerability. This may allow an attacker to control test case class names in the JUnit resources processed by the plugin.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift 3.11 is already in the ELS support model phase. The Jenkins components are out of scope of the ELS support, therefore, the OpenShift 3.11 Jenkins component is marked as out of support scope in this CVE.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-25761"
},
{
"category": "external",
"summary": "RHBZ#2170039",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170039"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-25761",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25761"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-25761",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25761"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-3032",
"url": "https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-3032"
}
],
"release_date": "2023-02-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-16T05:58:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7288"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin"
},
{
"cve": "CVE-2023-25762",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2023-02-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2170041"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Jenkins pipeline-build-step plugin. Affected versions of the pipeline-build-step plugin do not escape job names in a JavaScript expression used in the Pipeline Snippet Generator. This can result in a stored cross-site scripting (XSS) vulnerability that may allow attackers to control job names.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-2-plugins/pipeline-build-step: Stored XSS vulnerability in Pipeline: Build Step Plugin",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift 3.11 is already in the ELS support model phase. The Jenkins components are out of scope of the ELS support, therefore, the OpenShift 3.11 Jenkins component is marked as out of support scope in this CVE.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-25762"
},
{
"category": "external",
"summary": "RHBZ#2170041",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170041"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-25762",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25762"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-25762",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25762"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-3019",
"url": "https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-3019"
}
],
"release_date": "2023-02-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-16T05:58:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7288"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins-2-plugins/pipeline-build-step: Stored XSS vulnerability in Pipeline: Build Step Plugin"
},
{
"cve": "CVE-2023-39325",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2243296"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE is related to CVE-2023-44487.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39325"
},
{
"category": "external",
"summary": "RHBZ#2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-44487",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://go.dev/issue/63417",
"url": "https://go.dev/issue/63417"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-16T05:58:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7288"
},
{
"category": "workaround",
"details": "The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)"
},
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242803"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages.\r\n\r\nSecurity Bulletin\r\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "NGINX has been marked as Moderate Impact because, for performance and resource consumption reasons, NGINX limits the number of concurrent streams to a default of 128. In addition, to optimally balance network and server performance, NGINX allows the client to persist HTTP connections for up to 1000 requests by default using an HTTP keepalive.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nrhc component is no longer impacted by CVE-2023-44487 \u0026 CVE-2023-39325.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "RHBZ#2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://github.com/dotnet/announcements/issues/277",
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/",
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-16T05:58:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7288"
},
{
"category": "workaround",
"details": "Users are strongly urged to update their software as soon as fixes are available. \nThere are several mitigation approaches for this flaw. \n\n1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.\n2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.\n3. Several package specific mitigations are also available. \n a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\n b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p\n c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\n d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg\n e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-10-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)"
}
]
}
RHSA-2022_6820
Vulnerability from csaf_redhat - Published: 2022-10-06 07:40 - Updated: 2024-12-16 16:05Summary
Red Hat Security Advisory: prometheus-jmx-exporter security update
Severity
Moderate
Notes
Topic: An update for prometheus-jmx-exporter is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
[Updated 20th October 2022]
The product listing in this erratum has been updated to include missing openjdk8 and openjdk17 sub-packages for Red Hat Enterprise Linux 8.
Details: Prometheus JMX Exporter is a JMX to Prometheus exporter: a collector that can be configured to scrape and expose MBeans of a JMX target.
Security Fix(es):
* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.
7.5 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2022:6820
References
| URL | Category | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for prometheus-jmx-exporter is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\n[Updated 20th October 2022]\nThe product listing in this erratum has been updated to include missing openjdk8 and openjdk17 sub-packages for Red Hat Enterprise Linux 8.",
"title": "Topic"
},
{
"category": "general",
"text": "Prometheus JMX Exporter is a JMX to Prometheus exporter: a collector that can be configured to scrape and expose MBeans of a JMX target.\n\nSecurity Fix(es):\n\n* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:6820",
"url": "https://access.redhat.com/errata/RHSA-2022:6820"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_6820.json"
}
],
"title": "Red Hat Security Advisory: prometheus-jmx-exporter security update",
"tracking": {
"current_release_date": "2024-12-16T16:05:52+00:00",
"generator": {
"date": "2024-12-16T16:05:52+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2022:6820",
"initial_release_date": "2022-10-06T07:40:42+00:00",
"revision_history": [
{
"date": "2022-10-06T07:40:42+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-10-20T13:11:37+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-16T16:05:52+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "prometheus-jmx-exporter-0:0.12.0-8.el8_6.src",
"product": {
"name": "prometheus-jmx-exporter-0:0.12.0-8.el8_6.src",
"product_id": "prometheus-jmx-exporter-0:0.12.0-8.el8_6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/prometheus-jmx-exporter@0.12.0-8.el8_6?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "prometheus-jmx-exporter-0:0.12.0-8.el8_6.noarch",
"product": {
"name": "prometheus-jmx-exporter-0:0.12.0-8.el8_6.noarch",
"product_id": "prometheus-jmx-exporter-0:0.12.0-8.el8_6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/prometheus-jmx-exporter@0.12.0-8.el8_6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "prometheus-jmx-exporter-openjdk11-0:0.12.0-8.el8_6.noarch",
"product": {
"name": "prometheus-jmx-exporter-openjdk11-0:0.12.0-8.el8_6.noarch",
"product_id": "prometheus-jmx-exporter-openjdk11-0:0.12.0-8.el8_6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/prometheus-jmx-exporter-openjdk11@0.12.0-8.el8_6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "prometheus-jmx-exporter-openjdk17-0:0.12.0-8.el8_6.noarch",
"product": {
"name": "prometheus-jmx-exporter-openjdk17-0:0.12.0-8.el8_6.noarch",
"product_id": "prometheus-jmx-exporter-openjdk17-0:0.12.0-8.el8_6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/prometheus-jmx-exporter-openjdk17@0.12.0-8.el8_6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "prometheus-jmx-exporter-openjdk8-0:0.12.0-8.el8_6.noarch",
"product": {
"name": "prometheus-jmx-exporter-openjdk8-0:0.12.0-8.el8_6.noarch",
"product_id": "prometheus-jmx-exporter-openjdk8-0:0.12.0-8.el8_6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/prometheus-jmx-exporter-openjdk8@0.12.0-8.el8_6?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-jmx-exporter-0:0.12.0-8.el8_6.noarch as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:prometheus-jmx-exporter-0:0.12.0-8.el8_6.noarch"
},
"product_reference": "prometheus-jmx-exporter-0:0.12.0-8.el8_6.noarch",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-jmx-exporter-0:0.12.0-8.el8_6.src as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:prometheus-jmx-exporter-0:0.12.0-8.el8_6.src"
},
"product_reference": "prometheus-jmx-exporter-0:0.12.0-8.el8_6.src",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-jmx-exporter-openjdk11-0:0.12.0-8.el8_6.noarch as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:prometheus-jmx-exporter-openjdk11-0:0.12.0-8.el8_6.noarch"
},
"product_reference": "prometheus-jmx-exporter-openjdk11-0:0.12.0-8.el8_6.noarch",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-jmx-exporter-openjdk17-0:0.12.0-8.el8_6.noarch as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:prometheus-jmx-exporter-openjdk17-0:0.12.0-8.el8_6.noarch"
},
"product_reference": "prometheus-jmx-exporter-openjdk17-0:0.12.0-8.el8_6.noarch",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-jmx-exporter-openjdk8-0:0.12.0-8.el8_6.noarch as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.Z.MAIN.EUS:prometheus-jmx-exporter-openjdk8-0:0.12.0-8.el8_6.noarch"
},
"product_reference": "prometheus-jmx-exporter-openjdk8-0:0.12.0-8.el8_6.noarch",
"relates_to_product_reference": "AppStream-8.6.0.Z.MAIN.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-25857",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-09-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2126789"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Denial of Service due to missing nested depth limitation for collections",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For RHEL-8 it\u0027s downgraded to moderate because \"snakeyaml\" itself in RHEL 8 or RHEL-9 isn\u0027t shipped and \"prometheus-jmx-exporter\" is needed as build dependency. And it\u0027s not directly exploitable, hence severity marked as moderate.\nRed Hat Integration and AMQ products are not vulnerable to this flaw, so their severity has been lowered to moderate.\nRed Hat Single Sign-On uses snakeyaml from liquibase-core and is only used when performing migrations and would require administrator privileges to execute, hence severity marked as Low.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be present soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.6.0.Z.MAIN.EUS:prometheus-jmx-exporter-0:0.12.0-8.el8_6.noarch",
"AppStream-8.6.0.Z.MAIN.EUS:prometheus-jmx-exporter-0:0.12.0-8.el8_6.src",
"AppStream-8.6.0.Z.MAIN.EUS:prometheus-jmx-exporter-openjdk11-0:0.12.0-8.el8_6.noarch",
"AppStream-8.6.0.Z.MAIN.EUS:prometheus-jmx-exporter-openjdk17-0:0.12.0-8.el8_6.noarch",
"AppStream-8.6.0.Z.MAIN.EUS:prometheus-jmx-exporter-openjdk8-0:0.12.0-8.el8_6.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25857"
},
{
"category": "external",
"summary": "RHBZ#2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25857",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25857"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857"
},
{
"category": "external",
"summary": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525",
"url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525"
}
],
"release_date": "2022-08-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-06T07:40:42+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.6.0.Z.MAIN.EUS:prometheus-jmx-exporter-0:0.12.0-8.el8_6.noarch",
"AppStream-8.6.0.Z.MAIN.EUS:prometheus-jmx-exporter-0:0.12.0-8.el8_6.src",
"AppStream-8.6.0.Z.MAIN.EUS:prometheus-jmx-exporter-openjdk11-0:0.12.0-8.el8_6.noarch",
"AppStream-8.6.0.Z.MAIN.EUS:prometheus-jmx-exporter-openjdk17-0:0.12.0-8.el8_6.noarch",
"AppStream-8.6.0.Z.MAIN.EUS:prometheus-jmx-exporter-openjdk8-0:0.12.0-8.el8_6.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6820"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.6.0.Z.MAIN.EUS:prometheus-jmx-exporter-0:0.12.0-8.el8_6.noarch",
"AppStream-8.6.0.Z.MAIN.EUS:prometheus-jmx-exporter-0:0.12.0-8.el8_6.src",
"AppStream-8.6.0.Z.MAIN.EUS:prometheus-jmx-exporter-openjdk11-0:0.12.0-8.el8_6.noarch",
"AppStream-8.6.0.Z.MAIN.EUS:prometheus-jmx-exporter-openjdk17-0:0.12.0-8.el8_6.noarch",
"AppStream-8.6.0.Z.MAIN.EUS:prometheus-jmx-exporter-openjdk8-0:0.12.0-8.el8_6.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Denial of Service due to missing nested depth limitation for collections"
}
]
}
RHSA-2022_8524
Vulnerability from csaf_redhat - Published: 2022-11-17 13:40 - Updated: 2024-12-16 16:06Summary
Red Hat Security Advisory: Red Hat Data Grid 8.4.0 security update
Severity
Important
Notes
Topic: An update for Red Hat Data Grid 8 is now available.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat Data Grid is an in-memory, distributed, NoSQL datastore solution. It increases application response times and allows for dramatically improving performance while providing availability, reliability, and elastic scale.
Data Grid 8.4.0 replaces Data Grid 8.3.1 and includes bug fixes and enhancements. Find out more about Data Grid 8.4.0 in the Release Notes[3].
Security Fix(es):
* prismjs: improperly escaped output allows a XSS (CVE-2022-23647)
* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)
* node-fetch: exposure of sensitive information to an unauthorized actor (CVE-2022-0235)
* netty: world readable temporary file containing sensitive data (CVE-2022-24823)
* snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode (CVE-2022-38749)
* snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject (CVE-2022-38750)
* snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match (CVE-2022-38751)
* snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode (CVE-2022-38752)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in node-fetch. When following a redirect to a third-party domain, node-fetch was forwarding sensitive headers such as "Authorization," "WWW-Authenticate," and "Cookie" to potentially untrusted targets. This flaw leads to the exposure of sensitive information to an unauthorized actor.
6.1 (Medium)
Vendor Fix
To install this update, do the following:
1. Download the Data Grid 8.4.0 Server patch from the customer portal[²].
2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.
3. Install the Data Grid 8.4.0 Server patch.
4. Restart Data Grid to ensure the changes take effect.
For more information about Data Grid 8.4.0, refer to the 8.4.0 Release Notes[³]
https://access.redhat.com/errata/RHSA-2022:8524
A Cross-site scripting attack was found in Prism. The command-line plugin did not properly escape its output. This issue leads to the input text being inserted into the Document Object Model (DOM) as HTML code, which can be exploited by an attacker.
6.1 (Medium)
Vendor Fix
To install this update, do the following:
1. Download the Data Grid 8.4.0 Server patch from the customer portal[²].
2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.
3. Install the Data Grid 8.4.0 Server patch.
4. Restart Data Grid to ensure the changes take effect.
For more information about Data Grid 8.4.0, refer to the 8.4.0 Release Notes[³]
https://access.redhat.com/errata/RHSA-2022:8524
CVE-2021-21290 contains an incomplete fix, and this addresses the issue found in netty. When using multipart decoders in netty, local information disclosure can occur via the local system temporary directory if temporary storing of uploads on the disk is enabled.
5.5 (Medium)
Vendor Fix
To install this update, do the following:
1. Download the Data Grid 8.4.0 Server patch from the customer portal[²].
2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.
3. Install the Data Grid 8.4.0 Server patch.
4. Restart Data Grid to ensure the changes take effect.
For more information about Data Grid 8.4.0, refer to the 8.4.0 Release Notes[³]
https://access.redhat.com/errata/RHSA-2022:8524
Workaround
As a workaround, specify one's own `java.io.tmpdir` when starting the JVM or use DefaultHttpDataFactory.setBaseDir(...) to set the directory to something that is only readable by the current user.
A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.
7.5 (High)
Vendor Fix
To install this update, do the following:
1. Download the Data Grid 8.4.0 Server patch from the customer portal[²].
2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.
3. Install the Data Grid 8.4.0 Server patch.
4. Restart Data Grid to ensure the changes take effect.
For more information about Data Grid 8.4.0, refer to the 8.4.0 Release Notes[³]
https://access.redhat.com/errata/RHSA-2022:8524
A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash, resulting in a denial of service.
6.5 (Medium)
Vendor Fix
To install this update, do the following:
1. Download the Data Grid 8.4.0 Server patch from the customer portal[²].
2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.
3. Install the Data Grid 8.4.0 Server patch.
4. Restart Data Grid to ensure the changes take effect.
For more information about Data Grid 8.4.0, refer to the 8.4.0 Release Notes[³]
https://access.redhat.com/errata/RHSA-2022:8524
A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.
5.5 (Medium)
Vendor Fix
To install this update, do the following:
1. Download the Data Grid 8.4.0 Server patch from the customer portal[²].
2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.
3. Install the Data Grid 8.4.0 Server patch.
4. Restart Data Grid to ensure the changes take effect.
For more information about Data Grid 8.4.0, refer to the 8.4.0 Release Notes[³]
https://access.redhat.com/errata/RHSA-2022:8524
A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.
6.5 (Medium)
Vendor Fix
To install this update, do the following:
1. Download the Data Grid 8.4.0 Server patch from the customer portal[²].
2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.
3. Install the Data Grid 8.4.0 Server patch.
4. Restart Data Grid to ensure the changes take effect.
For more information about Data Grid 8.4.0, refer to the 8.4.0 Release Notes[³]
https://access.redhat.com/errata/RHSA-2022:8524
A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.
6.5 (Medium)
Vendor Fix
To install this update, do the following:
1. Download the Data Grid 8.4.0 Server patch from the customer portal[²].
2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.
3. Install the Data Grid 8.4.0 Server patch.
4. Restart Data Grid to ensure the changes take effect.
For more information about Data Grid 8.4.0, refer to the 8.4.0 Release Notes[³]
https://access.redhat.com/errata/RHSA-2022:8524
References
| URL | Category | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for Red Hat Data Grid 8 is now available.\n \nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Data Grid is an in-memory, distributed, NoSQL datastore solution. It increases application response times and allows for dramatically improving performance while providing availability, reliability, and elastic scale.\n \nData Grid 8.4.0 replaces Data Grid 8.3.1 and includes bug fixes and enhancements. Find out more about Data Grid 8.4.0 in the Release Notes[3].\n\nSecurity Fix(es):\n\n* prismjs: improperly escaped output allows a XSS (CVE-2022-23647)\n\n* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)\n\n* node-fetch: exposure of sensitive information to an unauthorized actor (CVE-2022-0235)\n\n* netty: world readable temporary file containing sensitive data (CVE-2022-24823)\n\n* snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode (CVE-2022-38749)\n\n* snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject (CVE-2022-38750)\n\n* snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match (CVE-2022-38751)\n\n* snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode (CVE-2022-38752)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:8524",
"url": "https://access.redhat.com/errata/RHSA-2022:8524"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/softwareDetail.html?softwareId=70381\u0026product=data.grid\u0026version=8.4\u0026downloadType=patches",
"url": "https://access.redhat.com/jbossnetwork/restricted/softwareDetail.html?softwareId=70381\u0026product=data.grid\u0026version=8.4\u0026downloadType=patches"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_data_grid/8.4/html-single/red_hat_data_grid_8.4_release_notes/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_data_grid/8.4/html-single/red_hat_data_grid_8.4_release_notes/index"
},
{
"category": "external",
"summary": "2044591",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044591"
},
{
"category": "external",
"summary": "2056643",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2056643"
},
{
"category": "external",
"summary": "2087186",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2087186"
},
{
"category": "external",
"summary": "2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "2129706",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129706"
},
{
"category": "external",
"summary": "2129707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129707"
},
{
"category": "external",
"summary": "2129709",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129709"
},
{
"category": "external",
"summary": "2129710",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129710"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_8524.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Data Grid 8.4.0 security update",
"tracking": {
"current_release_date": "2024-12-16T16:06:18+00:00",
"generator": {
"date": "2024-12-16T16:06:18+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2022:8524",
"initial_release_date": "2022-11-17T13:40:01+00:00",
"revision_history": [
{
"date": "2022-11-17T13:40:01+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-11-17T13:40:01+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-16T16:06:18+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Data Grid 8.4.0",
"product": {
"name": "Red Hat Data Grid 8.4.0",
"product_id": "Red Hat Data Grid 8.4.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_data_grid:8"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Data Grid"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-0235",
"cwe": {
"id": "CWE-601",
"name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
},
"discovery_date": "2022-01-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2044591"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in node-fetch. When following a redirect to a third-party domain, node-fetch was forwarding sensitive headers such as \"Authorization,\" \"WWW-Authenticate,\" and \"Cookie\" to potentially untrusted targets. This flaw leads to the exposure of sensitive information to an unauthorized actor.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-fetch: exposure of sensitive information to an unauthorized actor",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is out of support scope for dotnet-5.0. For more information about Dotnet product support scope, please see https://access.redhat.com/support/policy/updates/net-core",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Data Grid 8.4.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-0235"
},
{
"category": "external",
"summary": "RHBZ#2044591",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044591"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-0235",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0235"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-0235",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0235"
},
{
"category": "external",
"summary": "https://huntr.dev/bounties/d26ab655-38d6-48b3-be15-f9ad6b6ae6f7/",
"url": "https://huntr.dev/bounties/d26ab655-38d6-48b3-be15-f9ad6b6ae6f7/"
}
],
"release_date": "2022-01-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-17T13:40:01+00:00",
"details": "To install this update, do the following:\n \n1. Download the Data Grid 8.4.0 Server patch from the customer portal[\u00b2].\n2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.\n3. Install the Data Grid 8.4.0 Server patch.\n4. Restart Data Grid to ensure the changes take effect.\n\nFor more information about Data Grid 8.4.0, refer to the 8.4.0 Release Notes[\u00b3]",
"product_ids": [
"Red Hat Data Grid 8.4.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8524"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Data Grid 8.4.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "node-fetch: exposure of sensitive information to an unauthorized actor"
},
{
"cve": "CVE-2022-23647",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2022-02-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2056643"
}
],
"notes": [
{
"category": "description",
"text": "A Cross-site scripting attack was found in Prism. The command-line plugin did not properly escape its output. This issue leads to the input text being inserted into the Document Object Model (DOM) as HTML code, which can be exploited by an attacker.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "prismjs: improperly escaped output allows a XSS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects Prism as shipped with all versions of Red Hat Ceph Storage, Red Hat Migration Toolkit for Virtualization, Red Hat OpenShift Container Platform, Red Hat OpenShift Service Mesh, Red Hat Advanced Cluster Security, and Red Hat Gluster Storage. However, this flaw is not known to be exploitable under any supported scenario, as websites that do not use the Command Line plugin are also not impacted. The above products do not use the Command Line plugin, thus, are marked not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Data Grid 8.4.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-23647"
},
{
"category": "external",
"summary": "RHBZ#2056643",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2056643"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-23647",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23647"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23647",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23647"
},
{
"category": "external",
"summary": "https://github.com/PrismJS/prism/security/advisories/GHSA-3949-f494-cm99",
"url": "https://github.com/PrismJS/prism/security/advisories/GHSA-3949-f494-cm99"
}
],
"release_date": "2022-02-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-17T13:40:01+00:00",
"details": "To install this update, do the following:\n \n1. Download the Data Grid 8.4.0 Server patch from the customer portal[\u00b2].\n2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.\n3. Install the Data Grid 8.4.0 Server patch.\n4. Restart Data Grid to ensure the changes take effect.\n\nFor more information about Data Grid 8.4.0, refer to the 8.4.0 Release Notes[\u00b3]",
"product_ids": [
"Red Hat Data Grid 8.4.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8524"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat Data Grid 8.4.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "prismjs: improperly escaped output allows a XSS"
},
{
"cve": "CVE-2022-24823",
"cwe": {
"id": "CWE-379",
"name": "Creation of Temporary File in Directory with Insecure Permissions"
},
"discovery_date": "2022-05-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2087186"
}
],
"notes": [
{
"category": "description",
"text": "CVE-2021-21290 contains an incomplete fix, and this addresses the issue found in netty. When using multipart decoders in netty, local information disclosure can occur via the local system temporary directory if temporary storing of uploads on the disk is enabled.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty: world readable temporary file containing sensitive data",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue only impacts applications running on Java version 6 and lower. Additionally, this vulnerability impacts code running on Unix-like systems, and very old versions of Mac OSX and Windows as they all share the system temporary directory between all users.\n\nRed Hat Satellite 6 is not affected as is using netty 3.6.7 version which is not impacted by this vulnerability.\n\nRed Hat Fuse 7 is now in Maintenance Support Phase and should be fixed soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Data Grid 8.4.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-24823"
},
{
"category": "external",
"summary": "RHBZ#2087186",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2087186"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-24823",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24823"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24823",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24823"
}
],
"release_date": "2022-05-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-17T13:40:01+00:00",
"details": "To install this update, do the following:\n \n1. Download the Data Grid 8.4.0 Server patch from the customer portal[\u00b2].\n2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.\n3. Install the Data Grid 8.4.0 Server patch.\n4. Restart Data Grid to ensure the changes take effect.\n\nFor more information about Data Grid 8.4.0, refer to the 8.4.0 Release Notes[\u00b3]",
"product_ids": [
"Red Hat Data Grid 8.4.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8524"
},
{
"category": "workaround",
"details": "As a workaround, specify one\u0027s own `java.io.tmpdir` when starting the JVM or use DefaultHttpDataFactory.setBaseDir(...) to set the directory to something that is only readable by the current user.",
"product_ids": [
"Red Hat Data Grid 8.4.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Data Grid 8.4.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "netty: world readable temporary file containing sensitive data"
},
{
"cve": "CVE-2022-25857",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-09-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2126789"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Denial of Service due to missing nested depth limitation for collections",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For RHEL-8 it\u0027s downgraded to moderate because \"snakeyaml\" itself in RHEL 8 or RHEL-9 isn\u0027t shipped and \"prometheus-jmx-exporter\" is needed as build dependency. And it\u0027s not directly exploitable, hence severity marked as moderate.\nRed Hat Integration and AMQ products are not vulnerable to this flaw, so their severity has been lowered to moderate.\nRed Hat Single Sign-On uses snakeyaml from liquibase-core and is only used when performing migrations and would require administrator privileges to execute, hence severity marked as Low.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be present soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Data Grid 8.4.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25857"
},
{
"category": "external",
"summary": "RHBZ#2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25857",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25857"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857"
},
{
"category": "external",
"summary": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525",
"url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525"
}
],
"release_date": "2022-08-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-17T13:40:01+00:00",
"details": "To install this update, do the following:\n \n1. Download the Data Grid 8.4.0 Server patch from the customer portal[\u00b2].\n2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.\n3. Install the Data Grid 8.4.0 Server patch.\n4. Restart Data Grid to ensure the changes take effect.\n\nFor more information about Data Grid 8.4.0, refer to the 8.4.0 Release Notes[\u00b3]",
"product_ids": [
"Red Hat Data Grid 8.4.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8524"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Data Grid 8.4.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "snakeyaml: Denial of Service due to missing nested depth limitation for collections"
},
{
"cve": "CVE-2022-38749",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129706"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Data Grid 8.4.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38749"
},
{
"category": "external",
"summary": "RHBZ#2129706",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129706"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38749",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38749"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38749",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38749"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-17T13:40:01+00:00",
"details": "To install this update, do the following:\n \n1. Download the Data Grid 8.4.0 Server patch from the customer portal[\u00b2].\n2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.\n3. Install the Data Grid 8.4.0 Server patch.\n4. Restart Data Grid to ensure the changes take effect.\n\nFor more information about Data Grid 8.4.0, refer to the 8.4.0 Release Notes[\u00b3]",
"product_ids": [
"Red Hat Data Grid 8.4.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8524"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Data Grid 8.4.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode"
},
{
"cve": "CVE-2022-38750",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129707"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Data Grid 8.4.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38750"
},
{
"category": "external",
"summary": "RHBZ#2129707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129707"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38750",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38750"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38750",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38750"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-17T13:40:01+00:00",
"details": "To install this update, do the following:\n \n1. Download the Data Grid 8.4.0 Server patch from the customer portal[\u00b2].\n2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.\n3. Install the Data Grid 8.4.0 Server patch.\n4. Restart Data Grid to ensure the changes take effect.\n\nFor more information about Data Grid 8.4.0, refer to the 8.4.0 Release Notes[\u00b3]",
"product_ids": [
"Red Hat Data Grid 8.4.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8524"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Data Grid 8.4.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject"
},
{
"cve": "CVE-2022-38751",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129709"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Data Grid 8.4.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38751"
},
{
"category": "external",
"summary": "RHBZ#2129709",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129709"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38751",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38751"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38751",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38751"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-17T13:40:01+00:00",
"details": "To install this update, do the following:\n \n1. Download the Data Grid 8.4.0 Server patch from the customer portal[\u00b2].\n2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.\n3. Install the Data Grid 8.4.0 Server patch.\n4. Restart Data Grid to ensure the changes take effect.\n\nFor more information about Data Grid 8.4.0, refer to the 8.4.0 Release Notes[\u00b3]",
"product_ids": [
"Red Hat Data Grid 8.4.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8524"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Data Grid 8.4.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match"
},
{
"cve": "CVE-2022-38752",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129710"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Data Grid 8.4.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38752"
},
{
"category": "external",
"summary": "RHBZ#2129710",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129710"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38752",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38752"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38752",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38752"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-17T13:40:01+00:00",
"details": "To install this update, do the following:\n \n1. Download the Data Grid 8.4.0 Server patch from the customer portal[\u00b2].\n2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.\n3. Install the Data Grid 8.4.0 Server patch.\n4. Restart Data Grid to ensure the changes take effect.\n\nFor more information about Data Grid 8.4.0, refer to the 8.4.0 Release Notes[\u00b3]",
"product_ids": [
"Red Hat Data Grid 8.4.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8524"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Data Grid 8.4.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode"
}
]
}
RHSA-2023_1044
Vulnerability from csaf_redhat - Published: 2023-03-01 21:45 - Updated: 2024-12-18 00:38Summary
Red Hat Security Advisory: Red Hat Single Sign-On 7.6.2 security update on RHEL 8
Severity
Important
Notes
Topic: New Red Hat Single Sign-On 7.6.2 packages are now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.
This release of Red Hat Single Sign-On 7.6.2 on RHEL 8 serves as a replacement for Red Hat Single Sign-On 7.6.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* keycloak: XSS on impersonation under specific circumstances (CVE-2022-1438)
* Moment.js: Path traversal in moment.locale (CVE-2022-24785)
* keycloak: missing email notification template allowlist (CVE-2022-1274)
* keycloak: minimist: prototype pollution (CVE-2021-44906)
* moment: inefficient parsing algorithm resulting in DoS (CVE-2022-31129)
* undertow: DoS can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations (CVE-2022-2764)
* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)
* loader-utils: loader-utils:Regular expression denial of service (CVE-2022-37603)
* keycloak: Session takeover with OIDC offline refreshtokens (CVE-2022-3916)
* keycloak: path traversal via double URL encoding (CVE-2022-3782)
* snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode (CVE-2022-38749)
* snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match (CVE-2022-38751)
* snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject (CVE-2022-38750)
* keycloak: Client Registration endpoint does not check token revocation (CVE-2023-0091)
* keycloak: glob-parent: Regular Expression Denial of Service (CVE-2021-35065)
* json5: Prototype Pollution in JSON5 via Parse Method (CVE-2022-46175)
* keycloak: keycloak: user impersonation via stolen uuid code (CVE-2023-0264)
* snakeyaml: Constructor Deserialization Remote Code Execution (CVE-2022-1471)
* CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364)
* rcue-bootstrap: bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip (CVE-2018-14042)
* jettison: If the value in map is the map's self, the new new JSONObject(map) cause StackOverflowError which may lead to dos (CVE-2022-45693)
* sshd-common: mina-sshd: Java unsafe deserialization vulnerability (CVE-2022-45047)
* jettison: memory exhaustion via user-supplied XML or JSON data (CVE-2022-40150)
* jettison: parser crash by stackoverflow (CVE-2022-40149)
* jackson-databind: use of deeply nested arrays (CVE-2022-42004)
* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)
* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)
* jquery: Passing HTML containing <option> elements to manipulation methods could result in untrusted code execution (CVE-2020-11023)
* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)
* jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358)
* CXF: Apache CXF: directory listing / code exfiltration (CVE-2022-46363)
* keycloak: reflected XSS attack (CVE-2022-4137)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.
6.1 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1044
In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.
6.1 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1044
A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.
5.6 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1044
A Cross-site scripting (XSS) vulnerability exists in JQuery. This flaw allows an attacker with the ability to supply input to the ‘HTML’ function to inject Javascript into the page where that input is rendered, and have it delivered by the browser.
6.1 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1044
A flaw was found in jQuery. HTML containing \<option\> elements from untrusted sources are passed, even after sanitizing, to one of jQuery's DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.
6.1 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1044
A vulnerability was found in the glob-parent package. Affected versions of this package are vulnerable to Regular expression Denial of Service (ReDoS) attacks, affecting system availability.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1044
An Uncontrolled Resource Consumption flaw was found in minimist. This flaw allows an attacker to trick the library into adding or modifying the properties of Object.prototype, using a constructor or __proto__ payload, resulting in prototype pollution and loss of confidentiality, availability, and integrity.
9.8 (Critical)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1044
A flaw was found in Keycloak in the execute-actions-email endpoint. This issue allows arbitrary HTML to be injected into emails sent to Keycloak users and can be misused to perform phishing or other attacks against users.
7.6 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1044
A flaw was found in Keycloak. Under specific circumstances, HTML entities are not sanitized during user impersonation, resulting in a Cross-site scripting (XSS) vulnerability.
6.4 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1044
A flaw was found in the SnakeYaml package. This flaw allows an attacker to benefit from remote code execution by sending malicious YAML content and this content being deserialized by the constructor. Deserialization is unsafe and leads to Remote Code Execution (RCE).
9.8 (Critical)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1044
A flaw was found in Undertow with EJB invocations. This flaw allows an attacker to generate a valid HTTP request and send it to the server on an established connection after removing the LAST_CHUNK from the bytes, causing a denial of service.
4.2 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1044
A flaw was found in the offline_access scope in Keycloak. This issue would affect users of shared computers more (especially if cookies are not cleared), due to a lack of root session validation, and the reuse of session ids across root and user authentication sessions. This enables an attacker to resolve a user session attached to a previously authenticated user; when utilizing the refresh token, they will be issued a token for the original user.
6.8 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1044
A reflected cross-site scripting (XSS) vulnerability was found in the 'oob' OAuth endpoint due to incorrect null-byte handling. This issue allows a malicious link to insert an arbitrary URI into a Keycloak error page. This flaw requires a user or administrator to interact with a link in order to be vulnerable. This may compromise user details, allowing it to be changed or collected by an attacker.
8.1 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1044
A path traversal vulnerability was found in Moment.js that impacts npm (server) users. This issue occurs if a user-provided locale string is directly used to switch moment locale, which an attacker can exploit to change the correct path to one of their choice. This can result in a loss of integrity.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1044
Workaround
Sanitize the user-provided locale name before passing it to Moment.js.
A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1044
A flaw was found in the Moment.js package. Users who pass user-provided strings without sanity length checks to the moment constructor are vulnerable to regular expression denial of service (ReDoS) attacks.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1044
A flaw was found in loader-utils webpack library. When the url variable from interpolateName is set, the prototype can be polluted. This issue could lead to a regular expression Denial of Service (ReDoS), affecting the availability of the affected component.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1044
A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash, resulting in a denial of service.
6.5 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1044
A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.
5.5 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1044
A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.
6.5 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1044
A stack-based buffer overflow vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. This flaw allows an attacker to supply content that causes the parser to crash by writing outside the memory bounds if the parser is running on user-supplied input, resulting in a denial of service attack.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1044
A vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. If the parser is running on user-supplied input, an attacker may supply content that causes the parser to crash, causing memory exhaustion. This effect may support a denial of service attack.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1044
A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1044
A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1044
A flaw was found in Apache MINA SSHD, when using Java deserialization to load a serialized java.security.PrivateKey. An attacker could benefit from unsafe deserialization by inserting unsecured data that may affect the application or server.
9.8 (Critical)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1044
Workaround
From the maintainer:
For Apache MINA SSHD <= 2.9.1, do not use org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to generate and later load your server's host key. Use separately generated host key files, for instance in OpenSSH format, and load them via a org.apache.sshd.common.keyprovider.FileKeyPairProvider instead. Or use a custom implementation instead of
SimpleGeneratorHostKeyProvider that uses the OpenSSH format for storing and loading the host key (via classes OpenSSHKeyPairResourceWriter and OpenSSHKeyPairResourceParser).
A flaw was found in Jettison, where it is vulnerable to a denial of service caused by a stack-based buffer overflow. By sending a specially-crafted request using the map parameter, a remote attacker can cause a denial of service.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1044
A flaw was found in the json5 package. The affected version of the json5 package could allow an attacker to set arbitrary and unexpected keys on the object returned from JSON5.parse.
8.8 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1044
A vulnerability was found in Apache CXF that could allow an attacker to perform a remote directory listing or code exfiltration. This issue only applies when the CXFServlet is configured with both the static-resources-list and redirect-query-check attributes. These attributes are not supposed to be used together, so the issue can only occur if the CXF service is misconfigured.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1044
A SSRF vulnerability was found in Apache CXF. This issue occurs when parsing the href attribute of XOP:Include in MTOM requests, allowing an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type.
9.8 (Critical)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1044
A flaw was found in Keycloak, where it did not properly check client tokens for possible revocation in its client credential flow. This flaw allows an attacker to access or modify potentially sensitive information.
CWE-20 - Improper Input Validation
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1044
A flaw was found in Keycloak's OpenID Connect user authentication, which may incorrectly authenticate requests. An authenticated attacker who could obtain information from a user request within the same realm could use that data to impersonate the victim and generate new session tokens. This issue could impact confidentiality, Integrity, and availability.
4.6 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1044
References
| URL | Category | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Acknowledgments
usd AG
Marcus Nilsson
SISOFT s.c.
Grzegorz Tworek
Trifork
Peter Flintholm
https://github.com/souravs17031999
Sourav Kumar
A1 Digital
Jordi Zayuelas i Muñoz
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "New Red Hat Single Sign-On 7.6.2 packages are now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.\n\nThis release of Red Hat Single Sign-On 7.6.2 on RHEL 8 serves as a replacement for Red Hat Single Sign-On 7.6.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n* keycloak: XSS on impersonation under specific circumstances (CVE-2022-1438)\n* Moment.js: Path traversal in moment.locale (CVE-2022-24785)\n* keycloak: missing email notification template allowlist (CVE-2022-1274)\n* keycloak: minimist: prototype pollution (CVE-2021-44906)\n* moment: inefficient parsing algorithm resulting in DoS (CVE-2022-31129)\n* undertow: DoS can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations (CVE-2022-2764)\n* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)\n* loader-utils: loader-utils:Regular expression denial of service (CVE-2022-37603)\n* keycloak: Session takeover with OIDC offline refreshtokens (CVE-2022-3916)\n* keycloak: path traversal via double URL encoding (CVE-2022-3782)\n* snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode (CVE-2022-38749)\n* snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match (CVE-2022-38751)\n* snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject (CVE-2022-38750)\n* keycloak: Client Registration endpoint does not check token revocation (CVE-2023-0091)\n* keycloak: glob-parent: Regular Expression Denial of Service (CVE-2021-35065)\n* json5: Prototype Pollution in JSON5 via Parse Method (CVE-2022-46175)\n* keycloak: keycloak: user impersonation via stolen uuid code (CVE-2023-0264)\n* snakeyaml: Constructor Deserialization Remote Code Execution (CVE-2022-1471)\n* CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364)\n* rcue-bootstrap: bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip (CVE-2018-14042)\n* jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos (CVE-2022-45693)\n* sshd-common: mina-sshd: Java unsafe deserialization vulnerability (CVE-2022-45047)\n* jettison: memory exhaustion via user-supplied XML or JSON data (CVE-2022-40150)\n* jettison: parser crash by stackoverflow (CVE-2022-40149)\n* jackson-databind: use of deeply nested arrays (CVE-2022-42004)\n* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)\n* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)\n* jquery: Passing HTML containing \u003coption\u003e elements to manipulation methods could result in untrusted code execution (CVE-2020-11023)\n* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)\n* jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358)\n* CXF: Apache CXF: directory listing / code exfiltration (CVE-2022-46363)\n* keycloak: reflected XSS attack (CVE-2022-4137)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:1044",
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "2031904",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031904"
},
{
"category": "external",
"summary": "2066009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066009"
},
{
"category": "external",
"summary": "2072009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072009"
},
{
"category": "external",
"summary": "2073157",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073157"
},
{
"category": "external",
"summary": "2105075",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105075"
},
{
"category": "external",
"summary": "2117506",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2117506"
},
{
"category": "external",
"summary": "2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "2129706",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129706"
},
{
"category": "external",
"summary": "2129707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129707"
},
{
"category": "external",
"summary": "2129709",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129709"
},
{
"category": "external",
"summary": "2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "2135770",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770"
},
{
"category": "external",
"summary": "2135771",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771"
},
{
"category": "external",
"summary": "2138971",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2138971"
},
{
"category": "external",
"summary": "2140597",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140597"
},
{
"category": "external",
"summary": "2141404",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2141404"
},
{
"category": "external",
"summary": "2145194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
},
{
"category": "external",
"summary": "2148496",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2148496"
},
{
"category": "external",
"summary": "2150009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150009"
},
{
"category": "external",
"summary": "2155681",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155681"
},
{
"category": "external",
"summary": "2155682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155682"
},
{
"category": "external",
"summary": "2155970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155970"
},
{
"category": "external",
"summary": "2156263",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156263"
},
{
"category": "external",
"summary": "2156324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156324"
},
{
"category": "external",
"summary": "2158585",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2158585"
},
{
"category": "external",
"summary": "2160585",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2160585"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_1044.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Single Sign-On 7.6.2 security update on RHEL 8",
"tracking": {
"current_release_date": "2024-12-18T00:38:15+00:00",
"generator": {
"date": "2024-12-18T00:38:15+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2023:1044",
"initial_release_date": "2023-03-01T21:45:12+00:00",
"revision_history": [
{
"date": "2023-03-01T21:45:12+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-03-01T21:45:12+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-18T00:38:15+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Single Sign-On 7.6 for RHEL 8",
"product": {
"name": "Red Hat Single Sign-On 7.6 for RHEL 8",
"product_id": "8Base-RHSSO-7.6",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:red_hat_single_sign_on:7.6::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Single Sign-On"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"product": {
"name": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"product_id": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7-keycloak@18.0.6-1.redhat_00001.1.el8sso?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"product": {
"name": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"product_id": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7-keycloak@18.0.6-1.redhat_00001.1.el8sso?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"product": {
"name": "rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"product_id": "rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7-keycloak-server@18.0.6-1.redhat_00001.1.el8sso?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch as a component of Red Hat Single Sign-On 7.6 for RHEL 8",
"product_id": "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
},
"product_reference": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"relates_to_product_reference": "8Base-RHSSO-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src as a component of Red Hat Single Sign-On 7.6 for RHEL 8",
"product_id": "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src"
},
"product_reference": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"relates_to_product_reference": "8Base-RHSSO-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch as a component of Red Hat Single Sign-On 7.6 for RHEL 8",
"product_id": "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
},
"product_reference": "rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"relates_to_product_reference": "8Base-RHSSO-7.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-14040",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601614"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14040"
},
{
"category": "external",
"summary": "RHBZ#1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14040",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14040"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute"
},
{
"cve": "CVE-2018-14042",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601617"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14042"
},
{
"category": "external",
"summary": "RHBZ#1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14042",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14042"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip"
},
{
"cve": "CVE-2019-11358",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-03-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1701972"
}
],
"notes": [
{
"category": "description",
"text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-11358"
},
{
"category": "external",
"summary": "RHBZ#1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/",
"url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"
},
{
"category": "external",
"summary": "https://www.drupal.org/sa-core-2019-006",
"url": "https://www.drupal.org/sa-core-2019-006"
}
],
"release_date": "2019-03-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection"
},
{
"cve": "CVE-2020-11022",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-04-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1828406"
}
],
"notes": [
{
"category": "description",
"text": "A Cross-site scripting (XSS) vulnerability exists in JQuery. This flaw allows an attacker with the ability to supply input to the \u2018HTML\u2019 function to inject Javascript into the page where that input is rendered, and have it delivered by the browser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "No supported release of Red Hat OpenStack Platform is affected by this vulnerability as no shipped packages contain the vulnerable code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11022"
},
{
"category": "external",
"summary": "RHBZ#1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11022",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2",
"url": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2"
}
],
"release_date": "2020-04-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method"
},
{
"cve": "CVE-2020-11023",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-06-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1850004"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jQuery. HTML containing \\\u003coption\\\u003e elements from untrusted sources are passed, even after sanitizing, to one of jQuery\u0027s DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux versions 6, 7, and 8 ship a vulnerable version of JQuery in the `pcs` component. However, the vulnerability has not been found to be exploitable in reasonable scenarios. \n\nIn RHEL7, pcs-0.9.169-3.el7_9.3 [RHSA-2022:7343] contains an updated version of jquery (3.6.0), which does not contain the vulnerable code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11023"
},
{
"category": "external",
"summary": "RHBZ#1850004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/",
"url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/"
}
],
"release_date": "2020-04-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods"
},
{
"cve": "CVE-2021-35065",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-12-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2156324"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the glob-parent package. Affected versions of this package are vulnerable to Regular expression Denial of Service (ReDoS) attacks, affecting system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "glob-parent: Regular Expression Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The glob-parent package is a transitive dependency and this is not used directly in any of the Red Hat products. Hence, the impact is reduced to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-35065"
},
{
"category": "external",
"summary": "RHBZ#2156324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156324"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-35065",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35065"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-35065",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-35065"
},
{
"category": "external",
"summary": "https://security.snyk.io/vuln/SNYK-JS-GLOBPARENT-1314294",
"url": "https://security.snyk.io/vuln/SNYK-JS-GLOBPARENT-1314294"
}
],
"release_date": "2022-12-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "glob-parent: Regular Expression Denial of Service"
},
{
"cve": "CVE-2021-44906",
"cwe": {
"id": "CWE-1321",
"name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
},
"discovery_date": "2022-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2066009"
}
],
"notes": [
{
"category": "description",
"text": "An Uncontrolled Resource Consumption flaw was found in minimist. This flaw allows an attacker to trick the library into adding or modifying the properties of Object.prototype, using a constructor or __proto__ payload, resulting in prototype pollution and loss of confidentiality, availability, and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "minimist: prototype pollution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The original fix for CVE-2020-7598 was incomplete as it was still possible to bypass in some cases. While this flaw (CVE-2021-44906) enables attackers to control objects that they should not have access to, actual exploitation would still require a chain of independent flaws. Even though the CVSS for CVE-2021-44906 is higher than CVE-2020-7598, they are both rated as having Moderate impact.\n\nWithin Red Hat Satellite 6 this flaw has been rated as having a security impact of Low. It is not currently planned to be addressed there, as the minimist library is only included in the -doc subpackage and is part of test fixtures that are not in the execution path used by the rabl gem.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44906"
},
{
"category": "external",
"summary": "RHBZ#2066009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44906",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44906"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44906",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44906"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-xvch-5gv4-984h",
"url": "https://github.com/advisories/GHSA-xvch-5gv4-984h"
}
],
"release_date": "2022-03-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "minimist: prototype pollution"
},
{
"acknowledgments": [
{
"names": [
"Marcus Nilsson"
],
"organization": "usd AG"
}
],
"cve": "CVE-2022-1274",
"cwe": {
"id": "CWE-80",
"name": "Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)"
},
"discovery_date": "2022-04-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2073157"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Keycloak in the execute-actions-email endpoint. This issue allows arbitrary HTML to be injected into emails sent to Keycloak users and can be misused to perform phishing or other attacks against users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: HTML injection in execute-actions-email Admin REST API",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-1274"
},
{
"category": "external",
"summary": "RHBZ#2073157",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073157"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-1274",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1274"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1274",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1274"
},
{
"category": "external",
"summary": "https://github.com/keycloak/keycloak/security/advisories/GHSA-m4fv-gm5m-4725",
"url": "https://github.com/keycloak/keycloak/security/advisories/GHSA-m4fv-gm5m-4725"
}
],
"release_date": "2023-02-28T18:57:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "keycloak: HTML injection in execute-actions-email Admin REST API"
},
{
"acknowledgments": [
{
"names": [
"Grzegorz Tworek"
],
"organization": "SISOFT s.c."
}
],
"cve": "CVE-2022-1438",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2021-12-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2031904"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Keycloak. Under specific circumstances, HTML entities are not sanitized during user impersonation, resulting in a Cross-site scripting (XSS) vulnerability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: XSS on impersonation under specific circumstances",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-1438"
},
{
"category": "external",
"summary": "RHBZ#2031904",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031904"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-1438",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1438"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1438",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1438"
}
],
"release_date": "2023-02-28T18:56:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "keycloak: XSS on impersonation under specific circumstances"
},
{
"cve": "CVE-2022-1471",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-12-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2150009"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the SnakeYaml package. This flaw allows an attacker to benefit from remote code execution by sending malicious YAML content and this content being deserialized by the constructor. Deserialization is unsafe and leads to Remote Code Execution (RCE).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "SnakeYaml: Constructor Deserialization Remote Code Execution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In the Red Hat Process Automation 7 (RHPAM) the untrusted, malicious YAML file for deserialization by the vulnerable Snakeyaml\u0027s SafeConstructor class must be provided intentionally by the RHPAM user which requires high privileges. The potential attack complexity is also high because it depends on conditions that are beyond the attacker\u0027s control. Due to that the impact for RHPAM is reduced to Low.\n\nRed Hat Fuse 7 does not expose by default any endpoint that passes incoming data/request into vulnerable Snakeyaml\u0027s Constructor class nor pass untrusted data to this class. When this class is used, it\u2019s still only used to parse internal configuration, hence the impact by this vulnerability to Red Hat Fuse 7 is reduced to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-1471"
},
{
"category": "external",
"summary": "RHBZ#2150009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-1471",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1471"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1471",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1471"
},
{
"category": "external",
"summary": "https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2",
"url": "https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2"
}
],
"release_date": "2022-10-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "SnakeYaml: Constructor Deserialization Remote Code Execution"
},
{
"cve": "CVE-2022-2764",
"discovery_date": "2022-08-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2117506"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Undertow with EJB invocations. This flaw allows an attacker to generate a valid HTTP request and send it to the server on an established connection after removing the LAST_CHUNK from the bytes, causing a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Undertow: DoS can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-2764"
},
{
"category": "external",
"summary": "RHBZ#2117506",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2117506"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-2764",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2764"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-2764",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2764"
}
],
"release_date": "2022-08-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "Undertow: DoS can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations"
},
{
"acknowledgments": [
{
"names": [
"Peter Flintholm"
],
"organization": "Trifork"
}
],
"cve": "CVE-2022-3916",
"cwe": {
"id": "CWE-384",
"name": "Session Fixation"
},
"discovery_date": "2022-11-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2141404"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the offline_access scope in Keycloak. This issue would affect users of shared computers more (especially if cookies are not cleared), due to a lack of root session validation, and the reuse of session ids across root and user authentication sessions. This enables an attacker to resolve a user session attached to a previously authenticated user; when utilizing the refresh token, they will be issued a token for the original user.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: Session takeover with OIDC offline refreshtokens",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3916"
},
{
"category": "external",
"summary": "RHBZ#2141404",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2141404"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3916",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3916"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3916",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3916"
}
],
"release_date": "2022-11-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "keycloak: Session takeover with OIDC offline refreshtokens"
},
{
"cve": "CVE-2022-4137",
"cwe": {
"id": "CWE-81",
"name": "Improper Neutralization of Script in an Error Message Web Page"
},
"discovery_date": "2022-11-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2148496"
}
],
"notes": [
{
"category": "description",
"text": "A reflected cross-site scripting (XSS) vulnerability was found in the \u0027oob\u0027 OAuth endpoint due to incorrect null-byte handling. This issue allows a malicious link to insert an arbitrary URI into a Keycloak error page. This flaw requires a user or administrator to interact with a link in order to be vulnerable. This may compromise user details, allowing it to be changed or collected by an attacker.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: reflected XSS attack",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-4137"
},
{
"category": "external",
"summary": "RHBZ#2148496",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2148496"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-4137",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4137"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-4137",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4137"
}
],
"release_date": "2023-03-01T13:56:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "keycloak: reflected XSS attack"
},
{
"cve": "CVE-2022-24785",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2022-04-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2072009"
}
],
"notes": [
{
"category": "description",
"text": "A path traversal vulnerability was found in Moment.js that impacts npm (server) users. This issue occurs if a user-provided locale string is directly used to switch moment locale, which an attacker can exploit to change the correct path to one of their choice. This can result in a loss of integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Moment.js: Path traversal in moment.locale",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-24785"
},
{
"category": "external",
"summary": "RHBZ#2072009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-24785",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24785"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24785",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24785"
},
{
"category": "external",
"summary": "https://github.com/moment/moment/security/advisories/GHSA-8hfj-j24r-96c4",
"url": "https://github.com/moment/moment/security/advisories/GHSA-8hfj-j24r-96c4"
}
],
"release_date": "2022-04-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
},
{
"category": "workaround",
"details": "Sanitize the user-provided locale name before passing it to Moment.js.",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Moment.js: Path traversal in moment.locale"
},
{
"cve": "CVE-2022-25857",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-09-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2126789"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Denial of Service due to missing nested depth limitation for collections",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For RHEL-8 it\u0027s downgraded to moderate because \"snakeyaml\" itself in RHEL 8 or RHEL-9 isn\u0027t shipped and \"prometheus-jmx-exporter\" is needed as build dependency. And it\u0027s not directly exploitable, hence severity marked as moderate.\nRed Hat Integration and AMQ products are not vulnerable to this flaw, so their severity has been lowered to moderate.\nRed Hat Single Sign-On uses snakeyaml from liquibase-core and is only used when performing migrations and would require administrator privileges to execute, hence severity marked as Low.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be present soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25857"
},
{
"category": "external",
"summary": "RHBZ#2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25857",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25857"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857"
},
{
"category": "external",
"summary": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525",
"url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525"
}
],
"release_date": "2022-08-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "snakeyaml: Denial of Service due to missing nested depth limitation for collections"
},
{
"cve": "CVE-2022-31129",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-07-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2105075"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Moment.js package. Users who pass user-provided strings without sanity length checks to the moment constructor are vulnerable to regular expression denial of service (ReDoS) attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "moment: inefficient parsing algorithm resulting in DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Fuse provides the affected software but does not use the functionality and as such its impact has been downgraded to Low.\n\nRed Hat Advanced Cluster Management for Kubernetes (RHACM) ships a vulnerable version of the moment library. However, this affected functionality is restricted behind OAuth, reducing the impact to Moderate.\n\nRed Hat Satellite ships a vulnerable version of the moment library. However, this only affects a specific component (qpid-dispatch), reducing the impact to Moderate.\n\nRed Hat Ceph Storage (RHCS) ships a vulnerable version of the moment library, however, it is not directly used and is a transitive dependency from Angular. In addition, the impact would only be to the grafana browser, and not the underlying RHCS system, which reduces the impact to Moderate. \n\nRed Hat OpenShift Service Mesh (OSSM) ships a vulnerable version of the moment library, however, it is not directly used, and as such, the impact has been lowered to Moderate.\n\nRed Hat OpenShift distributed tracing ships a vulnerable version of the moment library, however, it is not directly used, and as such, the impact has been lowered to Moderate.\n\nIn Logging Subsystem for Red Hat OpenShift the vulnerable moment nodejs package is bundled in the ose-logging-kibana6 container as a transitive dependency, hence the direct impact is reduced to Moderate.\n\nIn OpenShift Container Platform 4 the vulnerabile moment package is a third party dependency, hence the direct impact is reduced to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-31129"
},
{
"category": "external",
"summary": "RHBZ#2105075",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105075"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-31129",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31129"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-31129",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-31129"
},
{
"category": "external",
"summary": "https://github.com/moment/moment/security/advisories/GHSA-wc69-rhjr-hc9g",
"url": "https://github.com/moment/moment/security/advisories/GHSA-wc69-rhjr-hc9g"
}
],
"release_date": "2022-07-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "moment: inefficient parsing algorithm resulting in DoS"
},
{
"cve": "CVE-2022-37603",
"cwe": {
"id": "CWE-185",
"name": "Incorrect Regular Expression"
},
"discovery_date": "2022-11-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2140597"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in loader-utils webpack library. When the url variable from interpolateName is set, the prototype can be polluted. This issue could lead to a regular expression Denial of Service (ReDoS), affecting the availability of the affected component.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "loader-utils: Regular expression denial of service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-37603"
},
{
"category": "external",
"summary": "RHBZ#2140597",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140597"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-37603",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37603"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-37603",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-37603"
}
],
"release_date": "2022-10-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "loader-utils: Regular expression denial of service"
},
{
"cve": "CVE-2022-38749",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129706"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38749"
},
{
"category": "external",
"summary": "RHBZ#2129706",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129706"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38749",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38749"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38749",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38749"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode"
},
{
"cve": "CVE-2022-38750",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129707"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38750"
},
{
"category": "external",
"summary": "RHBZ#2129707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129707"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38750",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38750"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38750",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38750"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject"
},
{
"cve": "CVE-2022-38751",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129709"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38751"
},
{
"category": "external",
"summary": "RHBZ#2129709",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129709"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38751",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38751"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38751",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38751"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match"
},
{
"cve": "CVE-2022-40149",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-10-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135771"
}
],
"notes": [
{
"category": "description",
"text": "A stack-based buffer overflow vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. This flaw allows an attacker to supply content that causes the parser to crash by writing outside the memory bounds if the parser is running on user-supplied input, resulting in a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: parser crash by stackoverflow",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40149"
},
{
"category": "external",
"summary": "RHBZ#2135771",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40149",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40149"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149"
},
{
"category": "external",
"summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1",
"url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1"
}
],
"release_date": "2022-09-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jettison: parser crash by stackoverflow"
},
{
"cve": "CVE-2022-40150",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-10-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135770"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. If the parser is running on user-supplied input, an attacker may supply content that causes the parser to crash, causing memory exhaustion. This effect may support a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: memory exhaustion via user-supplied XML or JSON data",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40150"
},
{
"category": "external",
"summary": "RHBZ#2135770",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40150",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40150"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150"
},
{
"category": "external",
"summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1",
"url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1"
}
],
"release_date": "2022-09-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jettison: memory exhaustion via user-supplied XML or JSON data"
},
{
"cve": "CVE-2022-42003",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135244"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42003"
},
{
"category": "external",
"summary": "RHBZ#2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42003",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS"
},
{
"cve": "CVE-2022-42004",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135247"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: use of deeply nested arrays",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42004"
},
{
"category": "external",
"summary": "RHBZ#2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42004",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: use of deeply nested arrays"
},
{
"cve": "CVE-2022-45047",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-11-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2145194"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache MINA SSHD, when using Java deserialization to load a serialized java.security.PrivateKey. An attacker could benefit from unsafe deserialization by inserting unsecured data that may affect the application or server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mina-sshd: Java unsafe deserialization vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Impact as High as there\u0027s a mitigation for minimizing the impact which the flaw requires org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to be impacted, which would require an external/public API for an attacker to benefit from it. \n\nRed Hat Fuse 7 and Red Hat JBoss Enterprise Application Platform 7 have a lower rate (moderate) as it\u0027s very unlikely to be exploited since those are for internal usage or use a custom implementation in their case.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45047"
},
{
"category": "external",
"summary": "RHBZ#2145194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45047",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45047"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047"
},
{
"category": "external",
"summary": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html",
"url": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html"
}
],
"release_date": "2022-11-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
},
{
"category": "workaround",
"details": "From the maintainer:\n\nFor Apache MINA SSHD \u003c= 2.9.1, do not use org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to generate and later load your server\u0027s host key. Use separately generated host key files, for instance in OpenSSH format, and load them via a org.apache.sshd.common.keyprovider.FileKeyPairProvider instead. Or use a custom implementation instead of \nSimpleGeneratorHostKeyProvider that uses the OpenSSH format for storing and loading the host key (via classes OpenSSHKeyPairResourceWriter and OpenSSHKeyPairResourceParser).",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "mina-sshd: Java unsafe deserialization vulnerability"
},
{
"cve": "CVE-2022-45693",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-12-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155970"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jettison, where it is vulnerable to a denial of service caused by a stack-based buffer overflow. By sending a specially-crafted request using the map parameter, a remote attacker can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat has determined the impact of this flaw to be Moderate; a successful attack using this flaw would require the processing of untrusted, unsanitized, or unrestricted user inputs, which runs counter to established Red Hat security practices.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45693"
},
{
"category": "external",
"summary": "RHBZ#2155970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155970"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45693",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45693"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45693",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45693"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos"
},
{
"cve": "CVE-2022-46175",
"cwe": {
"id": "CWE-1321",
"name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
},
"discovery_date": "2022-12-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2156263"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the json5 package. The affected version of the json5 package could allow an attacker to set arbitrary and unexpected keys on the object returned from JSON5.parse.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "json5: Prototype Pollution in JSON5 via Parse Method",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The json5 package is a build-time dependency in Red Hat products and is not used in production runtime. Hence, the impact is set to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-46175"
},
{
"category": "external",
"summary": "RHBZ#2156263",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156263"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-46175",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46175"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46175",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46175"
},
{
"category": "external",
"summary": "https://github.com/json5/json5/security/advisories/GHSA-9c47-m6qq-7p4h",
"url": "https://github.com/json5/json5/security/advisories/GHSA-9c47-m6qq-7p4h"
}
],
"release_date": "2022-12-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "json5: Prototype Pollution in JSON5 via Parse Method"
},
{
"cve": "CVE-2022-46363",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2022-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155681"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Apache CXF that could allow an attacker to perform a remote directory listing or code exfiltration. This issue only applies when the CXFServlet is configured with both the static-resources-list and redirect-query-check attributes. These attributes are not supposed to be used together, so the issue can only occur if the CXF service is misconfigured.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "CXF: directory listing / code exfiltration",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-46363"
},
{
"category": "external",
"summary": "RHBZ#2155681",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155681"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-46363",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46363"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46363",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46363"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/pdzo1qgyplf4y523tnnzrcm7hoco3l8c",
"url": "https://lists.apache.org/thread/pdzo1qgyplf4y523tnnzrcm7hoco3l8c"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "CXF: directory listing / code exfiltration"
},
{
"cve": "CVE-2022-46364",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2022-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155682"
}
],
"notes": [
{
"category": "description",
"text": "A SSRF vulnerability was found in Apache CXF. This issue occurs when parsing the href attribute of XOP:Include in MTOM requests, allowing an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "CXF: SSRF Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Integration Camel Quarkus does not support CXF extensions and so is affected at a reduced impact of Moderate.\nThe RHSSO server does not ship Apache CXF. The component mentioned in CVE-2022-46364 is a transitive dependency coming from Fuse adapters and the test suite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-46364"
},
{
"category": "external",
"summary": "RHBZ#2155682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155682"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-46364",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46364"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46364",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46364"
},
{
"category": "external",
"summary": "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1\u0026modificationDate=1670944472739\u0026api=v2",
"url": "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1\u0026modificationDate=1670944472739\u0026api=v2"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "CXF: SSRF Vulnerability"
},
{
"acknowledgments": [
{
"names": [
"Sourav Kumar"
],
"organization": "https://github.com/souravs17031999",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2023-0091",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2022-10-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2158585"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Keycloak, where it did not properly check client tokens for possible revocation in its client credential flow. This flaw allows an attacker to access or modify potentially sensitive information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: Client Registration endpoint does not check token revocation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-0091"
},
{
"category": "external",
"summary": "RHBZ#2158585",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2158585"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-0091",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0091"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0091",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0091"
},
{
"category": "external",
"summary": "https://github.com/keycloak/keycloak/security/advisories/GHSA-v436-q368-hvgg",
"url": "https://github.com/keycloak/keycloak/security/advisories/GHSA-v436-q368-hvgg"
},
{
"category": "external",
"summary": "https://github.com/keycloak/security/issues/27",
"url": "https://github.com/keycloak/security/issues/27"
}
],
"release_date": "2022-10-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "keycloak: Client Registration endpoint does not check token revocation"
},
{
"acknowledgments": [
{
"names": [
"Jordi Zayuelas i Mu\u00f1oz"
],
"organization": "A1 Digital",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2023-0264",
"cwe": {
"id": "CWE-303",
"name": "Incorrect Implementation of Authentication Algorithm"
},
"discovery_date": "2023-01-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2160585"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Keycloak\u0027s OpenID Connect user authentication, which may incorrectly authenticate requests. An authenticated attacker who could obtain information from a user request within the same realm could use that data to impersonate the victim and generate new session tokens. This issue could impact confidentiality, Integrity, and availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: user impersonation via stolen uuid code",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-0264"
},
{
"category": "external",
"summary": "RHBZ#2160585",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2160585"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-0264",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0264"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0264",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0264"
}
],
"release_date": "2023-02-28T18:58:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "keycloak: user impersonation via stolen uuid code"
}
]
}
RHSA-2022_6757
Vulnerability from csaf_redhat - Published: 2022-10-05 14:50 - Updated: 2024-12-16 16:05Summary
Red Hat Security Advisory: Red Hat build of Eclipse Vert.x 4.3.3 security update
Severity
Important
Notes
Topic: An update is now available for Red Hat build of Eclipse Vert.x.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. For more information, see the CVE pages listed in the References section.
Details: This release of Red Hat build of Eclipse Vert.x 4.3.3 GA includes security updates. For more information, see the release notes listed in the References section.
Security Fix(es):
* graphql-java: DoS by malicious query (CVE-2022-37734)
* snakeyaml: Denial of Service due missing to nested depth limitation for collections. (CVE-2022-25857)
* snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode (CVE-2022-38749)
* snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject (CVE-2022-38750)
* snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match (CVE-2022-38751)
* snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode (CVE-2022-38752)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.
7.5 (High)
Vendor Fix
Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.
The References section of this erratum contains a download link for the update. You must be logged in to download the update.
https://access.redhat.com/errata/RHSA-2022:6757
A flaw was found in GraphQL Java. This flaw allows an attacker to use a malicious query in GraphQL to cause a denial of service due to inefficient lexer input validation.
7.5 (High)
Vendor Fix
Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.
The References section of this erratum contains a download link for the update. You must be logged in to download the update.
https://access.redhat.com/errata/RHSA-2022:6757
A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash, resulting in a denial of service.
6.5 (Medium)
Vendor Fix
Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.
The References section of this erratum contains a download link for the update. You must be logged in to download the update.
https://access.redhat.com/errata/RHSA-2022:6757
A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.
5.5 (Medium)
Vendor Fix
Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.
The References section of this erratum contains a download link for the update. You must be logged in to download the update.
https://access.redhat.com/errata/RHSA-2022:6757
A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.
6.5 (Medium)
Vendor Fix
Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.
The References section of this erratum contains a download link for the update. You must be logged in to download the update.
https://access.redhat.com/errata/RHSA-2022:6757
A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.
6.5 (Medium)
Vendor Fix
Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.
The References section of this erratum contains a download link for the update. You must be logged in to download the update.
https://access.redhat.com/errata/RHSA-2022:6757
References
| URL | Category | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat build of Eclipse Vert.x.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. For more information, see the CVE pages listed in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This release of Red Hat build of Eclipse Vert.x 4.3.3 GA includes security updates. For more information, see the release notes listed in the References section.\n\nSecurity Fix(es):\n\n* graphql-java: DoS by malicious query (CVE-2022-37734)\n\n* snakeyaml: Denial of Service due missing to nested depth limitation for collections. (CVE-2022-25857)\n\n* snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode (CVE-2022-38749)\n\n* snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject (CVE-2022-38750)\n\n* snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match (CVE-2022-38751)\n\n* snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode (CVE-2022-38752)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:6757",
"url": "https://access.redhat.com/errata/RHSA-2022:6757"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=catRhoar.eclipse.vertx\u0026version=4.3.3",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=catRhoar.eclipse.vertx\u0026version=4.3.3"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_build_of_eclipse_vert.x/4.3/html/release_notes_for_eclipse_vert.x_4.3/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_build_of_eclipse_vert.x/4.3/html/release_notes_for_eclipse_vert.x_4.3/index"
},
{
"category": "external",
"summary": "2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "2126809",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126809"
},
{
"category": "external",
"summary": "2129706",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129706"
},
{
"category": "external",
"summary": "2129707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129707"
},
{
"category": "external",
"summary": "2129709",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129709"
},
{
"category": "external",
"summary": "2129710",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129710"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_6757.json"
}
],
"title": "Red Hat Security Advisory: Red Hat build of Eclipse Vert.x 4.3.3 security update",
"tracking": {
"current_release_date": "2024-12-16T16:05:35+00:00",
"generator": {
"date": "2024-12-16T16:05:35+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2022:6757",
"initial_release_date": "2022-10-05T14:50:01+00:00",
"revision_history": [
{
"date": "2022-10-05T14:50:01+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-10-05T14:50:01+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-16T16:05:35+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat build of Eclipse Vert.x 4.3.3",
"product": {
"name": "Red Hat build of Eclipse Vert.x 4.3.3",
"product_id": "Red Hat build of Eclipse Vert.x 4.3.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_application_runtimes:1.0"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Application Runtimes"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-25857",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-09-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2126789"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Denial of Service due to missing nested depth limitation for collections",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For RHEL-8 it\u0027s downgraded to moderate because \"snakeyaml\" itself in RHEL 8 or RHEL-9 isn\u0027t shipped and \"prometheus-jmx-exporter\" is needed as build dependency. And it\u0027s not directly exploitable, hence severity marked as moderate.\nRed Hat Integration and AMQ products are not vulnerable to this flaw, so their severity has been lowered to moderate.\nRed Hat Single Sign-On uses snakeyaml from liquibase-core and is only used when performing migrations and would require administrator privileges to execute, hence severity marked as Low.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be present soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Eclipse Vert.x 4.3.3"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25857"
},
{
"category": "external",
"summary": "RHBZ#2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25857",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25857"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857"
},
{
"category": "external",
"summary": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525",
"url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525"
}
],
"release_date": "2022-08-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-05T14:50:01+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Red Hat build of Eclipse Vert.x 4.3.3"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6757"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Eclipse Vert.x 4.3.3"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "snakeyaml: Denial of Service due to missing nested depth limitation for collections"
},
{
"cve": "CVE-2022-37734",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2022-09-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2126809"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GraphQL Java. This flaw allows an attacker to use a malicious query in GraphQL to cause a denial of service due to inefficient lexer input validation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "graphql-java: DoS by malicious query",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Eclipse Vert.x 4.3.3"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-37734"
},
{
"category": "external",
"summary": "RHBZ#2126809",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126809"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-37734",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37734"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-37734",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-37734"
}
],
"release_date": "2022-09-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-05T14:50:01+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Red Hat build of Eclipse Vert.x 4.3.3"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6757"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Eclipse Vert.x 4.3.3"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "graphql-java: DoS by malicious query"
},
{
"cve": "CVE-2022-38749",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129706"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Eclipse Vert.x 4.3.3"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38749"
},
{
"category": "external",
"summary": "RHBZ#2129706",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129706"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38749",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38749"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38749",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38749"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-05T14:50:01+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Red Hat build of Eclipse Vert.x 4.3.3"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6757"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Eclipse Vert.x 4.3.3"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode"
},
{
"cve": "CVE-2022-38750",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129707"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Eclipse Vert.x 4.3.3"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38750"
},
{
"category": "external",
"summary": "RHBZ#2129707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129707"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38750",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38750"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38750",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38750"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-05T14:50:01+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Red Hat build of Eclipse Vert.x 4.3.3"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6757"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Eclipse Vert.x 4.3.3"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject"
},
{
"cve": "CVE-2022-38751",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129709"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Eclipse Vert.x 4.3.3"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38751"
},
{
"category": "external",
"summary": "RHBZ#2129709",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129709"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38751",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38751"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38751",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38751"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-05T14:50:01+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Red Hat build of Eclipse Vert.x 4.3.3"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6757"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Eclipse Vert.x 4.3.3"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match"
},
{
"cve": "CVE-2022-38752",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129710"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Eclipse Vert.x 4.3.3"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38752"
},
{
"category": "external",
"summary": "RHBZ#2129710",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129710"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38752",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38752"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38752",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38752"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-05T14:50:01+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Red Hat build of Eclipse Vert.x 4.3.3"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6757"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Eclipse Vert.x 4.3.3"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode"
}
]
}
RHSA-2022_6941
Vulnerability from csaf_redhat - Published: 2022-10-13 11:14 - Updated: 2024-12-16 16:06Summary
Red Hat Security Advisory: Red Hat build of Quarkus Platform 2.7.6.SP1 and security update
Severity
Important
Notes
Topic: An update is now available for the Red Hat build of Quarkus Platform.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. For more information, see the CVE links in the References section.
Details: This release of Red Hat build of Quarkus 2.7.6.SP1 (Service Pack 1) includes security updates, bug fixes, and enhancements. For more information, see the release notes page listed in the References section.
Security Fix(es):
* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.
7.5 (High)
Vendor Fix
Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.
The References section of this erratum contains a download link for the update. You must be logged in to download the update.
https://access.redhat.com/errata/RHSA-2022:6941
References
| URL | Category | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for the Red Hat build of Quarkus Platform.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. For more information, see the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This release of Red Hat build of Quarkus 2.7.6.SP1 (Service Pack 1) includes security updates, bug fixes, and enhancements. For more information, see the release notes page listed in the References section.\n\nSecurity Fix(es):\n\n* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:6941",
"url": "https://access.redhat.com/errata/RHSA-2022:6941"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/articles/4966181",
"url": "https://access.redhat.com/articles/4966181"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=redhat.quarkus\u0026version=2.7.6.SP1",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=redhat.quarkus\u0026version=2.7.6.SP1"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_build_of_quarkus/2.7",
"url": "https://access.redhat.com/documentation/en-us/red_hat_build_of_quarkus/2.7"
},
{
"category": "external",
"summary": "2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_6941.json"
}
],
"title": "Red Hat Security Advisory: Red Hat build of Quarkus Platform 2.7.6.SP1 and security update",
"tracking": {
"current_release_date": "2024-12-16T16:06:10+00:00",
"generator": {
"date": "2024-12-16T16:06:10+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2022:6941",
"initial_release_date": "2022-10-13T11:14:22+00:00",
"revision_history": [
{
"date": "2022-10-13T11:14:22+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-10-13T11:14:22+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-16T16:06:10+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat build of Quarkus Platform 2.7.6.SP1",
"product": {
"name": "Red Hat build of Quarkus Platform 2.7.6.SP1",
"product_id": "Red Hat build of Quarkus Platform 2.7.6.SP1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_application_runtimes:1.0"
}
}
}
],
"category": "product_family",
"name": "Red Hat build of Quarkus"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-25857",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-09-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2126789"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Denial of Service due to missing nested depth limitation for collections",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For RHEL-8 it\u0027s downgraded to moderate because \"snakeyaml\" itself in RHEL 8 or RHEL-9 isn\u0027t shipped and \"prometheus-jmx-exporter\" is needed as build dependency. And it\u0027s not directly exploitable, hence severity marked as moderate.\nRed Hat Integration and AMQ products are not vulnerable to this flaw, so their severity has been lowered to moderate.\nRed Hat Single Sign-On uses snakeyaml from liquibase-core and is only used when performing migrations and would require administrator privileges to execute, hence severity marked as Low.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be present soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus Platform 2.7.6.SP1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25857"
},
{
"category": "external",
"summary": "RHBZ#2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25857",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25857"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857"
},
{
"category": "external",
"summary": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525",
"url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525"
}
],
"release_date": "2022-08-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-13T11:14:22+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Red Hat build of Quarkus Platform 2.7.6.SP1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6941"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus Platform 2.7.6.SP1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "snakeyaml: Denial of Service due to missing nested depth limitation for collections"
}
]
}
RHSA-2023_1049
Vulnerability from csaf_redhat - Published: 2023-03-01 21:58 - Updated: 2024-12-18 00:38Summary
Red Hat Security Advisory: Red Hat Single Sign-On 7.6.2 security update
Severity
Important
Notes
Topic: A security update is now available for Red Hat Single Sign-On 7.6 from the Customer Portal.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.
This release of Red Hat Single Sign-On 7.6.2 serves as a replacement for Red Hat Single Sign-On 7.6.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* keycloak: XSS on impersonation under specific circumstances (CVE-2022-1438)
* Moment.js: Path traversal in moment.locale (CVE-2022-24785)
* keycloak: missing email notification template allowlist (CVE-2022-1274)
* keycloak: minimist: prototype pollution (CVE-2021-44906)
* moment: inefficient parsing algorithm resulting in DoS (CVE-2022-31129)
* undertow: DoS can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations (CVE-2022-2764)
* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)
* loader-utils: loader-utils:Regular expression denial of service (CVE-2022-37603)
* keycloak: Session takeover with OIDC offline refreshtokens (CVE-2022-3916)
* keycloak: path traversal via double URL encoding (CVE-2022-3782)
* snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode (CVE-2022-38749)
* snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match (CVE-2022-38751)
* snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject (CVE-2022-38750)
* keycloak: Client Registration endpoint does not check token revocation (CVE-2023-0091)
* keycloak: glob-parent: Regular Expression Denial of Service (CVE-2021-35065)
* json5: Prototype Pollution in JSON5 via Parse Method (CVE-2022-46175)
* keycloak: keycloak: user impersonation via stolen uuid code (CVE-2023-0264)
* snakeyaml: Constructor Deserialization Remote Code Execution (CVE-2022-1471)
* CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364)
* rcue-bootstrap: bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip (CVE-2018-14042)
* jettison: If the value in map is the map's self, the new new JSONObject(map) cause StackOverflowError which may lead to dos (CVE-2022-45693)
* sshd-common: mina-sshd: Java unsafe deserialization vulnerability (CVE-2022-45047)
* jettison: memory exhaustion via user-supplied XML or JSON data (CVE-2022-40150)
* jettison: parser crash by stackoverflow (CVE-2022-40149)
* jackson-databind: use of deeply nested arrays (CVE-2022-42004)
* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)
* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)
* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)
* jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358)
* CXF: Apache CXF: directory listing / code exfiltration (CVE-2022-46363)
* keycloak: reflected XSS attack (CVE-2022-4137)
* Keycloak Node.js Adapter: Open redirect vulnerability in checkSSO (CVE-2022-2237)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.
6.1 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1049
In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.
6.1 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1049
A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.
5.6 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1049
A Cross-site scripting (XSS) vulnerability exists in JQuery. This flaw allows an attacker with the ability to supply input to the ‘HTML’ function to inject Javascript into the page where that input is rendered, and have it delivered by the browser.
6.1 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1049
A flaw was found in jQuery. HTML containing \<option\> elements from untrusted sources are passed, even after sanitizing, to one of jQuery's DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.
6.1 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1049
A vulnerability was found in the glob-parent package. Affected versions of this package are vulnerable to Regular expression Denial of Service (ReDoS) attacks, affecting system availability.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1049
An Uncontrolled Resource Consumption flaw was found in minimist. This flaw allows an attacker to trick the library into adding or modifying the properties of Object.prototype, using a constructor or __proto__ payload, resulting in prototype pollution and loss of confidentiality, availability, and integrity.
9.8 (Critical)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1049
A flaw was found in Keycloak in the execute-actions-email endpoint. This issue allows arbitrary HTML to be injected into emails sent to Keycloak users and can be misused to perform phishing or other attacks against users.
7.6 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1049
A flaw was found in Keycloak. Under specific circumstances, HTML entities are not sanitized during user impersonation, resulting in a Cross-site scripting (XSS) vulnerability.
6.4 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1049
A flaw was found in the SnakeYaml package. This flaw allows an attacker to benefit from remote code execution by sending malicious YAML content and this content being deserialized by the constructor. Deserialization is unsafe and leads to Remote Code Execution (RCE).
9.8 (Critical)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1049
A flaw was found in the Keycloak Node.js Adapter. This flaw allows an attacker to benefit from an Open Redirect vulnerability in the checkSso function.
6.8 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1049
A flaw was found in Undertow with EJB invocations. This flaw allows an attacker to generate a valid HTTP request and send it to the server on an established connection after removing the LAST_CHUNK from the bytes, causing a denial of service.
4.2 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1049
A flaw was found in Keycloak, where it does not properly validate URLs included in a redirect. An attacker can use this flaw to construct a malicious request to bypass validation and access other URLs and potentially sensitive information within the domain or possibly conduct further attacks. This flaw affects any client that utilizes a wildcard in the Valid Redirect URIs field.
8.1 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1049
A flaw was found in the offline_access scope in Keycloak. This issue would affect users of shared computers more (especially if cookies are not cleared), due to a lack of root session validation, and the reuse of session ids across root and user authentication sessions. This enables an attacker to resolve a user session attached to a previously authenticated user; when utilizing the refresh token, they will be issued a token for the original user.
6.8 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1049
A reflected cross-site scripting (XSS) vulnerability was found in the 'oob' OAuth endpoint due to incorrect null-byte handling. This issue allows a malicious link to insert an arbitrary URI into a Keycloak error page. This flaw requires a user or administrator to interact with a link in order to be vulnerable. This may compromise user details, allowing it to be changed or collected by an attacker.
8.1 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1049
A path traversal vulnerability was found in Moment.js that impacts npm (server) users. This issue occurs if a user-provided locale string is directly used to switch moment locale, which an attacker can exploit to change the correct path to one of their choice. This can result in a loss of integrity.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1049
Workaround
Sanitize the user-provided locale name before passing it to Moment.js.
A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1049
A flaw was found in the Moment.js package. Users who pass user-provided strings without sanity length checks to the moment constructor are vulnerable to regular expression denial of service (ReDoS) attacks.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1049
A flaw was found in loader-utils webpack library. When the url variable from interpolateName is set, the prototype can be polluted. This issue could lead to a regular expression Denial of Service (ReDoS), affecting the availability of the affected component.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1049
A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash, resulting in a denial of service.
6.5 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1049
A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.
5.5 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1049
A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.
6.5 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1049
A stack-based buffer overflow vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. This flaw allows an attacker to supply content that causes the parser to crash by writing outside the memory bounds if the parser is running on user-supplied input, resulting in a denial of service attack.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1049
A vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. If the parser is running on user-supplied input, an attacker may supply content that causes the parser to crash, causing memory exhaustion. This effect may support a denial of service attack.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1049
A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1049
A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1049
A flaw was found in Apache MINA SSHD, when using Java deserialization to load a serialized java.security.PrivateKey. An attacker could benefit from unsafe deserialization by inserting unsecured data that may affect the application or server.
9.8 (Critical)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1049
Workaround
From the maintainer:
For Apache MINA SSHD <= 2.9.1, do not use org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to generate and later load your server's host key. Use separately generated host key files, for instance in OpenSSH format, and load them via a org.apache.sshd.common.keyprovider.FileKeyPairProvider instead. Or use a custom implementation instead of
SimpleGeneratorHostKeyProvider that uses the OpenSSH format for storing and loading the host key (via classes OpenSSHKeyPairResourceWriter and OpenSSHKeyPairResourceParser).
A flaw was found in Jettison, where it is vulnerable to a denial of service caused by a stack-based buffer overflow. By sending a specially-crafted request using the map parameter, a remote attacker can cause a denial of service.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1049
A flaw was found in the json5 package. The affected version of the json5 package could allow an attacker to set arbitrary and unexpected keys on the object returned from JSON5.parse.
8.8 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1049
A vulnerability was found in Apache CXF that could allow an attacker to perform a remote directory listing or code exfiltration. This issue only applies when the CXFServlet is configured with both the static-resources-list and redirect-query-check attributes. These attributes are not supposed to be used together, so the issue can only occur if the CXF service is misconfigured.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1049
A SSRF vulnerability was found in Apache CXF. This issue occurs when parsing the href attribute of XOP:Include in MTOM requests, allowing an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type.
9.8 (Critical)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1049
A flaw was found in Keycloak, where it did not properly check client tokens for possible revocation in its client credential flow. This flaw allows an attacker to access or modify potentially sensitive information.
CWE-20 - Improper Input Validation
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1049
A flaw was found in Keycloak's OpenID Connect user authentication, which may incorrectly authenticate requests. An authenticated attacker who could obtain information from a user request within the same realm could use that data to impersonate the victim and generate new session tokens. This issue could impact confidentiality, Integrity, and availability.
4.6 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1049
References
| URL | Category | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Acknowledgments
usd AG
Marcus Nilsson
SISOFT s.c.
Grzegorz Tworek
NETAŞ PENTEST TEAM
Aytaç Kalıncı
Ilker Bulgurcu
Yasin Yılmaz
Trifork
Peter Flintholm
https://github.com/souravs17031999
Sourav Kumar
A1 Digital
Jordi Zayuelas i Muñoz
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat Single Sign-On 7.6 from the Customer Portal.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.\n\nThis release of Red Hat Single Sign-On 7.6.2 serves as a replacement for Red Hat Single Sign-On 7.6.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n* keycloak: XSS on impersonation under specific circumstances (CVE-2022-1438)\n* Moment.js: Path traversal in moment.locale (CVE-2022-24785)\n* keycloak: missing email notification template allowlist (CVE-2022-1274)\n* keycloak: minimist: prototype pollution (CVE-2021-44906)\n* moment: inefficient parsing algorithm resulting in DoS (CVE-2022-31129)\n* undertow: DoS can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations (CVE-2022-2764)\n* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)\n* loader-utils: loader-utils:Regular expression denial of service (CVE-2022-37603)\n* keycloak: Session takeover with OIDC offline refreshtokens (CVE-2022-3916)\n* keycloak: path traversal via double URL encoding (CVE-2022-3782)\n* snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode (CVE-2022-38749)\n* snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match (CVE-2022-38751)\n* snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject (CVE-2022-38750)\n* keycloak: Client Registration endpoint does not check token revocation (CVE-2023-0091)\n* keycloak: glob-parent: Regular Expression Denial of Service (CVE-2021-35065)\n* json5: Prototype Pollution in JSON5 via Parse Method (CVE-2022-46175)\n* keycloak: keycloak: user impersonation via stolen uuid code (CVE-2023-0264)\n* snakeyaml: Constructor Deserialization Remote Code Execution (CVE-2022-1471)\n* CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364)\n* rcue-bootstrap: bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip (CVE-2018-14042)\n* jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos (CVE-2022-45693)\n* sshd-common: mina-sshd: Java unsafe deserialization vulnerability (CVE-2022-45047)\n* jettison: memory exhaustion via user-supplied XML or JSON data (CVE-2022-40150)\n* jettison: parser crash by stackoverflow (CVE-2022-40149)\n* jackson-databind: use of deeply nested arrays (CVE-2022-42004)\n* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)\n* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)\n* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)\n* jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358)\n* CXF: Apache CXF: directory listing / code exfiltration (CVE-2022-46363)\n* keycloak: reflected XSS attack (CVE-2022-4137)\n* Keycloak Node.js Adapter: Open redirect vulnerability in checkSSO (CVE-2022-2237)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:1049",
"url": "https://access.redhat.com/errata/RHSA-2023:1049"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "2031904",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031904"
},
{
"category": "external",
"summary": "2066009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066009"
},
{
"category": "external",
"summary": "2072009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072009"
},
{
"category": "external",
"summary": "2073157",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073157"
},
{
"category": "external",
"summary": "2097007",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2097007"
},
{
"category": "external",
"summary": "2105075",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105075"
},
{
"category": "external",
"summary": "2117506",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2117506"
},
{
"category": "external",
"summary": "2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "2129706",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129706"
},
{
"category": "external",
"summary": "2129707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129707"
},
{
"category": "external",
"summary": "2129709",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129709"
},
{
"category": "external",
"summary": "2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "2135770",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770"
},
{
"category": "external",
"summary": "2135771",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771"
},
{
"category": "external",
"summary": "2138971",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2138971"
},
{
"category": "external",
"summary": "2140597",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140597"
},
{
"category": "external",
"summary": "2141404",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2141404"
},
{
"category": "external",
"summary": "2145194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
},
{
"category": "external",
"summary": "2148496",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2148496"
},
{
"category": "external",
"summary": "2150009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150009"
},
{
"category": "external",
"summary": "2155681",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155681"
},
{
"category": "external",
"summary": "2155682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155682"
},
{
"category": "external",
"summary": "2155970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155970"
},
{
"category": "external",
"summary": "2156263",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156263"
},
{
"category": "external",
"summary": "2156324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156324"
},
{
"category": "external",
"summary": "2158585",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2158585"
},
{
"category": "external",
"summary": "2160585",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2160585"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_1049.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Single Sign-On 7.6.2 security update",
"tracking": {
"current_release_date": "2024-12-18T00:38:25+00:00",
"generator": {
"date": "2024-12-18T00:38:25+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2023:1049",
"initial_release_date": "2023-03-01T21:58:17+00:00",
"revision_history": [
{
"date": "2023-03-01T21:58:17+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-03-01T21:58:17+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-18T00:38:25+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Single Sign-On 7",
"product": {
"name": "Red Hat Single Sign-On 7",
"product_id": "Red Hat Single Sign-On 7",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:red_hat_single_sign_on:7.6"
}
}
}
],
"category": "product_family",
"name": "Red Hat Single Sign-On"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-14040",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601614"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14040"
},
{
"category": "external",
"summary": "RHBZ#1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14040",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14040"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:58:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Single Sign-On 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1049"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat Single Sign-On 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute"
},
{
"cve": "CVE-2018-14042",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601617"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14042"
},
{
"category": "external",
"summary": "RHBZ#1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14042",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14042"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:58:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Single Sign-On 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1049"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat Single Sign-On 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip"
},
{
"cve": "CVE-2019-11358",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-03-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1701972"
}
],
"notes": [
{
"category": "description",
"text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-11358"
},
{
"category": "external",
"summary": "RHBZ#1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/",
"url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"
},
{
"category": "external",
"summary": "https://www.drupal.org/sa-core-2019-006",
"url": "https://www.drupal.org/sa-core-2019-006"
}
],
"release_date": "2019-03-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:58:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Single Sign-On 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1049"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"Red Hat Single Sign-On 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection"
},
{
"cve": "CVE-2020-11022",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-04-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1828406"
}
],
"notes": [
{
"category": "description",
"text": "A Cross-site scripting (XSS) vulnerability exists in JQuery. This flaw allows an attacker with the ability to supply input to the \u2018HTML\u2019 function to inject Javascript into the page where that input is rendered, and have it delivered by the browser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "No supported release of Red Hat OpenStack Platform is affected by this vulnerability as no shipped packages contain the vulnerable code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11022"
},
{
"category": "external",
"summary": "RHBZ#1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11022",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2",
"url": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2"
}
],
"release_date": "2020-04-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:58:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Single Sign-On 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1049"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method"
},
{
"cve": "CVE-2020-11023",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-06-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1850004"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jQuery. HTML containing \\\u003coption\\\u003e elements from untrusted sources are passed, even after sanitizing, to one of jQuery\u0027s DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux versions 6, 7, and 8 ship a vulnerable version of JQuery in the `pcs` component. However, the vulnerability has not been found to be exploitable in reasonable scenarios. \n\nIn RHEL7, pcs-0.9.169-3.el7_9.3 [RHSA-2022:7343] contains an updated version of jquery (3.6.0), which does not contain the vulnerable code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11023"
},
{
"category": "external",
"summary": "RHBZ#1850004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/",
"url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/"
}
],
"release_date": "2020-04-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:58:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Single Sign-On 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1049"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods"
},
{
"cve": "CVE-2021-35065",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-12-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2156324"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the glob-parent package. Affected versions of this package are vulnerable to Regular expression Denial of Service (ReDoS) attacks, affecting system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "glob-parent: Regular Expression Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The glob-parent package is a transitive dependency and this is not used directly in any of the Red Hat products. Hence, the impact is reduced to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-35065"
},
{
"category": "external",
"summary": "RHBZ#2156324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156324"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-35065",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35065"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-35065",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-35065"
},
{
"category": "external",
"summary": "https://security.snyk.io/vuln/SNYK-JS-GLOBPARENT-1314294",
"url": "https://security.snyk.io/vuln/SNYK-JS-GLOBPARENT-1314294"
}
],
"release_date": "2022-12-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:58:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Single Sign-On 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1049"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "glob-parent: Regular Expression Denial of Service"
},
{
"cve": "CVE-2021-44906",
"cwe": {
"id": "CWE-1321",
"name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
},
"discovery_date": "2022-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2066009"
}
],
"notes": [
{
"category": "description",
"text": "An Uncontrolled Resource Consumption flaw was found in minimist. This flaw allows an attacker to trick the library into adding or modifying the properties of Object.prototype, using a constructor or __proto__ payload, resulting in prototype pollution and loss of confidentiality, availability, and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "minimist: prototype pollution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The original fix for CVE-2020-7598 was incomplete as it was still possible to bypass in some cases. While this flaw (CVE-2021-44906) enables attackers to control objects that they should not have access to, actual exploitation would still require a chain of independent flaws. Even though the CVSS for CVE-2021-44906 is higher than CVE-2020-7598, they are both rated as having Moderate impact.\n\nWithin Red Hat Satellite 6 this flaw has been rated as having a security impact of Low. It is not currently planned to be addressed there, as the minimist library is only included in the -doc subpackage and is part of test fixtures that are not in the execution path used by the rabl gem.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44906"
},
{
"category": "external",
"summary": "RHBZ#2066009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44906",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44906"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44906",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44906"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-xvch-5gv4-984h",
"url": "https://github.com/advisories/GHSA-xvch-5gv4-984h"
}
],
"release_date": "2022-03-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:58:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Single Sign-On 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1049"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "minimist: prototype pollution"
},
{
"acknowledgments": [
{
"names": [
"Marcus Nilsson"
],
"organization": "usd AG"
}
],
"cve": "CVE-2022-1274",
"cwe": {
"id": "CWE-80",
"name": "Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)"
},
"discovery_date": "2022-04-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2073157"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Keycloak in the execute-actions-email endpoint. This issue allows arbitrary HTML to be injected into emails sent to Keycloak users and can be misused to perform phishing or other attacks against users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: HTML injection in execute-actions-email Admin REST API",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-1274"
},
{
"category": "external",
"summary": "RHBZ#2073157",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073157"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-1274",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1274"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1274",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1274"
},
{
"category": "external",
"summary": "https://github.com/keycloak/keycloak/security/advisories/GHSA-m4fv-gm5m-4725",
"url": "https://github.com/keycloak/keycloak/security/advisories/GHSA-m4fv-gm5m-4725"
}
],
"release_date": "2023-02-28T18:57:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:58:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Single Sign-On 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1049"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "keycloak: HTML injection in execute-actions-email Admin REST API"
},
{
"acknowledgments": [
{
"names": [
"Grzegorz Tworek"
],
"organization": "SISOFT s.c."
}
],
"cve": "CVE-2022-1438",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2021-12-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2031904"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Keycloak. Under specific circumstances, HTML entities are not sanitized during user impersonation, resulting in a Cross-site scripting (XSS) vulnerability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: XSS on impersonation under specific circumstances",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-1438"
},
{
"category": "external",
"summary": "RHBZ#2031904",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031904"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-1438",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1438"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1438",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1438"
}
],
"release_date": "2023-02-28T18:56:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:58:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Single Sign-On 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1049"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "keycloak: XSS on impersonation under specific circumstances"
},
{
"cve": "CVE-2022-1471",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-12-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2150009"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the SnakeYaml package. This flaw allows an attacker to benefit from remote code execution by sending malicious YAML content and this content being deserialized by the constructor. Deserialization is unsafe and leads to Remote Code Execution (RCE).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "SnakeYaml: Constructor Deserialization Remote Code Execution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In the Red Hat Process Automation 7 (RHPAM) the untrusted, malicious YAML file for deserialization by the vulnerable Snakeyaml\u0027s SafeConstructor class must be provided intentionally by the RHPAM user which requires high privileges. The potential attack complexity is also high because it depends on conditions that are beyond the attacker\u0027s control. Due to that the impact for RHPAM is reduced to Low.\n\nRed Hat Fuse 7 does not expose by default any endpoint that passes incoming data/request into vulnerable Snakeyaml\u0027s Constructor class nor pass untrusted data to this class. When this class is used, it\u2019s still only used to parse internal configuration, hence the impact by this vulnerability to Red Hat Fuse 7 is reduced to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-1471"
},
{
"category": "external",
"summary": "RHBZ#2150009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-1471",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1471"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1471",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1471"
},
{
"category": "external",
"summary": "https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2",
"url": "https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2"
}
],
"release_date": "2022-10-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:58:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Single Sign-On 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1049"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "SnakeYaml: Constructor Deserialization Remote Code Execution"
},
{
"acknowledgments": [
{
"names": [
"Ayta\u00e7 Kal\u0131nc\u0131",
"Ilker Bulgurcu",
"Yasin Y\u0131lmaz"
],
"organization": "NETA\u015e PENTEST TEAM"
}
],
"cve": "CVE-2022-2237",
"cwe": {
"id": "CWE-601",
"name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
},
"discovery_date": "2022-06-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2097007"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Keycloak Node.js Adapter. This flaw allows an attacker to benefit from an Open Redirect vulnerability in the checkSso function.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Adapter: Open redirect vulnerability in checkSSO",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "CodeReady Studio is no longer supported. Therefore, this flaw will not be addressed in CodeReady Studio. Please see https://developers.redhat.com/articles/2022/04/18/announcement-red-hat-codeready-studio-reaches-end-life for more information.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-2237"
},
{
"category": "external",
"summary": "RHBZ#2097007",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2097007"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-2237",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2237"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-2237",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2237"
}
],
"release_date": "2023-03-01T13:57:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:58:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Single Sign-On 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1049"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Adapter: Open redirect vulnerability in checkSSO"
},
{
"cve": "CVE-2022-2764",
"discovery_date": "2022-08-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2117506"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Undertow with EJB invocations. This flaw allows an attacker to generate a valid HTTP request and send it to the server on an established connection after removing the LAST_CHUNK from the bytes, causing a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Undertow: DoS can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-2764"
},
{
"category": "external",
"summary": "RHBZ#2117506",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2117506"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-2764",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2764"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-2764",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2764"
}
],
"release_date": "2022-08-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:58:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Single Sign-On 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1049"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "Undertow: DoS can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations"
},
{
"cve": "CVE-2022-3782",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2022-10-31T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2138971"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Keycloak, where it does not properly validate URLs included in a redirect. An attacker can use this flaw to construct a malicious request to bypass validation and access other URLs and potentially sensitive information within the domain or possibly conduct further attacks. This flaw affects any client that utilizes a wildcard in the Valid Redirect URIs field.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: path traversal via double URL encoding",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not impacted as this CVE affects the server-side Keycloak execution but Quarkus only acts as a Keycloak client in its quarkus-keycloak-authorization extension. For this reason Quarkus is marked with Low impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3782"
},
{
"category": "external",
"summary": "RHBZ#2138971",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2138971"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3782",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3782"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3782",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3782"
}
],
"release_date": "2022-12-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:58:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Single Sign-On 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1049"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "keycloak: path traversal via double URL encoding"
},
{
"acknowledgments": [
{
"names": [
"Peter Flintholm"
],
"organization": "Trifork"
}
],
"cve": "CVE-2022-3916",
"cwe": {
"id": "CWE-384",
"name": "Session Fixation"
},
"discovery_date": "2022-11-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2141404"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the offline_access scope in Keycloak. This issue would affect users of shared computers more (especially if cookies are not cleared), due to a lack of root session validation, and the reuse of session ids across root and user authentication sessions. This enables an attacker to resolve a user session attached to a previously authenticated user; when utilizing the refresh token, they will be issued a token for the original user.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: Session takeover with OIDC offline refreshtokens",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3916"
},
{
"category": "external",
"summary": "RHBZ#2141404",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2141404"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3916",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3916"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3916",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3916"
}
],
"release_date": "2022-11-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:58:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Single Sign-On 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1049"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "keycloak: Session takeover with OIDC offline refreshtokens"
},
{
"cve": "CVE-2022-4137",
"cwe": {
"id": "CWE-81",
"name": "Improper Neutralization of Script in an Error Message Web Page"
},
"discovery_date": "2022-11-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2148496"
}
],
"notes": [
{
"category": "description",
"text": "A reflected cross-site scripting (XSS) vulnerability was found in the \u0027oob\u0027 OAuth endpoint due to incorrect null-byte handling. This issue allows a malicious link to insert an arbitrary URI into a Keycloak error page. This flaw requires a user or administrator to interact with a link in order to be vulnerable. This may compromise user details, allowing it to be changed or collected by an attacker.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: reflected XSS attack",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-4137"
},
{
"category": "external",
"summary": "RHBZ#2148496",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2148496"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-4137",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4137"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-4137",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4137"
}
],
"release_date": "2023-03-01T13:56:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:58:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Single Sign-On 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1049"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "keycloak: reflected XSS attack"
},
{
"cve": "CVE-2022-24785",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2022-04-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2072009"
}
],
"notes": [
{
"category": "description",
"text": "A path traversal vulnerability was found in Moment.js that impacts npm (server) users. This issue occurs if a user-provided locale string is directly used to switch moment locale, which an attacker can exploit to change the correct path to one of their choice. This can result in a loss of integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Moment.js: Path traversal in moment.locale",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-24785"
},
{
"category": "external",
"summary": "RHBZ#2072009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-24785",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24785"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24785",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24785"
},
{
"category": "external",
"summary": "https://github.com/moment/moment/security/advisories/GHSA-8hfj-j24r-96c4",
"url": "https://github.com/moment/moment/security/advisories/GHSA-8hfj-j24r-96c4"
}
],
"release_date": "2022-04-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:58:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Single Sign-On 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1049"
},
{
"category": "workaround",
"details": "Sanitize the user-provided locale name before passing it to Moment.js.",
"product_ids": [
"Red Hat Single Sign-On 7"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Moment.js: Path traversal in moment.locale"
},
{
"cve": "CVE-2022-25857",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-09-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2126789"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Denial of Service due to missing nested depth limitation for collections",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For RHEL-8 it\u0027s downgraded to moderate because \"snakeyaml\" itself in RHEL 8 or RHEL-9 isn\u0027t shipped and \"prometheus-jmx-exporter\" is needed as build dependency. And it\u0027s not directly exploitable, hence severity marked as moderate.\nRed Hat Integration and AMQ products are not vulnerable to this flaw, so their severity has been lowered to moderate.\nRed Hat Single Sign-On uses snakeyaml from liquibase-core and is only used when performing migrations and would require administrator privileges to execute, hence severity marked as Low.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be present soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25857"
},
{
"category": "external",
"summary": "RHBZ#2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25857",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25857"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857"
},
{
"category": "external",
"summary": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525",
"url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525"
}
],
"release_date": "2022-08-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:58:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Single Sign-On 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1049"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "snakeyaml: Denial of Service due to missing nested depth limitation for collections"
},
{
"cve": "CVE-2022-31129",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-07-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2105075"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Moment.js package. Users who pass user-provided strings without sanity length checks to the moment constructor are vulnerable to regular expression denial of service (ReDoS) attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "moment: inefficient parsing algorithm resulting in DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Fuse provides the affected software but does not use the functionality and as such its impact has been downgraded to Low.\n\nRed Hat Advanced Cluster Management for Kubernetes (RHACM) ships a vulnerable version of the moment library. However, this affected functionality is restricted behind OAuth, reducing the impact to Moderate.\n\nRed Hat Satellite ships a vulnerable version of the moment library. However, this only affects a specific component (qpid-dispatch), reducing the impact to Moderate.\n\nRed Hat Ceph Storage (RHCS) ships a vulnerable version of the moment library, however, it is not directly used and is a transitive dependency from Angular. In addition, the impact would only be to the grafana browser, and not the underlying RHCS system, which reduces the impact to Moderate. \n\nRed Hat OpenShift Service Mesh (OSSM) ships a vulnerable version of the moment library, however, it is not directly used, and as such, the impact has been lowered to Moderate.\n\nRed Hat OpenShift distributed tracing ships a vulnerable version of the moment library, however, it is not directly used, and as such, the impact has been lowered to Moderate.\n\nIn Logging Subsystem for Red Hat OpenShift the vulnerable moment nodejs package is bundled in the ose-logging-kibana6 container as a transitive dependency, hence the direct impact is reduced to Moderate.\n\nIn OpenShift Container Platform 4 the vulnerabile moment package is a third party dependency, hence the direct impact is reduced to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-31129"
},
{
"category": "external",
"summary": "RHBZ#2105075",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105075"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-31129",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31129"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-31129",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-31129"
},
{
"category": "external",
"summary": "https://github.com/moment/moment/security/advisories/GHSA-wc69-rhjr-hc9g",
"url": "https://github.com/moment/moment/security/advisories/GHSA-wc69-rhjr-hc9g"
}
],
"release_date": "2022-07-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:58:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Single Sign-On 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1049"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "moment: inefficient parsing algorithm resulting in DoS"
},
{
"cve": "CVE-2022-37603",
"cwe": {
"id": "CWE-185",
"name": "Incorrect Regular Expression"
},
"discovery_date": "2022-11-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2140597"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in loader-utils webpack library. When the url variable from interpolateName is set, the prototype can be polluted. This issue could lead to a regular expression Denial of Service (ReDoS), affecting the availability of the affected component.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "loader-utils: Regular expression denial of service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-37603"
},
{
"category": "external",
"summary": "RHBZ#2140597",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140597"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-37603",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37603"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-37603",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-37603"
}
],
"release_date": "2022-10-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:58:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Single Sign-On 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1049"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "loader-utils: Regular expression denial of service"
},
{
"cve": "CVE-2022-38749",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129706"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38749"
},
{
"category": "external",
"summary": "RHBZ#2129706",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129706"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38749",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38749"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38749",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38749"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:58:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Single Sign-On 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1049"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode"
},
{
"cve": "CVE-2022-38750",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129707"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38750"
},
{
"category": "external",
"summary": "RHBZ#2129707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129707"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38750",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38750"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38750",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38750"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:58:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Single Sign-On 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1049"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject"
},
{
"cve": "CVE-2022-38751",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129709"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38751"
},
{
"category": "external",
"summary": "RHBZ#2129709",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129709"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38751",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38751"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38751",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38751"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:58:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Single Sign-On 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1049"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match"
},
{
"cve": "CVE-2022-40149",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-10-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135771"
}
],
"notes": [
{
"category": "description",
"text": "A stack-based buffer overflow vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. This flaw allows an attacker to supply content that causes the parser to crash by writing outside the memory bounds if the parser is running on user-supplied input, resulting in a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: parser crash by stackoverflow",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40149"
},
{
"category": "external",
"summary": "RHBZ#2135771",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40149",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40149"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149"
},
{
"category": "external",
"summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1",
"url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1"
}
],
"release_date": "2022-09-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:58:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Single Sign-On 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1049"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jettison: parser crash by stackoverflow"
},
{
"cve": "CVE-2022-40150",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-10-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135770"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. If the parser is running on user-supplied input, an attacker may supply content that causes the parser to crash, causing memory exhaustion. This effect may support a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: memory exhaustion via user-supplied XML or JSON data",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40150"
},
{
"category": "external",
"summary": "RHBZ#2135770",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40150",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40150"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150"
},
{
"category": "external",
"summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1",
"url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1"
}
],
"release_date": "2022-09-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:58:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Single Sign-On 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1049"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jettison: memory exhaustion via user-supplied XML or JSON data"
},
{
"cve": "CVE-2022-42003",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135244"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42003"
},
{
"category": "external",
"summary": "RHBZ#2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42003",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:58:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Single Sign-On 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1049"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS"
},
{
"cve": "CVE-2022-42004",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135247"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: use of deeply nested arrays",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42004"
},
{
"category": "external",
"summary": "RHBZ#2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42004",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:58:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Single Sign-On 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1049"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: use of deeply nested arrays"
},
{
"cve": "CVE-2022-45047",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-11-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2145194"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache MINA SSHD, when using Java deserialization to load a serialized java.security.PrivateKey. An attacker could benefit from unsafe deserialization by inserting unsecured data that may affect the application or server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mina-sshd: Java unsafe deserialization vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Impact as High as there\u0027s a mitigation for minimizing the impact which the flaw requires org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to be impacted, which would require an external/public API for an attacker to benefit from it. \n\nRed Hat Fuse 7 and Red Hat JBoss Enterprise Application Platform 7 have a lower rate (moderate) as it\u0027s very unlikely to be exploited since those are for internal usage or use a custom implementation in their case.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45047"
},
{
"category": "external",
"summary": "RHBZ#2145194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45047",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45047"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047"
},
{
"category": "external",
"summary": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html",
"url": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html"
}
],
"release_date": "2022-11-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:58:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Single Sign-On 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1049"
},
{
"category": "workaround",
"details": "From the maintainer:\n\nFor Apache MINA SSHD \u003c= 2.9.1, do not use org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to generate and later load your server\u0027s host key. Use separately generated host key files, for instance in OpenSSH format, and load them via a org.apache.sshd.common.keyprovider.FileKeyPairProvider instead. Or use a custom implementation instead of \nSimpleGeneratorHostKeyProvider that uses the OpenSSH format for storing and loading the host key (via classes OpenSSHKeyPairResourceWriter and OpenSSHKeyPairResourceParser).",
"product_ids": [
"Red Hat Single Sign-On 7"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "mina-sshd: Java unsafe deserialization vulnerability"
},
{
"cve": "CVE-2022-45693",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-12-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155970"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jettison, where it is vulnerable to a denial of service caused by a stack-based buffer overflow. By sending a specially-crafted request using the map parameter, a remote attacker can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat has determined the impact of this flaw to be Moderate; a successful attack using this flaw would require the processing of untrusted, unsanitized, or unrestricted user inputs, which runs counter to established Red Hat security practices.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45693"
},
{
"category": "external",
"summary": "RHBZ#2155970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155970"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45693",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45693"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45693",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45693"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:58:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Single Sign-On 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1049"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos"
},
{
"cve": "CVE-2022-46175",
"cwe": {
"id": "CWE-1321",
"name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
},
"discovery_date": "2022-12-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2156263"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the json5 package. The affected version of the json5 package could allow an attacker to set arbitrary and unexpected keys on the object returned from JSON5.parse.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "json5: Prototype Pollution in JSON5 via Parse Method",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The json5 package is a build-time dependency in Red Hat products and is not used in production runtime. Hence, the impact is set to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-46175"
},
{
"category": "external",
"summary": "RHBZ#2156263",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156263"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-46175",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46175"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46175",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46175"
},
{
"category": "external",
"summary": "https://github.com/json5/json5/security/advisories/GHSA-9c47-m6qq-7p4h",
"url": "https://github.com/json5/json5/security/advisories/GHSA-9c47-m6qq-7p4h"
}
],
"release_date": "2022-12-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:58:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Single Sign-On 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1049"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "json5: Prototype Pollution in JSON5 via Parse Method"
},
{
"cve": "CVE-2022-46363",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2022-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155681"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Apache CXF that could allow an attacker to perform a remote directory listing or code exfiltration. This issue only applies when the CXFServlet is configured with both the static-resources-list and redirect-query-check attributes. These attributes are not supposed to be used together, so the issue can only occur if the CXF service is misconfigured.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "CXF: directory listing / code exfiltration",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-46363"
},
{
"category": "external",
"summary": "RHBZ#2155681",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155681"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-46363",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46363"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46363",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46363"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/pdzo1qgyplf4y523tnnzrcm7hoco3l8c",
"url": "https://lists.apache.org/thread/pdzo1qgyplf4y523tnnzrcm7hoco3l8c"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:58:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Single Sign-On 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1049"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "CXF: directory listing / code exfiltration"
},
{
"cve": "CVE-2022-46364",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2022-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155682"
}
],
"notes": [
{
"category": "description",
"text": "A SSRF vulnerability was found in Apache CXF. This issue occurs when parsing the href attribute of XOP:Include in MTOM requests, allowing an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "CXF: SSRF Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Integration Camel Quarkus does not support CXF extensions and so is affected at a reduced impact of Moderate.\nThe RHSSO server does not ship Apache CXF. The component mentioned in CVE-2022-46364 is a transitive dependency coming from Fuse adapters and the test suite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-46364"
},
{
"category": "external",
"summary": "RHBZ#2155682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155682"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-46364",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46364"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46364",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46364"
},
{
"category": "external",
"summary": "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1\u0026modificationDate=1670944472739\u0026api=v2",
"url": "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1\u0026modificationDate=1670944472739\u0026api=v2"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:58:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Single Sign-On 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1049"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "CXF: SSRF Vulnerability"
},
{
"acknowledgments": [
{
"names": [
"Sourav Kumar"
],
"organization": "https://github.com/souravs17031999",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2023-0091",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2022-10-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2158585"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Keycloak, where it did not properly check client tokens for possible revocation in its client credential flow. This flaw allows an attacker to access or modify potentially sensitive information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: Client Registration endpoint does not check token revocation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-0091"
},
{
"category": "external",
"summary": "RHBZ#2158585",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2158585"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-0091",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0091"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0091",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0091"
},
{
"category": "external",
"summary": "https://github.com/keycloak/keycloak/security/advisories/GHSA-v436-q368-hvgg",
"url": "https://github.com/keycloak/keycloak/security/advisories/GHSA-v436-q368-hvgg"
},
{
"category": "external",
"summary": "https://github.com/keycloak/security/issues/27",
"url": "https://github.com/keycloak/security/issues/27"
}
],
"release_date": "2022-10-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:58:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Single Sign-On 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1049"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "keycloak: Client Registration endpoint does not check token revocation"
},
{
"acknowledgments": [
{
"names": [
"Jordi Zayuelas i Mu\u00f1oz"
],
"organization": "A1 Digital",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2023-0264",
"cwe": {
"id": "CWE-303",
"name": "Incorrect Implementation of Authentication Algorithm"
},
"discovery_date": "2023-01-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2160585"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Keycloak\u0027s OpenID Connect user authentication, which may incorrectly authenticate requests. An authenticated attacker who could obtain information from a user request within the same realm could use that data to impersonate the victim and generate new session tokens. This issue could impact confidentiality, Integrity, and availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: user impersonation via stolen uuid code",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-0264"
},
{
"category": "external",
"summary": "RHBZ#2160585",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2160585"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-0264",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0264"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0264",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0264"
}
],
"release_date": "2023-02-28T18:58:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:58:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Single Sign-On 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1049"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "keycloak: user impersonation via stolen uuid code"
}
]
}
RHSA-2022:6821
Vulnerability from csaf_redhat - Published: 2022-10-05 16:36 - Updated: 2026-04-01 18:37Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.7 Security update
Severity
Important
Notes
Topic: A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.7 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.6, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.7 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* undertow: Large AJP request may cause DoS (CVE-2022-2053)
* undertow: potential security issue in flow control over HTTP/2 may lead to DOS. Incomplete fix for CVE-2021-3629 (CVE-2022-1259)
* snakeyaml: Denial of Service due missing to nested depth limitation for collections. (CVE-2022-25857)
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in Undertow. A potential security issue in flow control handling by the browser over HTTP/2 may cause overhead or a denial of service in the server.
7.5 (High)
Vendor Fix
Before applying this update, ensure all previously released errata relevant to your system have been applied. For details about how to apply this update, see: https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2022:6821
A flaw was found in Undertow. AJP requests to the server may allow an attacker to send a malicious request and trigger server errors, resulting in a denial of service.
7.5 (High)
Vendor Fix
Before applying this update, ensure all previously released errata relevant to your system have been applied. For details about how to apply this update, see: https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2022:6821
A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.
7.5 (High)
Vendor Fix
Before applying this update, ensure all previously released errata relevant to your system have been applied. For details about how to apply this update, see: https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2022:6821
References
| URL | Category | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.7 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.6, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.7 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* undertow: Large AJP request may cause DoS (CVE-2022-2053)\n\n* undertow: potential security issue in flow control over HTTP/2 may lead to DOS. Incomplete fix for CVE-2021-3629 (CVE-2022-1259)\n\n* snakeyaml: Denial of Service due missing to nested depth limitation for collections. (CVE-2022-25857)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:6821",
"url": "https://access.redhat.com/errata/RHSA-2022:6821"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/"
},
{
"category": "external",
"summary": "2072339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072339"
},
{
"category": "external",
"summary": "2095862",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095862"
},
{
"category": "external",
"summary": "2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "JBEAP-23618",
"url": "https://issues.redhat.com/browse/JBEAP-23618"
},
{
"category": "external",
"summary": "JBEAP-23687",
"url": "https://issues.redhat.com/browse/JBEAP-23687"
},
{
"category": "external",
"summary": "JBEAP-23738",
"url": "https://issues.redhat.com/browse/JBEAP-23738"
},
{
"category": "external",
"summary": "JBEAP-23741",
"url": "https://issues.redhat.com/browse/JBEAP-23741"
},
{
"category": "external",
"summary": "JBEAP-23753",
"url": "https://issues.redhat.com/browse/JBEAP-23753"
},
{
"category": "external",
"summary": "JBEAP-23772",
"url": "https://issues.redhat.com/browse/JBEAP-23772"
},
{
"category": "external",
"summary": "JBEAP-23794",
"url": "https://issues.redhat.com/browse/JBEAP-23794"
},
{
"category": "external",
"summary": "JBEAP-23802",
"url": "https://issues.redhat.com/browse/JBEAP-23802"
},
{
"category": "external",
"summary": "JBEAP-23803",
"url": "https://issues.redhat.com/browse/JBEAP-23803"
},
{
"category": "external",
"summary": "JBEAP-23805",
"url": "https://issues.redhat.com/browse/JBEAP-23805"
},
{
"category": "external",
"summary": "JBEAP-23816",
"url": "https://issues.redhat.com/browse/JBEAP-23816"
},
{
"category": "external",
"summary": "JBEAP-23818",
"url": "https://issues.redhat.com/browse/JBEAP-23818"
},
{
"category": "external",
"summary": "JBEAP-23869",
"url": "https://issues.redhat.com/browse/JBEAP-23869"
},
{
"category": "external",
"summary": "JBEAP-23881",
"url": "https://issues.redhat.com/browse/JBEAP-23881"
},
{
"category": "external",
"summary": "JBEAP-23912",
"url": "https://issues.redhat.com/browse/JBEAP-23912"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_6821.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.7 Security update",
"tracking": {
"current_release_date": "2026-04-01T18:37:57+00:00",
"generator": {
"date": "2026-04-01T18:37:57+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.4"
}
},
"id": "RHSA-2022:6821",
"initial_release_date": "2022-10-05T16:36:05+00:00",
"revision_history": [
{
"date": "2022-10-05T16:36:05+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-10-05T16:36:05+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-01T18:37:57+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product": {
"name": "Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el7eap.src",
"product_id": "eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-glassfish-jsf@2.3.14-5.SP06_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate@5.3.28-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy@3.15.4-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-vfs@3.2.17-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-wildfly-http-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.src",
"product_id": "eap7-wildfly-http-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-client@1.1.13-1.SP1_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.14-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el7eap.src",
"product": {
"name": "eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el7eap.src",
"product_id": "eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis@2.16.0-10.redhat_00045.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el7eap.src",
"product_id": "eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.5.3-3.SP2_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el7eap.src",
"product_id": "eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.2.19-1.SP2_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.3.14-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.45-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow-jastow@2.0.11-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport-native-epoll@4.1.77-3.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty@4.1.77-3.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-tcnative@2.0.52-3.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el7eap.src",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el7eap.src",
"product_id": "eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-20.Final_redhat_00019.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el7eap.src",
"product_id": "eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-snakeyaml@1.31.0-1.redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el7eap.src",
"product": {
"name": "eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el7eap.src",
"product_id": "eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.7-3.GA_redhat_00003.1.el7eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-glassfish-jsf@2.3.14-5.SP06_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate@5.3.28-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-core-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-core-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-core-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-core@5.3.28-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-entitymanager-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-entitymanager-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-entitymanager-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-entitymanager@5.3.28-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-envers-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-envers-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-envers-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-envers@5.3.28-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-java8-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-java8-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-java8-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-java8@5.3.28-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy@3.15.4-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-atom-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-atom-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-atom-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-atom-provider@3.15.4-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-cdi-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-cdi-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-cdi-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-cdi@3.15.4-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-client-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-client-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-client-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-client@3.15.4-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-crypto-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-crypto-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-crypto-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-crypto@3.15.4-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jackson-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-jackson-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-jackson-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jackson-provider@3.15.4-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jackson2-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-jackson2-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-jackson2-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jackson2-provider@3.15.4-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jaxb-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-jaxb-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-jaxb-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jaxb-provider@3.15.4-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jaxrs-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-jaxrs-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-jaxrs-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jaxrs@3.15.4-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jettison-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-jettison-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-jettison-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jettison-provider@3.15.4-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jose-jwt-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-jose-jwt-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-jose-jwt-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jose-jwt@3.15.4-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jsapi-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-jsapi-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-jsapi-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jsapi@3.15.4-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-json-binding-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-json-binding-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-json-binding-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-json-binding-provider@3.15.4-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-json-p-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-json-p-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-json-p-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-json-p-provider@3.15.4-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-multipart-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-multipart-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-multipart-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-multipart-provider@3.15.4-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-rxjava2-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-rxjava2-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-rxjava2-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-rxjava2@3.15.4-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-spring-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-spring-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-spring-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-spring@3.15.4-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-validator-provider-11-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-validator-provider-11-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-validator-provider-11-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-validator-provider-11@3.15.4-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-yaml-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-yaml-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-yaml-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-yaml-provider@3.15.4-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-vfs@3.2.17-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-client-common-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-http-client-common-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-http-client-common-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-client-common@1.1.13-1.SP1_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-ejb-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-http-ejb-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-http-ejb-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-ejb-client@1.1.13-1.SP1_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-naming-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-http-naming-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-http-naming-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-naming-client@1.1.13-1.SP1_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-transaction-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-http-transaction-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-http-transaction-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-transaction-client@1.1.13-1.SP1_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.14-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-tool-0:1.15.14-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-tool-0:1.15.14-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-elytron-tool-0:1.15.14-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron-tool@1.15.14-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis@2.16.0-10.redhat_00045.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-cli-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-cli-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-cli-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-cli@2.16.0-10.redhat_00045.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-commons-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-commons-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-commons-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-commons@2.16.0-10.redhat_00045.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-core-client-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-core-client-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-core-client-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-core-client@2.16.0-10.redhat_00045.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-dto-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-dto-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-dto-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-dto@2.16.0-10.redhat_00045.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-hornetq-protocol@2.16.0-10.redhat_00045.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-hqclient-protocol@2.16.0-10.redhat_00045.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jdbc-store-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jdbc-store-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-jdbc-store-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jdbc-store@2.16.0-10.redhat_00045.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jms-client-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jms-client-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-jms-client-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-client@2.16.0-10.redhat_00045.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jms-server-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jms-server-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-jms-server-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-server@2.16.0-10.redhat_00045.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-journal-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-journal-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-journal-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-journal@2.16.0-10.redhat_00045.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-ra-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-ra-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-ra-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-ra@2.16.0-10.redhat_00045.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-selector-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-selector-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-selector-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-selector@2.16.0-10.redhat_00045.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-server-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-server-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-server-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-server@2.16.0-10.redhat_00045.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-service-extensions-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-service-extensions-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-service-extensions-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-service-extensions@2.16.0-10.redhat_00045.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-tools-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-tools-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-tools-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-tools@2.16.0-10.redhat_00045.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.5.3-3.SP2_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-api-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-api-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-common-api-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-api@1.5.3-3.SP2_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-impl-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-impl-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-common-impl-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-impl@1.5.3-3.SP2_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-spi-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-spi-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-common-spi-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-spi@1.5.3-3.SP2_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-api-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-api-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-core-api-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-api@1.5.3-3.SP2_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-impl-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-impl-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-core-impl-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-impl@1.5.3-3.SP2_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-deployers-common-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-deployers-common-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-deployers-common-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-deployers-common@1.5.3-3.SP2_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-jdbc-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-jdbc-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-jdbc-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-jdbc@1.5.3-3.SP2_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-validator-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-validator-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-validator-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-validator@1.5.3-3.SP2_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.2.19-1.SP2_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.3.14-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.45-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow-jastow@2.0.11-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty@4.1.77-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-all-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-all-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-all-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-all@4.1.77-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-buffer-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-buffer-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-buffer-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-buffer@4.1.77-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-codec-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-codec-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec@4.1.77-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-dns-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-codec-dns-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-codec-dns-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-dns@4.1.77-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-haproxy-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-codec-haproxy-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-codec-haproxy-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-haproxy@4.1.77-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-http-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-codec-http-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-codec-http-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-http@4.1.77-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-http2-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-codec-http2-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-codec-http2-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-http2@4.1.77-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-memcache-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-codec-memcache-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-codec-memcache-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-memcache@4.1.77-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-mqtt-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-codec-mqtt-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-codec-mqtt-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-mqtt@4.1.77-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-redis-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-codec-redis-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-codec-redis-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-redis@4.1.77-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-smtp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-codec-smtp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-codec-smtp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-smtp@4.1.77-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-socks-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-codec-socks-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-codec-socks-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-socks@4.1.77-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-stomp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-codec-stomp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-codec-stomp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-stomp@4.1.77-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-xml-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-codec-xml-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-codec-xml-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-xml@4.1.77-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-common-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-common-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-common-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-common@4.1.77-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-handler-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-handler-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-handler-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-handler@4.1.77-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-handler-proxy-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-handler-proxy-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-handler-proxy-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-handler-proxy@4.1.77-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-resolver-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-resolver-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-resolver-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-resolver@4.1.77-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-resolver-dns-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-resolver-dns-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-resolver-dns-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-resolver-dns@4.1.77-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-resolver-dns-classes-macos-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-resolver-dns-classes-macos-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-resolver-dns-classes-macos-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-resolver-dns-classes-macos@4.1.77-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-transport-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-transport-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-transport-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport@4.1.77-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-transport-classes-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-transport-classes-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-transport-classes-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport-classes-epoll@4.1.77-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-transport-classes-kqueue-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-transport-classes-kqueue-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-transport-classes-kqueue-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport-classes-kqueue@4.1.77-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-transport-native-unix-common-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-transport-native-unix-common-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-transport-native-unix-common-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport-native-unix-common@4.1.77-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-transport-rxtx-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-transport-rxtx-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-transport-rxtx-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport-rxtx@4.1.77-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-transport-sctp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-transport-sctp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-transport-sctp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport-sctp@4.1.77-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-transport-udt-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-transport-udt-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-transport-udt-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport-udt@4.1.77-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-tcnative@2.0.52-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-20.Final_redhat_00019.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-cli-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-cli-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.10.0-20.Final_redhat_00019.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-core-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-core-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.10.0-20.Final_redhat_00019.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-snakeyaml@1.31.0-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"product_id": "eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.7-3.GA_redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk11-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk11-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"product_id": "eap7-wildfly-java-jdk11-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk11@7.4.7-3.GA_redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk8-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk8-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"product_id": "eap7-wildfly-java-jdk8-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk8@7.4.7-3.GA_redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-javadocs-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"product_id": "eap7-wildfly-javadocs-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.4.7-3.GA_redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-modules-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-modules-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"product_id": "eap7-wildfly-modules-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.4.7-3.GA_redhat_00003.1.el7eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.x86_64",
"product": {
"name": "eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.x86_64",
"product_id": "eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport-native-epoll@4.1.77-3.Final_redhat_00001.1.el7eap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-transport-native-epoll-debuginfo-0:4.1.77-3.Final_redhat_00001.1.el7eap.x86_64",
"product": {
"name": "eap7-netty-transport-native-epoll-debuginfo-0:4.1.77-3.Final_redhat_00001.1.el7eap.x86_64",
"product_id": "eap7-netty-transport-native-epoll-debuginfo-0:4.1.77-3.Final_redhat_00001.1.el7eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport-native-epoll-debuginfo@4.1.77-3.Final_redhat_00001.1.el7eap?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el7eap.src"
},
"product_reference": "eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-cli-0:2.16.0-10.redhat_00045.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-10.redhat_00045.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-cli-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-commons-0:2.16.0-10.redhat_00045.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-10.redhat_00045.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-commons-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-core-client-0:2.16.0-10.redhat_00045.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-10.redhat_00045.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-core-client-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-dto-0:2.16.0-10.redhat_00045.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-10.redhat_00045.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-dto-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-10.redhat_00045.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-10.redhat_00045.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-10.redhat_00045.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-10.redhat_00045.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jdbc-store-0:2.16.0-10.redhat_00045.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-10.redhat_00045.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jdbc-store-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jms-client-0:2.16.0-10.redhat_00045.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-10.redhat_00045.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jms-client-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jms-server-0:2.16.0-10.redhat_00045.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-10.redhat_00045.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jms-server-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-journal-0:2.16.0-10.redhat_00045.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-10.redhat_00045.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-journal-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-ra-0:2.16.0-10.redhat_00045.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-10.redhat_00045.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-ra-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-selector-0:2.16.0-10.redhat_00045.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-10.redhat_00045.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-selector-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-server-0:2.16.0-10.redhat_00045.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-10.redhat_00045.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-server-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-service-extensions-0:2.16.0-10.redhat_00045.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-10.redhat_00045.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-service-extensions-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-tools-0:2.16.0-10.redhat_00045.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-10.redhat_00045.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-tools-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-core-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-core-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-entitymanager-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-entitymanager-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-envers-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-envers-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-java8-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-java8-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-api-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-api-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-impl-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-impl-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-spi-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-spi-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-api-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-api-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-impl-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-impl-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-deployers-common-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-deployers-common-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-jdbc-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-jdbc-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-validator-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-validator-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el7eap.src"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-cli-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-core-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-all-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-all-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-buffer-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-buffer-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-codec-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-dns-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-codec-dns-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-haproxy-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-codec-haproxy-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-http-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-codec-http-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-http2-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-codec-http2-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-memcache-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-codec-memcache-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-mqtt-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-codec-mqtt-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-redis-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-codec-redis-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-smtp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-codec-smtp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-socks-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-codec-socks-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-stomp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-codec-stomp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-xml-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-codec-xml-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-common-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-common-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-handler-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-handler-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-handler-proxy-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-handler-proxy-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-resolver-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-resolver-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-resolver-dns-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-resolver-dns-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-resolver-dns-classes-macos-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-resolver-dns-classes-macos-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-transport-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-classes-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-transport-classes-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-classes-kqueue-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-transport-classes-kqueue-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.x86_64"
},
"product_reference": "eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.x86_64",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-native-epoll-debuginfo-0:4.1.77-3.Final_redhat_00001.1.el7eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.77-3.Final_redhat_00001.1.el7eap.x86_64"
},
"product_reference": "eap7-netty-transport-native-epoll-debuginfo-0:4.1.77-3.Final_redhat_00001.1.el7eap.x86_64",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-native-unix-common-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-transport-native-unix-common-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-rxtx-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-transport-rxtx-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-sctp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-transport-sctp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-udt-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-transport-udt-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-atom-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-atom-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-cdi-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-cdi-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-client-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-client-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-crypto-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-crypto-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jackson-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-jackson-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jackson2-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-jackson2-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jaxb-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-jaxb-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jaxrs-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-jaxrs-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jettison-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-jettison-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jose-jwt-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-jose-jwt-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jsapi-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-jsapi-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-json-binding-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-json-binding-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-json-p-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-json-p-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-multipart-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-multipart-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-rxjava2-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-rxjava2-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-spring-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-spring-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-validator-provider-11-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-validator-provider-11-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-yaml-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-yaml-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el7eap.src"
},
"product_reference": "eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-tool-0:1.15.14-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.14-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-tool-0:1.15.14-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-wildfly-http-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-client-common-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-http-client-common-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-ejb-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-http-ejb-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-naming-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-http-naming-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-transaction-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-http-transaction-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk11-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk11-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk8-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk8-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-javadocs-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-modules-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-modules-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-1259",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2022-04-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-all-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-common-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.77-3.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2072339"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Undertow. A potential security issue in flow control handling by the browser over HTTP/2 may cause overhead or a denial of service in the server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: potential security issue in flow control over HTTP/2 may lead to DOS(incomplete fix for CVE-2021-3629)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw occurs because of an incomplete fix for CVE-2021-3629.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-all-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-common-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.77-3.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-1259"
},
{
"category": "external",
"summary": "RHBZ#2072339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072339"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-1259",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1259"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1259",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1259"
}
],
"release_date": "2022-04-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-05T16:36:05+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied. For details about how to apply this update, see: https://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6821"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-all-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-common-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.77-3.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undertow: potential security issue in flow control over HTTP/2 may lead to DOS(incomplete fix for CVE-2021-3629)"
},
{
"cve": "CVE-2022-2053",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2022-06-10T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-all-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-common-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.77-3.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2095862"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Undertow. AJP requests to the server may allow an attacker to send a malicious request and trigger server errors, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: Large AJP request may cause DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Fuse 7 is now in Maintenance Support Phase and is marked Fixed. However, Red Hat Fuse Online does not contain the fix for this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-all-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-common-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.77-3.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-2053"
},
{
"category": "external",
"summary": "RHBZ#2095862",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095862"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-2053",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2053"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-2053",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2053"
}
],
"release_date": "2022-06-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-05T16:36:05+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied. For details about how to apply this update, see: https://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6821"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-all-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-common-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.77-3.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undertow: Large AJP request may cause DoS"
},
{
"cve": "CVE-2022-25857",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-09-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-all-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-common-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.77-3.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2126789"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Denial of Service due to missing nested depth limitation for collections",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For RHEL-8 it\u0027s downgraded to moderate because \"snakeyaml\" itself in RHEL 8 or RHEL-9 isn\u0027t shipped and \"prometheus-jmx-exporter\" is needed as build dependency. And it\u0027s not directly exploitable, hence severity marked as moderate.\nRed Hat Integration and AMQ products are not vulnerable to this flaw, so their severity has been lowered to moderate.\nRed Hat Single Sign-On uses snakeyaml from liquibase-core and is only used when performing migrations and would require administrator privileges to execute, hence severity marked as Low.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be present soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-all-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-common-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.77-3.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25857"
},
{
"category": "external",
"summary": "RHBZ#2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25857",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25857"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857"
},
{
"category": "external",
"summary": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525",
"url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525"
}
],
"release_date": "2022-08-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-05T16:36:05+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied. For details about how to apply this update, see: https://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6821"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-all-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-common-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.77-3.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "snakeyaml: Denial of Service due to missing nested depth limitation for collections"
}
]
}
RHSA-2023:7288
Vulnerability from csaf_redhat - Published: 2023-11-16 05:58 - Updated: 2026-04-01 18:49Summary
Red Hat Security Advisory: Red Hat Product OCP Tools 4.14 Openshift Jenkins security update
Severity
Important
Notes
Topic: An update for Openshift Jenkins is now available for Red Hat Product OCP Tools 4.14.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron.
Security Fix(es):
* golang: net/http, x/net/http2: rapid stream resets can cause excessive work (Rapid Reset Attack) (CVE-2023-39325)
* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)
A Red Hat Security Bulletin which addresses further details about the Rapid Reset flaw is available in the References section.
* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)
* maven-shared-utils: Command injection via Commandline class (CVE-2022-29599)
* apache-commons-text: variable interpolation RCE (CVE-2022-42889)
* jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin (CVE-2023-24422)
* jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin (CVE-2023-25761)
* jenkins-2-plugins/pipeline-build-step: Stored XSS vulnerability in Pipeline: Build Step Plugin (CVE-2023-25762)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:7288
A flaw was found in the maven-shared-utils package. This issue allows a Command Injection due to improper escaping, allowing a shell injection attack.
9.8 (Critical)
Vendor Fix
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:7288
A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code execution (RCE) and unintentional contact with untrusted remote servers.
9.8 (Critical)
Vendor Fix
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:7288
Workaround
This flaw may be avoided by ensuring that any external inputs used with the Commons-Text lookup methods are sanitized properly. Untrusted input should always be thoroughly sanitized before using in any potentially risky situations.
A flaw was found in the script-security Jenkins Plugin. In affected versions of the script-security plugin, property assignments performed implicitly by the Groovy language runtime when invoking map constructors were not intercepted by the sandbox. This vulnerability allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM.
8.8 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:7288
A flaw was found in the Jenkins JUnit plugin. The affected versions of the JUnit Plugin do not escape test case class names in JavaScript expressions, resulting in a stored cross-site scripting (XSS) vulnerability. This may allow an attacker to control test case class names in the JUnit resources processed by the plugin.
5.4 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:7288
A flaw was found in the Jenkins pipeline-build-step plugin. Affected versions of the pipeline-build-step plugin do not escape job names in a JavaScript expression used in the Pipeline Snippet Generator. This can result in a stored cross-site scripting (XSS) vulnerability that may allow attackers to control job names.
5.4 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:7288
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:7288
Workaround
The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages. Security Bulletin https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:7288
Workaround
Users are strongly urged to update their software as soon as fixes are available.
There are several mitigation approaches for this flaw.
1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.
2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.
3. Several package specific mitigations are also available.
a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/
b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p
c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487
d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg
e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.
References
| URL | Category | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for Openshift Jenkins is now available for Red Hat Product OCP Tools 4.14. \n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron.\n\nSecurity Fix(es):\n\n* golang: net/http, x/net/http2: rapid stream resets can cause excessive work (Rapid Reset Attack) (CVE-2023-39325)\n\n* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)\n\nA Red Hat Security Bulletin which addresses further details about the Rapid Reset flaw is available in the References section.\n\n* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)\n\n* maven-shared-utils: Command injection via Commandline class (CVE-2022-29599)\n\n* apache-commons-text: variable interpolation RCE (CVE-2022-42889)\n\n* jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin (CVE-2023-24422)\n\n* jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin (CVE-2023-25761)\n\n* jenkins-2-plugins/pipeline-build-step: Stored XSS vulnerability in Pipeline: Build Step Plugin (CVE-2023-25762)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:7288",
"url": "https://access.redhat.com/errata/RHSA-2023:7288"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "2066479",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066479"
},
{
"category": "external",
"summary": "2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "2135435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135435"
},
{
"category": "external",
"summary": "2164278",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164278"
},
{
"category": "external",
"summary": "2170039",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170039"
},
{
"category": "external",
"summary": "2170041",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170041"
},
{
"category": "external",
"summary": "2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_7288.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Product OCP Tools 4.14 Openshift Jenkins security update",
"tracking": {
"current_release_date": "2026-04-01T18:49:13+00:00",
"generator": {
"date": "2026-04-01T18:49:13+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.4"
}
},
"id": "RHSA-2023:7288",
"initial_release_date": "2023-11-16T05:58:26+00:00",
"revision_history": [
{
"date": "2023-11-16T05:58:26+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-11-16T05:58:26+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-01T18:49:13+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenShift Developer Tools and Services for OCP 4.14",
"product": {
"name": "OpenShift Developer Tools and Services for OCP 4.14",
"product_id": "8Base-OCP-Tools-4.14",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ocp_tools:4.14::el8"
}
}
}
],
"category": "product_family",
"name": "OpenShift Jenkins"
},
{
"branches": [
{
"category": "product_version",
"name": "jenkins-0:2.414.3.1699356615-3.el8.src",
"product": {
"name": "jenkins-0:2.414.3.1699356615-3.el8.src",
"product_id": "jenkins-0:2.414.3.1699356615-3.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins@2.414.3.1699356615-3.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "jenkins-2-plugins-0:4.14.1699356715-1.el8.src",
"product": {
"name": "jenkins-2-plugins-0:4.14.1699356715-1.el8.src",
"product_id": "jenkins-2-plugins-0:4.14.1699356715-1.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins-2-plugins@4.14.1699356715-1.el8?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "jenkins-0:2.414.3.1699356615-3.el8.noarch",
"product": {
"name": "jenkins-0:2.414.3.1699356615-3.el8.noarch",
"product_id": "jenkins-0:2.414.3.1699356615-3.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins@2.414.3.1699356615-3.el8?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"product": {
"name": "jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"product_id": "jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins-2-plugins@4.14.1699356715-1.el8?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-0:2.414.3.1699356615-3.el8.noarch as a component of OpenShift Developer Tools and Services for OCP 4.14",
"product_id": "8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch"
},
"product_reference": "jenkins-0:2.414.3.1699356615-3.el8.noarch",
"relates_to_product_reference": "8Base-OCP-Tools-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-0:2.414.3.1699356615-3.el8.src as a component of OpenShift Developer Tools and Services for OCP 4.14",
"product_id": "8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src"
},
"product_reference": "jenkins-0:2.414.3.1699356615-3.el8.src",
"relates_to_product_reference": "8Base-OCP-Tools-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch as a component of OpenShift Developer Tools and Services for OCP 4.14",
"product_id": "8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch"
},
"product_reference": "jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"relates_to_product_reference": "8Base-OCP-Tools-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-2-plugins-0:4.14.1699356715-1.el8.src as a component of OpenShift Developer Tools and Services for OCP 4.14",
"product_id": "8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
},
"product_reference": "jenkins-2-plugins-0:4.14.1699356715-1.el8.src",
"relates_to_product_reference": "8Base-OCP-Tools-4.14"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-25857",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-09-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2126789"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Denial of Service due to missing nested depth limitation for collections",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For RHEL-8 it\u0027s downgraded to moderate because \"snakeyaml\" itself in RHEL 8 or RHEL-9 isn\u0027t shipped and \"prometheus-jmx-exporter\" is needed as build dependency. And it\u0027s not directly exploitable, hence severity marked as moderate.\nRed Hat Integration and AMQ products are not vulnerable to this flaw, so their severity has been lowered to moderate.\nRed Hat Single Sign-On uses snakeyaml from liquibase-core and is only used when performing migrations and would require administrator privileges to execute, hence severity marked as Low.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be present soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25857"
},
{
"category": "external",
"summary": "RHBZ#2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25857",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25857"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857"
},
{
"category": "external",
"summary": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525",
"url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525"
}
],
"release_date": "2022-08-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-16T05:58:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7288"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "snakeyaml: Denial of Service due to missing nested depth limitation for collections"
},
{
"cve": "CVE-2022-29599",
"cwe": {
"id": "CWE-77",
"name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
},
"discovery_date": "2022-03-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2066479"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the maven-shared-utils package. This issue allows a Command Injection due to improper escaping, allowing a shell injection attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "maven-shared-utils: Command injection via Commandline class",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite ships Candlepin component, which uses the Tomcatjss module from the RHEL AppStream repository. In turn, Tomcatjss relies on Maven, which itself depends on affected Apache Maven Shared Utils. Due to the fact that Satellite does not directly use Apache Maven Shared Utils, or expose it in its code, it is considered not affected by the flaw. Satellite customers can resolve the security warning by updating to the fixed Apache Maven Shared Utils through the updated Maven module, which is available in the RHEL 8 AppStream repository. It\u0027s worth noting that this solution applies solely to RHEL 8, which supports modules exclusively, and it is not applicable to earlier versions including RHEL 7.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-29599"
},
{
"category": "external",
"summary": "RHBZ#2066479",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066479"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-29599",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29599"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-29599",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-29599"
}
],
"release_date": "2020-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-16T05:58:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7288"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "maven-shared-utils: Command injection via Commandline class"
},
{
"cve": "CVE-2022-42889",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2022-10-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135435"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code execution (RCE) and unintentional contact with untrusted remote servers.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-commons-text: variable interpolation RCE",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In order to carry successful exploitation of this vulnerability, the following conditions must be in place on the affected target:\n - Usage of specific methods that interpolate the variables as described in the flaw\n - Usage of external input for those methods\n - Usage of that external input has to be unsanitized/no \"allow list\"/etc.\n\nThe following products have *Low* impact because they have maven references to the affected package but do not ship it nor use the code:\n- Red Hat EAP Expansion Pack (EAP-XP)\n- Red Hat Camel-K\n- Red Hat Camel-Quarkus\n\nRed Hat Satellite ships Candlepin that embeds Apache Commons Text, however, it is not vulnerable to the flaw since the library has not been exposed in the product code. In Candlepin, the Commons Text is being pulled for the Liquibase and ActiveMQ Artemis libraries as a dependency. Red Hat Product Security has evaluated and rated the impact of the flaw as Low for Satellite since there was no harm identified to the confidentiality, integrity, or availability of systems.\n\n- The OCP has a *Moderate* impact because the affected library is a third-party library in the OCP jenkins-2-plugin component which reduces the possibilities of successful exploitation.\n- The OCP-4.8 is affected by this CVE and is in an extended life phase. For versions of products in the Extended Life Phase, Red Hat will provide limited ongoing technical support. No bug fixes, security fixes, hardware enablement or root-cause analysis will be available during this phase, and support will be provided on existing installations only.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42889"
},
{
"category": "external",
"summary": "RHBZ#2135435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135435"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42889",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42889"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42889",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42889"
},
{
"category": "external",
"summary": "https://blogs.apache.org/security/entry/cve-2022-42889",
"url": "https://blogs.apache.org/security/entry/cve-2022-42889"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om",
"url": "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om"
},
{
"category": "external",
"summary": "https://seclists.org/oss-sec/2022/q4/22",
"url": "https://seclists.org/oss-sec/2022/q4/22"
}
],
"release_date": "2022-10-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-16T05:58:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7288"
},
{
"category": "workaround",
"details": "This flaw may be avoided by ensuring that any external inputs used with the Commons-Text lookup methods are sanitized properly. Untrusted input should always be thoroughly sanitized before using in any potentially risky situations.",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache-commons-text: variable interpolation RCE"
},
{
"cve": "CVE-2023-24422",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2023-01-25T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2164278"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the script-security Jenkins Plugin. In affected versions of the script-security plugin, property assignments performed implicitly by the Groovy language runtime when invoking map constructors were not intercepted by the sandbox. This vulnerability allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift 3.11 is already in the ELS support model phase. The Jenkins components are out of scope of the ELS support; hence OpenShift 3.11 Jenkins component is marked in this CVE as out of support scope.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-24422"
},
{
"category": "external",
"summary": "RHBZ#2164278",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164278"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-24422",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24422"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-24422",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24422"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-01-24/#SECURITY-3016",
"url": "https://www.jenkins.io/security/advisory/2023-01-24/#SECURITY-3016"
}
],
"release_date": "2023-01-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-16T05:58:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7288"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin"
},
{
"cve": "CVE-2023-25761",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2023-02-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2170039"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Jenkins JUnit plugin. The affected versions of the JUnit Plugin do not escape test case class names in JavaScript expressions, resulting in a stored cross-site scripting (XSS) vulnerability. This may allow an attacker to control test case class names in the JUnit resources processed by the plugin.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift 3.11 is already in the ELS support model phase. The Jenkins components are out of scope of the ELS support, therefore, the OpenShift 3.11 Jenkins component is marked as out of support scope in this CVE.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-25761"
},
{
"category": "external",
"summary": "RHBZ#2170039",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170039"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-25761",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25761"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-25761",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25761"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-3032",
"url": "https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-3032"
}
],
"release_date": "2023-02-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-16T05:58:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7288"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin"
},
{
"cve": "CVE-2023-25762",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2023-02-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2170041"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Jenkins pipeline-build-step plugin. Affected versions of the pipeline-build-step plugin do not escape job names in a JavaScript expression used in the Pipeline Snippet Generator. This can result in a stored cross-site scripting (XSS) vulnerability that may allow attackers to control job names.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-2-plugins/pipeline-build-step: Stored XSS vulnerability in Pipeline: Build Step Plugin",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift 3.11 is already in the ELS support model phase. The Jenkins components are out of scope of the ELS support, therefore, the OpenShift 3.11 Jenkins component is marked as out of support scope in this CVE.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-25762"
},
{
"category": "external",
"summary": "RHBZ#2170041",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170041"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-25762",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25762"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-25762",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25762"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-3019",
"url": "https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-3019"
}
],
"release_date": "2023-02-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-16T05:58:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7288"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins-2-plugins/pipeline-build-step: Stored XSS vulnerability in Pipeline: Build Step Plugin"
},
{
"cve": "CVE-2023-39325",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2243296"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE is related to CVE-2023-44487.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nAs go-lang vendors its dependencies, a package may contain a library with a known vulnerability, solely because of lower tier libraries including it as a part of its dependencies, but the vulnerable code is not reachable at runtime. In such cases the issue is not exploitable. We classify these situations as \u201cNot affected\u201d or \u201cWill not fix,\u201d depending on the risk of breaking other unrelated packages.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39325"
},
{
"category": "external",
"summary": "RHBZ#2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-44487",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://go.dev/issue/63417",
"url": "https://go.dev/issue/63417"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-16T05:58:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7288"
},
{
"category": "workaround",
"details": "The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)"
},
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242803"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages.\r\n\r\nSecurity Bulletin\r\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "NGINX has been marked as Moderate Impact because, for performance and resource consumption reasons, NGINX limits the number of concurrent streams to a default of 128. In addition, to optimally balance network and server performance, NGINX allows the client to persist HTTP connections for up to 1000 requests by default using an HTTP keepalive.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nrhc component is no longer impacted by CVE-2023-44487 \u0026 CVE-2023-39325.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "RHBZ#2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://github.com/dotnet/announcements/issues/277",
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/",
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-16T05:58:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7288"
},
{
"category": "workaround",
"details": "Users are strongly urged to update their software as soon as fixes are available. \nThere are several mitigation approaches for this flaw. \n\n1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.\n2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.\n3. Several package specific mitigations are also available. \n a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\n b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p\n c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\n d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg\n e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-0:2.414.3.1699356615-3.el8.src",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.noarch",
"8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1699356715-1.el8.src"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-10-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)"
}
]
}
RHSA-2025:4437
Vulnerability from csaf_redhat - Published: 2025-05-05 00:13 - Updated: 2026-04-01 19:07Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.13 security update
Severity
Important
Notes
Topic: An update is now available for Red Hat JBoss Enterprise Application Platform 7.3 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.13 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.12, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.13 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.13 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.12, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.13 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* com.google.code.gson-gson: Deserialization of Untrusted Data in com.google.code.gson-gson [eap-7.3.z] (CVE-2022-25647)
* woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks [eap-7.3.z] (CVE-2022-40152)
* xnio: org.xnio.StreamConnection.notifyReadClosed log to debug instead of stderr [eap-7.3.z] (CVE-2022-0084)
* artemis-commons: Apache ActiveMQ Artemis DoS [eap-7.3] (CVE-2022-23913)
* Moment.js: Path traversal in moment.locale [eap-7.3.z] (CVE-2022-24785)
* jettison: memory exhaustion via user-supplied XML or JSON data [eap-7.3.z] (CVE-2022-40150)
* snakeyaml: Denial of Service due to missing nested depth limitation for collections [eap-7.3.z] (CVE-2022-25857)
* jettison: parser crash by stackoverflow [eap-7.3.z] (CVE-2022-40149)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in XNIO, specifically in the notifyReadClosed method. The issue revealed this method was logging a message to another expected end. This flaw allows an attacker to send flawed requests to a server, possibly causing log contention-related performance concerns or an unwanted disk fill-up.
7.5 (High)
Vendor Fix
Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2025:4437
In Apache ActiveMQ Artemis prior to 2.20.0 or 2.19.1, an attacker could partially disrupt availability (DoS) through uncontrolled resource consumption of memory.
7.5 (High)
Vendor Fix
Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2025:4437
A path traversal vulnerability was found in Moment.js that impacts npm (server) users. This issue occurs if a user-provided locale string is directly used to switch moment locale, which an attacker can exploit to change the correct path to one of their choice. This can result in a loss of integrity.
7.5 (High)
Vendor Fix
Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2025:4437
Workaround
Sanitize the user-provided locale name before passing it to Moment.js.
A flaw was found in gson, which is vulnerable to Deserialization of Untrusted Data via the writeReplace() method in internal classes. This issue may lead to availability attacks.
7.5 (High)
Vendor Fix
Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2025:4437
A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.
7.5 (High)
Vendor Fix
Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2025:4437
A stack-based buffer overflow vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. This flaw allows an attacker to supply content that causes the parser to crash by writing outside the memory bounds if the parser is running on user-supplied input, resulting in a denial of service attack.
7.5 (High)
Vendor Fix
Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2025:4437
A vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. If the parser is running on user-supplied input, an attacker may supply content that causes the parser to crash, causing memory exhaustion. This effect may support a denial of service attack.
7.5 (High)
Vendor Fix
Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2025:4437
A flaw was found in the FasterXML/woodstox package. This flaw allows an attacker to cause a denial of service (DoS) in its target via XML serialization. An attacker may benefit from the parser sending a malicious input that may cause a crash. This vulnerability is only relevant for users using the DTD parsing functionality.
7.5 (High)
Vendor Fix
Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2025:4437
References
| URL | Category | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.3 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.13 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.12, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.13 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nRed Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.13 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.12, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.13 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* com.google.code.gson-gson: Deserialization of Untrusted Data in com.google.code.gson-gson [eap-7.3.z] (CVE-2022-25647)\n\n* woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks [eap-7.3.z] (CVE-2022-40152)\n\n* xnio: org.xnio.StreamConnection.notifyReadClosed log to debug instead of stderr [eap-7.3.z] (CVE-2022-0084)\n\n* artemis-commons: Apache ActiveMQ Artemis DoS [eap-7.3] (CVE-2022-23913)\n\n* Moment.js: Path traversal in moment.locale [eap-7.3.z] (CVE-2022-24785)\n\n* jettison: memory exhaustion via user-supplied XML or JSON data [eap-7.3.z] (CVE-2022-40150)\n\n* snakeyaml: Denial of Service due to missing nested depth limitation for collections [eap-7.3.z] (CVE-2022-25857)\n\n* jettison: parser crash by stackoverflow [eap-7.3.z] (CVE-2022-40149)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:4437",
"url": "https://access.redhat.com/errata/RHSA-2025:4437"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.3",
"url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.3"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.3/html-single/installation_guide/index",
"url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.3/html-single/installation_guide/index"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "2063601",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2063601"
},
{
"category": "external",
"summary": "2064226",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064226"
},
{
"category": "external",
"summary": "2072009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072009"
},
{
"category": "external",
"summary": "2080850",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2080850"
},
{
"category": "external",
"summary": "2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "2134291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134291"
},
{
"category": "external",
"summary": "2135770",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770"
},
{
"category": "external",
"summary": "2135771",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771"
},
{
"category": "external",
"summary": "JBEAP-29297",
"url": "https://issues.redhat.com/browse/JBEAP-29297"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_4437.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.13 security update",
"tracking": {
"current_release_date": "2026-04-01T19:07:41+00:00",
"generator": {
"date": "2026-04-01T19:07:41+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.4"
}
},
"id": "RHSA-2025:4437",
"initial_release_date": "2025-05-05T00:13:08+00:00",
"revision_history": [
{
"date": "2025-05-05T00:13:08+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-05-05T00:13:08+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-01T19:07:41+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3-EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-hal-console-0:3.2.18-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-hal-console-0:3.2.18-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-hal-console-0:3.2.18-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.2.18-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-xnio-base-0:3.7.14-3.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jboss-xnio-base-0:3.7.14-3.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-jboss-xnio-base-0:3.7.14-3.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.7.14-3.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-gson-0:2.8.9-1.redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-gson-0:2.8.9-1.redhat_00001.1.el7eap.src",
"product_id": "eap7-gson-0:2.8.9-1.redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-gson@2.8.9-1.redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src",
"product_id": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-woodstox-core@6.4.0-1.redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-0:2.9.0-10.redhat_00021.1.el7eap.src",
"product": {
"name": "eap7-activemq-artemis-0:2.9.0-10.redhat_00021.1.el7eap.src",
"product_id": "eap7-activemq-artemis-0:2.9.0-10.redhat_00021.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis@2.9.0-10.redhat_00021.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.7.2-14.Final_redhat_00015.1.el7eap.src",
"product": {
"name": "eap7-jboss-server-migration-0:1.7.2-14.Final_redhat_00015.1.el7eap.src",
"product_id": "eap7-jboss-server-migration-0:1.7.2-14.Final_redhat_00015.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.7.2-14.Final_redhat_00015.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.3.13-4.GA_redhat_00002.1.el7eap.src",
"product": {
"name": "eap7-wildfly-0:7.3.13-4.GA_redhat_00002.1.el7eap.src",
"product_id": "eap7-wildfly-0:7.3.13-4.GA_redhat_00002.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.3.13-4.GA_redhat_00002.1.el7eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-hal-console-0:3.2.18-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hal-console-0:3.2.18-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hal-console-0:3.2.18-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.2.18-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-xnio-base-0:3.7.14-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-xnio-base-0:3.7.14-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jboss-xnio-base-0:3.7.14-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.7.14-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-gson-0:2.8.9-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-gson-0:2.8.9-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-gson-0:2.8.9-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-gson@2.8.9-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-woodstox-core@6.4.0-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis@2.9.0-10.redhat_00021.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-cli-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-cli-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-cli-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-cli@2.9.0-10.redhat_00021.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-commons-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-commons-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-commons-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-commons@2.9.0-10.redhat_00021.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-core-client-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-core-client-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-core-client-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-core-client@2.9.0-10.redhat_00021.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-dto-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-dto-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-dto-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-dto@2.9.0-10.redhat_00021.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-hornetq-protocol-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-hornetq-protocol@2.9.0-10.redhat_00021.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-hqclient-protocol-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-hqclient-protocol@2.9.0-10.redhat_00021.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jdbc-store-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jdbc-store-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-jdbc-store-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jdbc-store@2.9.0-10.redhat_00021.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jms-client-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jms-client-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-jms-client-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-client@2.9.0-10.redhat_00021.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jms-server-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jms-server-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-jms-server-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-server@2.9.0-10.redhat_00021.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-journal-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-journal-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-journal-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-journal@2.9.0-10.redhat_00021.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-ra-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-ra-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-ra-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-ra@2.9.0-10.redhat_00021.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-selector-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-selector-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-selector-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-selector@2.9.0-10.redhat_00021.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-server-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-server-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-server-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-server@2.9.0-10.redhat_00021.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-service-extensions-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-service-extensions-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-service-extensions-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-service-extensions@2.9.0-10.redhat_00021.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-tools-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-tools-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-tools-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-tools@2.9.0-10.redhat_00021.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.7.2-14.Final_redhat_00015.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-cli-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-cli-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-cli-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.7.2-14.Final_redhat_00015.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-core-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-core-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-core-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.7.2-14.Final_redhat_00015.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap6.4-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap6.4-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-eap6.4-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap6.4@1.7.2-14.Final_redhat_00015.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap6.4-to-eap7.3@1.7.2-14.Final_redhat_00015.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.0@1.7.2-14.Final_redhat_00015.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.1-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.1-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.1-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.1@1.7.2-14.Final_redhat_00015.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.2-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.2-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.2-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.2@1.7.2-14.Final_redhat_00015.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.2-to-eap7.3@1.7.2-14.Final_redhat_00015.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.3-server@1.7.2-14.Final_redhat_00015.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.0@1.7.2-14.Final_redhat_00015.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.1@1.7.2-14.Final_redhat_00015.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly11.0@1.7.2-14.Final_redhat_00015.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly12.0@1.7.2-14.Final_redhat_00015.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly13.0-server@1.7.2-14.Final_redhat_00015.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly14.0-server@1.7.2-14.Final_redhat_00015.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly15.0-server@1.7.2-14.Final_redhat_00015.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly16.0-server@1.7.2-14.Final_redhat_00015.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly17.0-server@1.7.2-14.Final_redhat_00015.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly18.0-server@1.7.2-14.Final_redhat_00015.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly8.2@1.7.2-14.Final_redhat_00015.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly9.0@1.7.2-14.Final_redhat_00015.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-wildfly-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.3.13-4.GA_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk11-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk11-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-wildfly-java-jdk11-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk11@7.3.13-4.GA_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk8-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk8-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-wildfly-java-jdk8-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk8@7.3.13-4.GA_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-javadocs-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-wildfly-javadocs-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.3.13-4.GA_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-modules-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-modules-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-wildfly-modules-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.3.13-4.GA_redhat_00002.1.el7eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-0:2.9.0-10.redhat_00021.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-0:2.9.0-10.redhat_00021.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-0:2.9.0-10.redhat_00021.1.el7eap.src as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-0:2.9.0-10.redhat_00021.1.el7eap.src"
},
"product_reference": "eap7-activemq-artemis-0:2.9.0-10.redhat_00021.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-cli-0:2.9.0-10.redhat_00021.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-cli-0:2.9.0-10.redhat_00021.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-cli-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-commons-0:2.9.0-10.redhat_00021.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-commons-0:2.9.0-10.redhat_00021.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-commons-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-core-client-0:2.9.0-10.redhat_00021.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-core-client-0:2.9.0-10.redhat_00021.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-core-client-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-dto-0:2.9.0-10.redhat_00021.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-dto-0:2.9.0-10.redhat_00021.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-dto-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.9.0-10.redhat_00021.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-10.redhat_00021.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-hornetq-protocol-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.9.0-10.redhat_00021.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-10.redhat_00021.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-hqclient-protocol-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jdbc-store-0:2.9.0-10.redhat_00021.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jdbc-store-0:2.9.0-10.redhat_00021.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jdbc-store-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jms-client-0:2.9.0-10.redhat_00021.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jms-client-0:2.9.0-10.redhat_00021.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jms-client-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jms-server-0:2.9.0-10.redhat_00021.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jms-server-0:2.9.0-10.redhat_00021.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jms-server-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-journal-0:2.9.0-10.redhat_00021.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-journal-0:2.9.0-10.redhat_00021.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-journal-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-ra-0:2.9.0-10.redhat_00021.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-ra-0:2.9.0-10.redhat_00021.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-ra-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-selector-0:2.9.0-10.redhat_00021.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-selector-0:2.9.0-10.redhat_00021.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-selector-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-server-0:2.9.0-10.redhat_00021.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-server-0:2.9.0-10.redhat_00021.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-server-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-service-extensions-0:2.9.0-10.redhat_00021.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-service-extensions-0:2.9.0-10.redhat_00021.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-service-extensions-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-tools-0:2.9.0-10.redhat_00021.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-tools-0:2.9.0-10.redhat_00021.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-tools-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-gson-0:2.8.9-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3-EUS:eap7-gson-0:2.8.9-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-gson-0:2.8.9-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-gson-0:2.8.9-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3-EUS:eap7-gson-0:2.8.9-1.redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-gson-0:2.8.9-1.redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.2.18-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3-EUS:eap7-hal-console-0:3.2.18-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hal-console-0:3.2.18-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.2.18-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3-EUS:eap7-hal-console-0:3.2.18-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-hal-console-0:3.2.18-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.7.2-14.Final_redhat_00015.1.el7eap.src as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-14.Final_redhat_00015.1.el7eap.src"
},
"product_reference": "eap7-jboss-server-migration-0:1.7.2-14.Final_redhat_00015.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-cli-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-cli-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-core-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-core-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap6.4-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap6.4-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.1-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.1-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.2-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.2-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-xnio-base-0:3.7.14-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.14-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-xnio-base-0:3.7.14-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-xnio-base-0:3.7.14-3.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.14-3.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jboss-xnio-base-0:3.7.14-3.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.3.13-4.GA_redhat_00002.1.el7eap.src as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.13-4.GA_redhat_00002.1.el7eap.src"
},
"product_reference": "eap7-wildfly-0:7.3.13-4.GA_redhat_00002.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk11-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk11-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk8-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk8-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-javadocs-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-modules-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-modules-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3-EUS:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3-EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3-EUS:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3-EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-0084",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2022-03-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2064226"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in XNIO, specifically in the notifyReadClosed method. The issue revealed this method was logging a message to another expected end. This flaw allows an attacker to send flawed requests to a server, possibly causing log contention-related performance concerns or an unwanted disk fill-up.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "xnio: org.xnio.StreamConnection.notifyReadClosed log to debug instead of stderr",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Although the CVSS stands for 7.5 score, the impact remains Moderate as it demands previous knowledge of the environment to trigger the Denial of Service (DoS)",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-0:2.9.0-10.redhat_00021.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-cli-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-commons-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-core-client-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-dto-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jdbc-store-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jms-client-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jms-server-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-journal-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-ra-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-selector-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-server-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-service-extensions-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-tools-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-gson-0:2.8.9-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-gson-0:2.8.9-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-hal-console-0:3.2.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-hal-console-0:3.2.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-14.Final_redhat_00015.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.14-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.14-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.13-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-0084"
},
{
"category": "external",
"summary": "RHBZ#2064226",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064226"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-0084",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0084"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-0084",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0084"
}
],
"release_date": "2022-03-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-05-05T00:13:08+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-0:2.9.0-10.redhat_00021.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-cli-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-commons-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-core-client-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-dto-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jdbc-store-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jms-client-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jms-server-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-journal-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-ra-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-selector-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-server-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-service-extensions-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-tools-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-gson-0:2.8.9-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-gson-0:2.8.9-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-hal-console-0:3.2.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-hal-console-0:3.2.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-14.Final_redhat_00015.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.14-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.14-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.13-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:4437"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-0:2.9.0-10.redhat_00021.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-cli-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-commons-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-core-client-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-dto-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jdbc-store-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jms-client-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jms-server-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-journal-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-ra-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-selector-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-server-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-service-extensions-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-tools-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-gson-0:2.8.9-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-gson-0:2.8.9-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-hal-console-0:3.2.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-hal-console-0:3.2.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-14.Final_redhat_00015.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.14-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.14-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.13-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "xnio: org.xnio.StreamConnection.notifyReadClosed log to debug instead of stderr"
},
{
"cve": "CVE-2022-23913",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2022-02-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2063601"
}
],
"notes": [
{
"category": "description",
"text": "In Apache ActiveMQ Artemis prior to 2.20.0 or 2.19.1, an attacker could partially disrupt availability (DoS) through uncontrolled resource consumption of memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "artemis-commons: Apache ActiveMQ Artemis DoS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-0:2.9.0-10.redhat_00021.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-cli-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-commons-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-core-client-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-dto-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jdbc-store-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jms-client-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jms-server-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-journal-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-ra-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-selector-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-server-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-service-extensions-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-tools-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-gson-0:2.8.9-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-gson-0:2.8.9-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-hal-console-0:3.2.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-hal-console-0:3.2.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-14.Final_redhat_00015.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.14-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.14-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.13-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-23913"
},
{
"category": "external",
"summary": "RHBZ#2063601",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2063601"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-23913",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23913"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23913",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23913"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/fjynj57rd99s814rdn5hzvmx8lz403q2",
"url": "https://lists.apache.org/thread/fjynj57rd99s814rdn5hzvmx8lz403q2"
}
],
"release_date": "2022-02-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-05-05T00:13:08+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-0:2.9.0-10.redhat_00021.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-cli-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-commons-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-core-client-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-dto-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jdbc-store-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jms-client-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jms-server-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-journal-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-ra-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-selector-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-server-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-service-extensions-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-tools-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-gson-0:2.8.9-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-gson-0:2.8.9-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-hal-console-0:3.2.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-hal-console-0:3.2.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-14.Final_redhat_00015.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.14-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.14-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.13-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:4437"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-0:2.9.0-10.redhat_00021.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-cli-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-commons-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-core-client-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-dto-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jdbc-store-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jms-client-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jms-server-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-journal-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-ra-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-selector-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-server-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-service-extensions-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-tools-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-gson-0:2.8.9-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-gson-0:2.8.9-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-hal-console-0:3.2.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-hal-console-0:3.2.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-14.Final_redhat_00015.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.14-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.14-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.13-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "artemis-commons: Apache ActiveMQ Artemis DoS"
},
{
"cve": "CVE-2022-24785",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2022-04-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2072009"
}
],
"notes": [
{
"category": "description",
"text": "A path traversal vulnerability was found in Moment.js that impacts npm (server) users. This issue occurs if a user-provided locale string is directly used to switch moment locale, which an attacker can exploit to change the correct path to one of their choice. This can result in a loss of integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Moment.js: Path traversal in moment.locale",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In Quay 3.10 and above, no version of affected momentjs is present.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-0:2.9.0-10.redhat_00021.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-cli-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-commons-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-core-client-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-dto-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jdbc-store-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jms-client-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jms-server-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-journal-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-ra-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-selector-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-server-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-service-extensions-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-tools-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-gson-0:2.8.9-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-gson-0:2.8.9-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-hal-console-0:3.2.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-hal-console-0:3.2.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-14.Final_redhat_00015.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.14-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.14-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.13-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-24785"
},
{
"category": "external",
"summary": "RHBZ#2072009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-24785",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24785"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24785",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24785"
},
{
"category": "external",
"summary": "https://github.com/moment/moment/security/advisories/GHSA-8hfj-j24r-96c4",
"url": "https://github.com/moment/moment/security/advisories/GHSA-8hfj-j24r-96c4"
}
],
"release_date": "2022-04-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-05-05T00:13:08+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-0:2.9.0-10.redhat_00021.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-cli-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-commons-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-core-client-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-dto-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jdbc-store-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jms-client-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jms-server-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-journal-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-ra-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-selector-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-server-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-service-extensions-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-tools-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-gson-0:2.8.9-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-gson-0:2.8.9-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-hal-console-0:3.2.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-hal-console-0:3.2.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-14.Final_redhat_00015.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.14-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.14-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.13-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:4437"
},
{
"category": "workaround",
"details": "Sanitize the user-provided locale name before passing it to Moment.js.",
"product_ids": [
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-0:2.9.0-10.redhat_00021.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-cli-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-commons-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-core-client-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-dto-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jdbc-store-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jms-client-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jms-server-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-journal-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-ra-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-selector-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-server-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-service-extensions-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-tools-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-gson-0:2.8.9-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-gson-0:2.8.9-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-hal-console-0:3.2.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-hal-console-0:3.2.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-14.Final_redhat_00015.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.14-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.14-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.13-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-0:2.9.0-10.redhat_00021.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-cli-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-commons-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-core-client-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-dto-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jdbc-store-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jms-client-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jms-server-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-journal-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-ra-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-selector-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-server-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-service-extensions-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-tools-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-gson-0:2.8.9-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-gson-0:2.8.9-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-hal-console-0:3.2.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-hal-console-0:3.2.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-14.Final_redhat_00015.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.14-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.14-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.13-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Moment.js: Path traversal in moment.locale"
},
{
"cve": "CVE-2022-25647",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-05-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2080850"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in gson, which is vulnerable to Deserialization of Untrusted Data via the writeReplace() method in internal classes. This issue may lead to availability attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "com.google.code.gson-gson: Deserialization of Untrusted Data in com.google.code.gson-gson",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-0:2.9.0-10.redhat_00021.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-cli-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-commons-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-core-client-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-dto-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jdbc-store-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jms-client-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jms-server-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-journal-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-ra-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-selector-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-server-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-service-extensions-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-tools-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-gson-0:2.8.9-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-gson-0:2.8.9-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-hal-console-0:3.2.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-hal-console-0:3.2.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-14.Final_redhat_00015.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.14-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.14-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.13-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25647"
},
{
"category": "external",
"summary": "RHBZ#2080850",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2080850"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25647",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25647"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25647",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25647"
}
],
"release_date": "2022-05-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-05-05T00:13:08+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-0:2.9.0-10.redhat_00021.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-cli-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-commons-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-core-client-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-dto-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jdbc-store-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jms-client-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jms-server-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-journal-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-ra-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-selector-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-server-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-service-extensions-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-tools-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-gson-0:2.8.9-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-gson-0:2.8.9-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-hal-console-0:3.2.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-hal-console-0:3.2.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-14.Final_redhat_00015.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.14-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.14-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.13-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:4437"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-0:2.9.0-10.redhat_00021.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-cli-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-commons-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-core-client-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-dto-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jdbc-store-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jms-client-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jms-server-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-journal-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-ra-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-selector-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-server-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-service-extensions-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-tools-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-gson-0:2.8.9-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-gson-0:2.8.9-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-hal-console-0:3.2.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-hal-console-0:3.2.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-14.Final_redhat_00015.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.14-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.14-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.13-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "com.google.code.gson-gson: Deserialization of Untrusted Data in com.google.code.gson-gson"
},
{
"cve": "CVE-2022-25857",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-09-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2126789"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Denial of Service due to missing nested depth limitation for collections",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For RHEL-8 it\u0027s downgraded to moderate because \"snakeyaml\" itself in RHEL 8 or RHEL-9 isn\u0027t shipped and \"prometheus-jmx-exporter\" is needed as build dependency. And it\u0027s not directly exploitable, hence severity marked as moderate.\nRed Hat Integration and AMQ products are not vulnerable to this flaw, so their severity has been lowered to moderate.\nRed Hat Single Sign-On uses snakeyaml from liquibase-core and is only used when performing migrations and would require administrator privileges to execute, hence severity marked as Low.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be present soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-0:2.9.0-10.redhat_00021.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-cli-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-commons-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-core-client-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-dto-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jdbc-store-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jms-client-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jms-server-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-journal-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-ra-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-selector-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-server-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-service-extensions-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-tools-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-gson-0:2.8.9-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-gson-0:2.8.9-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-hal-console-0:3.2.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-hal-console-0:3.2.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-14.Final_redhat_00015.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.14-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.14-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.13-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25857"
},
{
"category": "external",
"summary": "RHBZ#2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25857",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25857"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857"
},
{
"category": "external",
"summary": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525",
"url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525"
}
],
"release_date": "2022-08-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-05-05T00:13:08+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-0:2.9.0-10.redhat_00021.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-cli-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-commons-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-core-client-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-dto-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jdbc-store-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jms-client-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jms-server-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-journal-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-ra-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-selector-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-server-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-service-extensions-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-tools-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-gson-0:2.8.9-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-gson-0:2.8.9-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-hal-console-0:3.2.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-hal-console-0:3.2.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-14.Final_redhat_00015.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.14-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.14-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.13-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:4437"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-0:2.9.0-10.redhat_00021.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-cli-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-commons-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-core-client-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-dto-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jdbc-store-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jms-client-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jms-server-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-journal-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-ra-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-selector-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-server-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-service-extensions-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-tools-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-gson-0:2.8.9-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-gson-0:2.8.9-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-hal-console-0:3.2.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-hal-console-0:3.2.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-14.Final_redhat_00015.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.14-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.14-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.13-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "snakeyaml: Denial of Service due to missing nested depth limitation for collections"
},
{
"cve": "CVE-2022-40149",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-10-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135771"
}
],
"notes": [
{
"category": "description",
"text": "A stack-based buffer overflow vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. This flaw allows an attacker to supply content that causes the parser to crash by writing outside the memory bounds if the parser is running on user-supplied input, resulting in a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: parser crash by stackoverflow",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-0:2.9.0-10.redhat_00021.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-cli-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-commons-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-core-client-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-dto-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jdbc-store-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jms-client-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jms-server-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-journal-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-ra-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-selector-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-server-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-service-extensions-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-tools-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-gson-0:2.8.9-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-gson-0:2.8.9-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-hal-console-0:3.2.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-hal-console-0:3.2.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-14.Final_redhat_00015.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.14-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.14-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.13-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40149"
},
{
"category": "external",
"summary": "RHBZ#2135771",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40149",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40149"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149"
},
{
"category": "external",
"summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1",
"url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1"
}
],
"release_date": "2022-09-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-05-05T00:13:08+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-0:2.9.0-10.redhat_00021.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-cli-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-commons-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-core-client-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-dto-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jdbc-store-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jms-client-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jms-server-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-journal-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-ra-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-selector-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-server-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-service-extensions-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-tools-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-gson-0:2.8.9-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-gson-0:2.8.9-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-hal-console-0:3.2.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-hal-console-0:3.2.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-14.Final_redhat_00015.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.14-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.14-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.13-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:4437"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-0:2.9.0-10.redhat_00021.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-cli-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-commons-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-core-client-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-dto-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jdbc-store-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jms-client-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jms-server-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-journal-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-ra-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-selector-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-server-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-service-extensions-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-tools-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-gson-0:2.8.9-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-gson-0:2.8.9-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-hal-console-0:3.2.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-hal-console-0:3.2.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-14.Final_redhat_00015.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.14-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.14-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.13-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jettison: parser crash by stackoverflow"
},
{
"cve": "CVE-2022-40150",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-10-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135770"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. If the parser is running on user-supplied input, an attacker may supply content that causes the parser to crash, causing memory exhaustion. This effect may support a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: memory exhaustion via user-supplied XML or JSON data",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-0:2.9.0-10.redhat_00021.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-cli-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-commons-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-core-client-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-dto-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jdbc-store-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jms-client-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jms-server-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-journal-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-ra-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-selector-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-server-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-service-extensions-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-tools-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-gson-0:2.8.9-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-gson-0:2.8.9-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-hal-console-0:3.2.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-hal-console-0:3.2.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-14.Final_redhat_00015.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.14-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.14-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.13-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40150"
},
{
"category": "external",
"summary": "RHBZ#2135770",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40150",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40150"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150"
},
{
"category": "external",
"summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1",
"url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1"
}
],
"release_date": "2022-09-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-05-05T00:13:08+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-0:2.9.0-10.redhat_00021.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-cli-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-commons-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-core-client-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-dto-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jdbc-store-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jms-client-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jms-server-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-journal-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-ra-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-selector-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-server-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-service-extensions-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-tools-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-gson-0:2.8.9-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-gson-0:2.8.9-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-hal-console-0:3.2.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-hal-console-0:3.2.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-14.Final_redhat_00015.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.14-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.14-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.13-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:4437"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-0:2.9.0-10.redhat_00021.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-cli-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-commons-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-core-client-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-dto-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jdbc-store-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jms-client-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jms-server-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-journal-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-ra-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-selector-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-server-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-service-extensions-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-tools-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-gson-0:2.8.9-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-gson-0:2.8.9-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-hal-console-0:3.2.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-hal-console-0:3.2.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-14.Final_redhat_00015.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.14-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.14-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.13-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jettison: memory exhaustion via user-supplied XML or JSON data"
},
{
"cve": "CVE-2022-40152",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-10-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2134291"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the FasterXML/woodstox package. This flaw allows an attacker to cause a denial of service (DoS) in its target via XML serialization. An attacker may benefit from the parser sending a malicious input that may cause a crash. This vulnerability is only relevant for users using the DTD parsing functionality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-0:2.9.0-10.redhat_00021.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-cli-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-commons-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-core-client-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-dto-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jdbc-store-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jms-client-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jms-server-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-journal-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-ra-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-selector-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-server-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-service-extensions-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-tools-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-gson-0:2.8.9-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-gson-0:2.8.9-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-hal-console-0:3.2.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-hal-console-0:3.2.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-14.Final_redhat_00015.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.14-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.14-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.13-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40152"
},
{
"category": "external",
"summary": "RHBZ#2134291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134291"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40152",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40152"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40152",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40152"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-3f7h-mf4q-vrm4",
"url": "https://github.com/advisories/GHSA-3f7h-mf4q-vrm4"
}
],
"release_date": "2022-09-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-05-05T00:13:08+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-0:2.9.0-10.redhat_00021.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-cli-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-commons-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-core-client-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-dto-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jdbc-store-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jms-client-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jms-server-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-journal-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-ra-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-selector-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-server-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-service-extensions-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-tools-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-gson-0:2.8.9-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-gson-0:2.8.9-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-hal-console-0:3.2.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-hal-console-0:3.2.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-14.Final_redhat_00015.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.14-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.14-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.13-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:4437"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-0:2.9.0-10.redhat_00021.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-cli-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-commons-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-core-client-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-dto-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jdbc-store-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jms-client-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-jms-server-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-journal-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-ra-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-selector-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-server-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-service-extensions-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-activemq-artemis-tools-0:2.9.0-10.redhat_00021.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-gson-0:2.8.9-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-gson-0:2.8.9-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-hal-console-0:3.2.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-hal-console-0:3.2.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-14.Final_redhat_00015.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-14.Final_redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.14-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.14-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.13-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.13-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3-EUS:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks"
}
]
}
RHSA-2022:6823
Vulnerability from csaf_redhat - Published: 2022-10-05 16:35 - Updated: 2026-04-01 13:13Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.7 Security update
Severity
Important
Notes
Topic: A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.7 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.6, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.7 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* undertow: Large AJP request may cause DoS (CVE-2022-2053)
* undertow: potential security issue in flow control over HTTP/2 may lead to DOS. Incomplete fix for CVE-2021-3629 (CVE-2022-1259)
* snakeyaml: Denial of Service due missing to nested depth limitation for collections. (CVE-2022-25857)
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in Undertow. A potential security issue in flow control handling by the browser over HTTP/2 may cause overhead or a denial of service in the server.
7.5 (High)
Vendor Fix
Before applying this update, ensure all previously released errata relevant to your system have been applied. For details about how to apply this update, see: https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2022:6823
A flaw was found in Undertow. AJP requests to the server may allow an attacker to send a malicious request and trigger server errors, resulting in a denial of service.
7.5 (High)
Vendor Fix
Before applying this update, ensure all previously released errata relevant to your system have been applied. For details about how to apply this update, see: https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2022:6823
A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.
7.5 (High)
Vendor Fix
Before applying this update, ensure all previously released errata relevant to your system have been applied. For details about how to apply this update, see: https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2022:6823
References
| URL | Category | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.7 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.6, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.7 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* undertow: Large AJP request may cause DoS (CVE-2022-2053)\n\n* undertow: potential security issue in flow control over HTTP/2 may lead to DOS. Incomplete fix for CVE-2021-3629 (CVE-2022-1259)\n\n* snakeyaml: Denial of Service due missing to nested depth limitation for collections. (CVE-2022-25857)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:6823",
"url": "https://access.redhat.com/errata/RHSA-2022:6823"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/"
},
{
"category": "external",
"summary": "2072339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072339"
},
{
"category": "external",
"summary": "2095862",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095862"
},
{
"category": "external",
"summary": "2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "JBEAP-23620",
"url": "https://issues.redhat.com/browse/JBEAP-23620"
},
{
"category": "external",
"summary": "JBEAP-23687",
"url": "https://issues.redhat.com/browse/JBEAP-23687"
},
{
"category": "external",
"summary": "JBEAP-23738",
"url": "https://issues.redhat.com/browse/JBEAP-23738"
},
{
"category": "external",
"summary": "JBEAP-23741",
"url": "https://issues.redhat.com/browse/JBEAP-23741"
},
{
"category": "external",
"summary": "JBEAP-23753",
"url": "https://issues.redhat.com/browse/JBEAP-23753"
},
{
"category": "external",
"summary": "JBEAP-23772",
"url": "https://issues.redhat.com/browse/JBEAP-23772"
},
{
"category": "external",
"summary": "JBEAP-23794",
"url": "https://issues.redhat.com/browse/JBEAP-23794"
},
{
"category": "external",
"summary": "JBEAP-23802",
"url": "https://issues.redhat.com/browse/JBEAP-23802"
},
{
"category": "external",
"summary": "JBEAP-23803",
"url": "https://issues.redhat.com/browse/JBEAP-23803"
},
{
"category": "external",
"summary": "JBEAP-23805",
"url": "https://issues.redhat.com/browse/JBEAP-23805"
},
{
"category": "external",
"summary": "JBEAP-23816",
"url": "https://issues.redhat.com/browse/JBEAP-23816"
},
{
"category": "external",
"summary": "JBEAP-23818",
"url": "https://issues.redhat.com/browse/JBEAP-23818"
},
{
"category": "external",
"summary": "JBEAP-23869",
"url": "https://issues.redhat.com/browse/JBEAP-23869"
},
{
"category": "external",
"summary": "JBEAP-23881",
"url": "https://issues.redhat.com/browse/JBEAP-23881"
},
{
"category": "external",
"summary": "JBEAP-23912",
"url": "https://issues.redhat.com/browse/JBEAP-23912"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_6823.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.7 Security update",
"tracking": {
"current_release_date": "2026-04-01T13:13:47+00:00",
"generator": {
"date": "2026-04-01T13:13:47+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.4"
}
},
"id": "RHSA-2022:6823",
"initial_release_date": "2022-10-05T16:35:58+00:00",
"revision_history": [
{
"date": "2022-10-05T16:35:58+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-10-05T16:35:58+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-01T13:13:47+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 7.4 for RHEL 9",
"product": {
"name": "Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el9eap.src",
"product_id": "eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-glassfish-jsf@2.3.14-5.SP06_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-wildfly-http-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.src",
"product_id": "eap7-wildfly-http-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-client@1.1.13-1.SP1_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy@3.15.4-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.14-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-vfs@3.2.17-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate@5.3.28-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.3.14-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el9eap.src",
"product_id": "eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.2.19-1.SP2_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el9eap.src",
"product_id": "eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.5.3-3.SP2_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el9eap.src",
"product": {
"name": "eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el9eap.src",
"product_id": "eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis@2.16.0-10.redhat_00045.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.45-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow-jastow@2.0.11-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-tcnative@2.0.52-3.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport-native-epoll@4.1.77-3.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty@4.1.77-3.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el9eap.src",
"product": {
"name": "eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el9eap.src",
"product_id": "eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.7-3.GA_redhat_00003.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el9eap.src",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el9eap.src",
"product_id": "eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-20.Final_redhat_00019.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el9eap.src",
"product_id": "eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-snakeyaml@1.31.0-1.redhat_00001.1.el9eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-glassfish-jsf@2.3.14-5.SP06_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-client-common-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-http-client-common-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-wildfly-http-client-common-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-client-common@1.1.13-1.SP1_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-ejb-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-http-ejb-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-wildfly-http-ejb-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-ejb-client@1.1.13-1.SP1_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-naming-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-http-naming-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-wildfly-http-naming-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-naming-client@1.1.13-1.SP1_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-transaction-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-http-transaction-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-wildfly-http-transaction-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-transaction-client@1.1.13-1.SP1_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy@3.15.4-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-atom-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-resteasy-atom-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-resteasy-atom-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-atom-provider@3.15.4-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-cdi-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-resteasy-cdi-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-resteasy-cdi-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-cdi@3.15.4-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-client-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-resteasy-client-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-resteasy-client-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-client@3.15.4-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-crypto-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-resteasy-crypto-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-resteasy-crypto-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-crypto@3.15.4-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jackson-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-resteasy-jackson-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-resteasy-jackson-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jackson-provider@3.15.4-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jackson2-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-resteasy-jackson2-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-resteasy-jackson2-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jackson2-provider@3.15.4-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jaxb-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-resteasy-jaxb-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-resteasy-jaxb-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jaxb-provider@3.15.4-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jaxrs-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-resteasy-jaxrs-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-resteasy-jaxrs-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jaxrs@3.15.4-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jettison-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-resteasy-jettison-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-resteasy-jettison-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jettison-provider@3.15.4-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jose-jwt-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-resteasy-jose-jwt-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-resteasy-jose-jwt-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jose-jwt@3.15.4-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jsapi-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-resteasy-jsapi-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-resteasy-jsapi-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jsapi@3.15.4-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-json-binding-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-resteasy-json-binding-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-resteasy-json-binding-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-json-binding-provider@3.15.4-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-json-p-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-resteasy-json-p-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-resteasy-json-p-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-json-p-provider@3.15.4-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-multipart-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-resteasy-multipart-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-resteasy-multipart-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-multipart-provider@3.15.4-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-rxjava2-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-resteasy-rxjava2-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-resteasy-rxjava2-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-rxjava2@3.15.4-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-spring-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-resteasy-spring-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-resteasy-spring-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-spring@3.15.4-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-validator-provider-11-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-resteasy-validator-provider-11-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-resteasy-validator-provider-11-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-validator-provider-11@3.15.4-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-yaml-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-resteasy-yaml-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-resteasy-yaml-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-yaml-provider@3.15.4-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.14-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-tool-0:1.15.14-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-tool-0:1.15.14-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-wildfly-elytron-tool-0:1.15.14-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron-tool@1.15.14-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-vfs@3.2.17-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate@5.3.28-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-core-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-hibernate-core-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-hibernate-core-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-core@5.3.28-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-envers-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-hibernate-envers-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-hibernate-envers-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-envers@5.3.28-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.3.14-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.2.19-1.SP2_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.5.3-3.SP2_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-api-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-api-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-common-api-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-api@1.5.3-3.SP2_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-impl-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-impl-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-common-impl-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-impl@1.5.3-3.SP2_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-spi-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-spi-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-common-spi-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-spi@1.5.3-3.SP2_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-api-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-api-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-core-api-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-api@1.5.3-3.SP2_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-impl-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-impl-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-core-impl-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-impl@1.5.3-3.SP2_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-deployers-common-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-deployers-common-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-deployers-common-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-deployers-common@1.5.3-3.SP2_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-jdbc-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-jdbc-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-jdbc-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-jdbc@1.5.3-3.SP2_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-validator-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-validator-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-validator-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-validator@1.5.3-3.SP2_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis@2.16.0-10.redhat_00045.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-cli-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-cli-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-cli-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-cli@2.16.0-10.redhat_00045.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-commons-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-commons-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-commons-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-commons@2.16.0-10.redhat_00045.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-core-client-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-core-client-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-core-client-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-core-client@2.16.0-10.redhat_00045.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-dto-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-dto-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-dto-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-dto@2.16.0-10.redhat_00045.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-hornetq-protocol@2.16.0-10.redhat_00045.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-hqclient-protocol@2.16.0-10.redhat_00045.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jdbc-store-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jdbc-store-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-jdbc-store-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jdbc-store@2.16.0-10.redhat_00045.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jms-client-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jms-client-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-jms-client-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-client@2.16.0-10.redhat_00045.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jms-server-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jms-server-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-jms-server-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-server@2.16.0-10.redhat_00045.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-journal-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-journal-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-journal-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-journal@2.16.0-10.redhat_00045.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-ra-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-ra-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-ra-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-ra@2.16.0-10.redhat_00045.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-selector-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-selector-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-selector-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-selector@2.16.0-10.redhat_00045.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-server-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-server-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-server-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-server@2.16.0-10.redhat_00045.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-service-extensions-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-service-extensions-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-service-extensions-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-service-extensions@2.16.0-10.redhat_00045.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-tools-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-tools-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-tools-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-tools@2.16.0-10.redhat_00045.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.45-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow-jastow@2.0.11-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-tcnative@2.0.52-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty@4.1.77-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-buffer-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-buffer-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-buffer-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-buffer@4.1.77-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-codec-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-codec-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec@4.1.77-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-dns-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-codec-dns-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-codec-dns-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-dns@4.1.77-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-haproxy-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-codec-haproxy-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-codec-haproxy-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-haproxy@4.1.77-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-http-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-codec-http-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-codec-http-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-http@4.1.77-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-http2-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-codec-http2-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-codec-http2-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-http2@4.1.77-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-memcache-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-codec-memcache-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-codec-memcache-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-memcache@4.1.77-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-mqtt-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-codec-mqtt-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-codec-mqtt-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-mqtt@4.1.77-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-redis-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-codec-redis-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-codec-redis-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-redis@4.1.77-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-smtp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-codec-smtp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-codec-smtp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-smtp@4.1.77-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-socks-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-codec-socks-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-codec-socks-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-socks@4.1.77-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-stomp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-codec-stomp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-codec-stomp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-stomp@4.1.77-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-xml-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-codec-xml-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-codec-xml-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-xml@4.1.77-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-common-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-common-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-common-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-common@4.1.77-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-handler-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-handler-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-handler-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-handler@4.1.77-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-handler-proxy-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-handler-proxy-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-handler-proxy-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-handler-proxy@4.1.77-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-resolver-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-resolver-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-resolver-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-resolver@4.1.77-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-resolver-dns-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-resolver-dns-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-resolver-dns-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-resolver-dns@4.1.77-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-resolver-dns-classes-macos-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-resolver-dns-classes-macos-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-resolver-dns-classes-macos-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-resolver-dns-classes-macos@4.1.77-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-transport-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-transport-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-transport-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport@4.1.77-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-transport-classes-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-transport-classes-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-transport-classes-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport-classes-epoll@4.1.77-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-transport-classes-kqueue-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-transport-classes-kqueue-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-transport-classes-kqueue-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport-classes-kqueue@4.1.77-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-transport-native-unix-common-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-transport-native-unix-common-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-transport-native-unix-common-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport-native-unix-common@4.1.77-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-transport-rxtx-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-transport-rxtx-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-transport-rxtx-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport-rxtx@4.1.77-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-transport-sctp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-transport-sctp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-transport-sctp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport-sctp@4.1.77-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-transport-udt-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-transport-udt-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-transport-udt-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport-udt@4.1.77-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch",
"product_id": "eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.7-3.GA_redhat_00003.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-javadocs-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch",
"product_id": "eap7-wildfly-javadocs-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.4.7-3.GA_redhat_00003.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-modules-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-modules-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch",
"product_id": "eap7-wildfly-modules-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.4.7-3.GA_redhat_00003.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"product_id": "eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-20.Final_redhat_00019.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-cli-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"product_id": "eap7-jboss-server-migration-cli-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.10.0-20.Final_redhat_00019.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-core-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"product_id": "eap7-jboss-server-migration-core-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.10.0-20.Final_redhat_00019.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-snakeyaml@1.31.0-1.redhat_00001.1.el9eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.x86_64",
"product": {
"name": "eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.x86_64",
"product_id": "eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport-native-epoll@4.1.77-3.Final_redhat_00001.1.el9eap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-transport-native-epoll-debuginfo-0:4.1.77-3.Final_redhat_00001.1.el9eap.x86_64",
"product": {
"name": "eap7-netty-transport-native-epoll-debuginfo-0:4.1.77-3.Final_redhat_00001.1.el9eap.x86_64",
"product_id": "eap7-netty-transport-native-epoll-debuginfo-0:4.1.77-3.Final_redhat_00001.1.el9eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport-native-epoll-debuginfo@4.1.77-3.Final_redhat_00001.1.el9eap?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el9eap.src"
},
"product_reference": "eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-cli-0:2.16.0-10.redhat_00045.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-10.redhat_00045.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-cli-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-commons-0:2.16.0-10.redhat_00045.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-10.redhat_00045.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-commons-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-core-client-0:2.16.0-10.redhat_00045.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-10.redhat_00045.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-core-client-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-dto-0:2.16.0-10.redhat_00045.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-10.redhat_00045.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-dto-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-10.redhat_00045.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-10.redhat_00045.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-10.redhat_00045.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-10.redhat_00045.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jdbc-store-0:2.16.0-10.redhat_00045.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-10.redhat_00045.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jdbc-store-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jms-client-0:2.16.0-10.redhat_00045.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-10.redhat_00045.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jms-client-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jms-server-0:2.16.0-10.redhat_00045.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-10.redhat_00045.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jms-server-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-journal-0:2.16.0-10.redhat_00045.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-10.redhat_00045.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-journal-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-ra-0:2.16.0-10.redhat_00045.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-10.redhat_00045.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-ra-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-selector-0:2.16.0-10.redhat_00045.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-10.redhat_00045.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-selector-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-server-0:2.16.0-10.redhat_00045.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-10.redhat_00045.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-server-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-service-extensions-0:2.16.0-10.redhat_00045.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-10.redhat_00045.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-service-extensions-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-tools-0:2.16.0-10.redhat_00045.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-10.redhat_00045.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-tools-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-core-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-hibernate-core-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-envers-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-hibernate-envers-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-api-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-api-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-impl-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-impl-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-spi-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-spi-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-api-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-api-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-impl-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-impl-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-deployers-common-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-deployers-common-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-jdbc-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-jdbc-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-validator-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-validator-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el9eap.src"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-cli-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-core-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-buffer-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-buffer-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-codec-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-dns-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-codec-dns-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-haproxy-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-codec-haproxy-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-http-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-codec-http-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-http2-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-codec-http2-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-memcache-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-codec-memcache-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-mqtt-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-codec-mqtt-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-redis-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-codec-redis-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-smtp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-codec-smtp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-socks-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-codec-socks-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-stomp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-codec-stomp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-xml-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-codec-xml-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-common-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-common-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-handler-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-handler-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-handler-proxy-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-handler-proxy-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-resolver-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-resolver-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-resolver-dns-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-resolver-dns-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-resolver-dns-classes-macos-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-resolver-dns-classes-macos-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-transport-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-classes-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-transport-classes-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-classes-kqueue-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-transport-classes-kqueue-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.x86_64"
},
"product_reference": "eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.x86_64",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-native-epoll-debuginfo-0:4.1.77-3.Final_redhat_00001.1.el9eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.77-3.Final_redhat_00001.1.el9eap.x86_64"
},
"product_reference": "eap7-netty-transport-native-epoll-debuginfo-0:4.1.77-3.Final_redhat_00001.1.el9eap.x86_64",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-native-unix-common-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-transport-native-unix-common-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-rxtx-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-transport-rxtx-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-sctp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-transport-sctp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-udt-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-transport-udt-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-atom-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-resteasy-atom-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-cdi-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-resteasy-cdi-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-client-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-resteasy-client-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-crypto-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-resteasy-crypto-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jackson-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-resteasy-jackson-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jackson2-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-resteasy-jackson2-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jaxb-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-resteasy-jaxb-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jaxrs-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-resteasy-jaxrs-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jettison-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-resteasy-jettison-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jose-jwt-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-resteasy-jose-jwt-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jsapi-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-resteasy-jsapi-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-json-binding-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-resteasy-json-binding-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-json-p-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-resteasy-json-p-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-multipart-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-resteasy-multipart-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-rxjava2-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-resteasy-rxjava2-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-spring-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-resteasy-spring-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-validator-provider-11-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-resteasy-validator-provider-11-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-yaml-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-resteasy-yaml-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el9eap.src"
},
"product_reference": "eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-tool-0:1.15.14-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.14-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-tool-0:1.15.14-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-wildfly-http-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-client-common-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-http-client-common-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-ejb-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-http-ejb-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-naming-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-http-naming-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-transaction-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-http-transaction-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-javadocs-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-modules-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-modules-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-1259",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2022-04-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-common-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.77-3.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2072339"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Undertow. A potential security issue in flow control handling by the browser over HTTP/2 may cause overhead or a denial of service in the server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: potential security issue in flow control over HTTP/2 may lead to DOS(incomplete fix for CVE-2021-3629)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw occurs because of an incomplete fix for CVE-2021-3629.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-common-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.77-3.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-1259"
},
{
"category": "external",
"summary": "RHBZ#2072339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072339"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-1259",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1259"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1259",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1259"
}
],
"release_date": "2022-04-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-05T16:35:58+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied. For details about how to apply this update, see: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6823"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-common-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.77-3.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undertow: potential security issue in flow control over HTTP/2 may lead to DOS(incomplete fix for CVE-2021-3629)"
},
{
"cve": "CVE-2022-2053",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2022-06-10T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-common-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.77-3.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2095862"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Undertow. AJP requests to the server may allow an attacker to send a malicious request and trigger server errors, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: Large AJP request may cause DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Fuse 7 is now in Maintenance Support Phase and is marked Fixed. However, Red Hat Fuse Online does not contain the fix for this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-common-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.77-3.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-2053"
},
{
"category": "external",
"summary": "RHBZ#2095862",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095862"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-2053",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2053"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-2053",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2053"
}
],
"release_date": "2022-06-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-05T16:35:58+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied. For details about how to apply this update, see: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6823"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-common-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.77-3.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undertow: Large AJP request may cause DoS"
},
{
"cve": "CVE-2022-25857",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-09-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-common-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.77-3.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2126789"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Denial of Service due to missing nested depth limitation for collections",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For RHEL-8 it\u0027s downgraded to moderate because \"snakeyaml\" itself in RHEL 8 or RHEL-9 isn\u0027t shipped and \"prometheus-jmx-exporter\" is needed as build dependency. And it\u0027s not directly exploitable, hence severity marked as moderate.\nRed Hat Integration and AMQ products are not vulnerable to this flaw, so their severity has been lowered to moderate.\nRed Hat Single Sign-On uses snakeyaml from liquibase-core and is only used when performing migrations and would require administrator privileges to execute, hence severity marked as Low.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be present soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-common-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.77-3.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25857"
},
{
"category": "external",
"summary": "RHBZ#2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25857",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25857"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857"
},
{
"category": "external",
"summary": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525",
"url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525"
}
],
"release_date": "2022-08-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-05T16:35:58+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied. For details about how to apply this update, see: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6823"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-common-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.77-3.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "snakeyaml: Denial of Service due to missing nested depth limitation for collections"
}
]
}
RHSA-2022_6825
Vulnerability from csaf_redhat - Published: 2022-10-05 16:46 - Updated: 2024-12-16 16:05Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.7 Security update
Severity
Important
Notes
Topic: A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.7 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.6, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.7 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* undertow: Large AJP request may cause DoS (CVE-2022-2053)
* undertow: potential security issue in flow control over HTTP/2 may lead to DOS. Incomplete fix for CVE-2021-3629 (CVE-2022-1259)
* snakeyaml: Denial of Service due missing to nested depth limitation for collections. (CVE-2022-25857)
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in Undertow. A potential security issue in flow control handling by the browser over HTTP/2 may cause overhead or a denial of service in the server.
7.5 (High)
Vendor Fix
Before applying this update, ensure all previously released errata relevant to your system have been applied. For details about how to apply this update, see: https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2022:6825
A flaw was found in Undertow. AJP requests to the server may allow an attacker to send a malicious request and trigger server errors, resulting in a denial of service.
7.5 (High)
Vendor Fix
Before applying this update, ensure all previously released errata relevant to your system have been applied. For details about how to apply this update, see: https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2022:6825
A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.
7.5 (High)
Vendor Fix
Before applying this update, ensure all previously released errata relevant to your system have been applied. For details about how to apply this update, see: https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2022:6825
References
| URL | Category | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.7 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.6, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.7 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* undertow: Large AJP request may cause DoS (CVE-2022-2053)\n\n* undertow: potential security issue in flow control over HTTP/2 may lead to DOS. Incomplete fix for CVE-2021-3629 (CVE-2022-1259)\n\n* snakeyaml: Denial of Service due missing to nested depth limitation for collections. (CVE-2022-25857)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:6825",
"url": "https://access.redhat.com/errata/RHSA-2022:6825"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/"
},
{
"category": "external",
"summary": "2072339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072339"
},
{
"category": "external",
"summary": "2095862",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095862"
},
{
"category": "external",
"summary": "2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "JBEAP-23687",
"url": "https://issues.redhat.com/browse/JBEAP-23687"
},
{
"category": "external",
"summary": "JBEAP-23738",
"url": "https://issues.redhat.com/browse/JBEAP-23738"
},
{
"category": "external",
"summary": "JBEAP-23741",
"url": "https://issues.redhat.com/browse/JBEAP-23741"
},
{
"category": "external",
"summary": "JBEAP-23753",
"url": "https://issues.redhat.com/browse/JBEAP-23753"
},
{
"category": "external",
"summary": "JBEAP-23772",
"url": "https://issues.redhat.com/browse/JBEAP-23772"
},
{
"category": "external",
"summary": "JBEAP-23794",
"url": "https://issues.redhat.com/browse/JBEAP-23794"
},
{
"category": "external",
"summary": "JBEAP-23802",
"url": "https://issues.redhat.com/browse/JBEAP-23802"
},
{
"category": "external",
"summary": "JBEAP-23803",
"url": "https://issues.redhat.com/browse/JBEAP-23803"
},
{
"category": "external",
"summary": "JBEAP-23805",
"url": "https://issues.redhat.com/browse/JBEAP-23805"
},
{
"category": "external",
"summary": "JBEAP-23816",
"url": "https://issues.redhat.com/browse/JBEAP-23816"
},
{
"category": "external",
"summary": "JBEAP-23818",
"url": "https://issues.redhat.com/browse/JBEAP-23818"
},
{
"category": "external",
"summary": "JBEAP-23869",
"url": "https://issues.redhat.com/browse/JBEAP-23869"
},
{
"category": "external",
"summary": "JBEAP-23881",
"url": "https://issues.redhat.com/browse/JBEAP-23881"
},
{
"category": "external",
"summary": "JBEAP-23912",
"url": "https://issues.redhat.com/browse/JBEAP-23912"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_6825.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.7 Security update",
"tracking": {
"current_release_date": "2024-12-16T16:05:09+00:00",
"generator": {
"date": "2024-12-16T16:05:09+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2022:6825",
"initial_release_date": "2022-10-05T16:46:28+00:00",
"revision_history": [
{
"date": "2022-10-05T16:46:28+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-10-05T16:46:28+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-16T16:05:09+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 7",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 7",
"product_id": "Red Hat JBoss Enterprise Application Platform 7",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-1259",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2022-04-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2072339"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Undertow. A potential security issue in flow control handling by the browser over HTTP/2 may cause overhead or a denial of service in the server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: potential security issue in flow control over HTTP/2 may lead to DOS(incomplete fix for CVE-2021-3629)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw occurs because of an incomplete fix for CVE-2021-3629.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-1259"
},
{
"category": "external",
"summary": "RHBZ#2072339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072339"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-1259",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1259"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1259",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1259"
}
],
"release_date": "2022-04-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-05T16:46:28+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied. For details about how to apply this update, see: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6825"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undertow: potential security issue in flow control over HTTP/2 may lead to DOS(incomplete fix for CVE-2021-3629)"
},
{
"cve": "CVE-2022-2053",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2022-06-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2095862"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Undertow. AJP requests to the server may allow an attacker to send a malicious request and trigger server errors, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: Large AJP request may cause DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Fuse 7 is now in Maintenance Support Phase and is marked Fixed. However, Red Hat Fuse Online does not contain the fix for this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-2053"
},
{
"category": "external",
"summary": "RHBZ#2095862",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095862"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-2053",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2053"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-2053",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2053"
}
],
"release_date": "2022-06-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-05T16:46:28+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied. For details about how to apply this update, see: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6825"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undertow: Large AJP request may cause DoS"
},
{
"cve": "CVE-2022-25857",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-09-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2126789"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Denial of Service due to missing nested depth limitation for collections",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For RHEL-8 it\u0027s downgraded to moderate because \"snakeyaml\" itself in RHEL 8 or RHEL-9 isn\u0027t shipped and \"prometheus-jmx-exporter\" is needed as build dependency. And it\u0027s not directly exploitable, hence severity marked as moderate.\nRed Hat Integration and AMQ products are not vulnerable to this flaw, so their severity has been lowered to moderate.\nRed Hat Single Sign-On uses snakeyaml from liquibase-core and is only used when performing migrations and would require administrator privileges to execute, hence severity marked as Low.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be present soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25857"
},
{
"category": "external",
"summary": "RHBZ#2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25857",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25857"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857"
},
{
"category": "external",
"summary": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525",
"url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525"
}
],
"release_date": "2022-08-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-05T16:46:28+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied. For details about how to apply this update, see: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6825"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "snakeyaml: Denial of Service due to missing nested depth limitation for collections"
}
]
}
RHSA-2023:6172
Vulnerability from csaf_redhat - Published: 2023-10-30 11:24 - Updated: 2026-04-01 18:48Summary
Red Hat Security Advisory: Red Hat Product OCP Tools 4.12 Openshift Jenkins security update
Severity
Critical
Notes
Topic: An update for Openshift Jenkins is now available for Red Hat Product OCP Tools 4.12.
Red Hat Product Security has rated this update as having a security impact of important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron.
Security Fix(es):
CVE-2023-27904 jenkins: Information disclosure through error stack traces related to agents
CVE-2023-27903 jenkins: Temporary file parameter created with insecure permissions
CVE-2023-25762 jenkins-2-plugins: jenkins-2-plugins/pipeline-build-step: Stored XSS vulnerability in Pipeline: Build Step Plugin
CVE-2023-25761 jenkins-2-plugins: jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin
CVE-2022-25857 jenkins-2-plugins: snakeyaml: Denial of Service due to missing nested depth limitation for collections
CVE-2022-42889 jenkins-2-plugins: apache-commons-text: variable interpolation RCE
CVE-2020-7692 jenkins-2-plugins: google-oauth-client: missing PKCE support in accordance with the RFC for OAuth 2.0 for Native Apps can lead to improper authorization
CVE-2023-24422 jenkins-2-plugins: jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin
CVE-2023-25761 jenkins-2-plugins: jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin
CVE-2023-25762 jenkins-2-plugins: jenkins-2-plugins/pipeline-build-step: Stored XSS vulnerability in Pipeline: Build Step Plugin
CVE-2022-42889 jenkins-2-plugins: apache-commons-text: variable interpolation RCE
CVE-2022-29599 jenkins-2-plugins: maven-shared-utils: Command injection via Commandline class
CVE-2023-39325 openshift-jenkins-2-container: golang: net/http, x/net/http2: rapid stream resets can cause excessive work
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
PKCE support is not implemented in accordance with the RFC for OAuth 2.0 for Native Apps. Without the use of PKCE, the authorization code returned by an authorization server is not enough to guarantee that the client that issued the initial authorization request is the one that will be authorized. An attacker is able to obtain the authorization code using a malicious app on the client-side and use it to gain authorization to the protected resource. This affects the package com.google.oauth-client:google-oauth-client before 1.31.0.
7.4 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:6172
A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:6172
A flaw was found in the maven-shared-utils package. This issue allows a Command Injection due to improper escaping, allowing a shell injection attack.
9.8 (Critical)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:6172
A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code execution (RCE) and unintentional contact with untrusted remote servers.
9.8 (Critical)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:6172
Workaround
This flaw may be avoided by ensuring that any external inputs used with the Commons-Text lookup methods are sanitized properly. Untrusted input should always be thoroughly sanitized before using in any potentially risky situations.
A flaw was found in the script-security Jenkins Plugin. In affected versions of the script-security plugin, property assignments performed implicitly by the Groovy language runtime when invoking map constructors were not intercepted by the sandbox. This vulnerability allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM.
8.8 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:6172
A flaw was found in the Jenkins JUnit plugin. The affected versions of the JUnit Plugin do not escape test case class names in JavaScript expressions, resulting in a stored cross-site scripting (XSS) vulnerability. This may allow an attacker to control test case class names in the JUnit resources processed by the plugin.
5.4 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:6172
A flaw was found in the Jenkins pipeline-build-step plugin. Affected versions of the pipeline-build-step plugin do not escape job names in a JavaScript expression used in the Pipeline Snippet Generator. This can result in a stored cross-site scripting (XSS) vulnerability that may allow attackers to control job names.
5.4 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:6172
A flaw was found in Jenkins. When triggering a build from the Jenkins CLI, Jenkins creates a temporary file on the controller if a file parameter is provided through the CLI’s standard input. Affected versions of Jenkins create this temporary file in the default temporary directory with the default permissions for newly created files. If these permissions are overly permissive, they may allow attackers with access to the Jenkins controller file system to read and write the file before it is used in the build.
4.4 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:6172
A flaw was found in Jenkins. The affected version of Jenkins prints an error stack trace on agent-related pages when agent connections are broken. This stack trace may contain information about Jenkins configuration that is otherwise inaccessible to attackers.
5.3 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:6172
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:6172
Workaround
The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.
References
| URL | Category | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for Openshift Jenkins is now available for Red Hat Product OCP Tools 4.12.\nRed Hat Product Security has rated this update as having a security impact of important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron.\n\nSecurity Fix(es):\n\nCVE-2023-27904 jenkins: Information disclosure through error stack traces related to agents\nCVE-2023-27903 jenkins: Temporary file parameter created with insecure permissions\nCVE-2023-25762 jenkins-2-plugins: jenkins-2-plugins/pipeline-build-step: Stored XSS vulnerability in Pipeline: Build Step Plugin\nCVE-2023-25761 jenkins-2-plugins: jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin\nCVE-2022-25857 jenkins-2-plugins: snakeyaml: Denial of Service due to missing nested depth limitation for collections \nCVE-2022-42889 jenkins-2-plugins: apache-commons-text: variable interpolation RCE\nCVE-2020-7692 jenkins-2-plugins: google-oauth-client: missing PKCE support in accordance with the RFC for OAuth 2.0 for Native Apps can lead to improper authorization\nCVE-2023-24422 jenkins-2-plugins: jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin\nCVE-2023-25761 jenkins-2-plugins: jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin\nCVE-2023-25762 jenkins-2-plugins: jenkins-2-plugins/pipeline-build-step: Stored XSS vulnerability in Pipeline: Build Step Plugin\nCVE-2022-42889 jenkins-2-plugins: apache-commons-text: variable interpolation RCE\nCVE-2022-29599 jenkins-2-plugins: maven-shared-utils: Command injection via Commandline class\nCVE-2023-39325 openshift-jenkins-2-container: golang: net/http, x/net/http2: rapid stream resets can cause excessive work\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:6172",
"url": "https://access.redhat.com/errata/RHSA-2023:6172"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "2136374",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136374"
},
{
"category": "external",
"summary": "2136386",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136386"
},
{
"category": "external",
"summary": "2136388",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136388"
},
{
"category": "external",
"summary": "2145194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_6172.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Product OCP Tools 4.12 Openshift Jenkins security update",
"tracking": {
"current_release_date": "2026-04-01T18:48:54+00:00",
"generator": {
"date": "2026-04-01T18:48:54+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.4"
}
},
"id": "RHSA-2023:6172",
"initial_release_date": "2023-10-30T11:24:00+00:00",
"revision_history": [
{
"date": "2023-10-30T11:24:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-10-30T11:24:00+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-01T18:48:54+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenShift Developer Tools and Services for OCP 4.12",
"product": {
"name": "OpenShift Developer Tools and Services for OCP 4.12",
"product_id": "8Base-OCP-Tools-4.12",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ocp_tools:4.12::el8"
}
}
}
],
"category": "product_family",
"name": "OpenShift Jenkins"
},
{
"branches": [
{
"category": "product_version",
"name": "jenkins-0:2.414.3.1698293911-3.el8.src",
"product": {
"name": "jenkins-0:2.414.3.1698293911-3.el8.src",
"product_id": "jenkins-0:2.414.3.1698293911-3.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins@2.414.3.1698293911-3.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "jenkins-2-plugins-0:4.12.1698294000-1.el8.src",
"product": {
"name": "jenkins-2-plugins-0:4.12.1698294000-1.el8.src",
"product_id": "jenkins-2-plugins-0:4.12.1698294000-1.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins-2-plugins@4.12.1698294000-1.el8?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "jenkins-0:2.414.3.1698293911-3.el8.noarch",
"product": {
"name": "jenkins-0:2.414.3.1698293911-3.el8.noarch",
"product_id": "jenkins-0:2.414.3.1698293911-3.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins@2.414.3.1698293911-3.el8?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jenkins-2-plugins-0:4.12.1698294000-1.el8.noarch",
"product": {
"name": "jenkins-2-plugins-0:4.12.1698294000-1.el8.noarch",
"product_id": "jenkins-2-plugins-0:4.12.1698294000-1.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins-2-plugins@4.12.1698294000-1.el8?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-0:2.414.3.1698293911-3.el8.noarch as a component of OpenShift Developer Tools and Services for OCP 4.12",
"product_id": "8Base-OCP-Tools-4.12:jenkins-0:2.414.3.1698293911-3.el8.noarch"
},
"product_reference": "jenkins-0:2.414.3.1698293911-3.el8.noarch",
"relates_to_product_reference": "8Base-OCP-Tools-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-0:2.414.3.1698293911-3.el8.src as a component of OpenShift Developer Tools and Services for OCP 4.12",
"product_id": "8Base-OCP-Tools-4.12:jenkins-0:2.414.3.1698293911-3.el8.src"
},
"product_reference": "jenkins-0:2.414.3.1698293911-3.el8.src",
"relates_to_product_reference": "8Base-OCP-Tools-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-2-plugins-0:4.12.1698294000-1.el8.noarch as a component of OpenShift Developer Tools and Services for OCP 4.12",
"product_id": "8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1698294000-1.el8.noarch"
},
"product_reference": "jenkins-2-plugins-0:4.12.1698294000-1.el8.noarch",
"relates_to_product_reference": "8Base-OCP-Tools-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-2-plugins-0:4.12.1698294000-1.el8.src as a component of OpenShift Developer Tools and Services for OCP 4.12",
"product_id": "8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1698294000-1.el8.src"
},
"product_reference": "jenkins-2-plugins-0:4.12.1698294000-1.el8.src",
"relates_to_product_reference": "8Base-OCP-Tools-4.12"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-7692",
"cwe": {
"id": "CWE-306",
"name": "Missing Authentication for Critical Function"
},
"discovery_date": "2020-07-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-0:2.414.3.1698293911-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.414.3.1698293911-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1856376"
}
],
"notes": [
{
"category": "description",
"text": "PKCE support is not implemented in accordance with the RFC for OAuth 2.0 for Native Apps. Without the use of PKCE, the authorization code returned by an authorization server is not enough to guarantee that the client that issued the initial authorization request is the one that will be authorized. An attacker is able to obtain the authorization code using a malicious app on the client-side and use it to gain authorization to the protected resource. This affects the package com.google.oauth-client:google-oauth-client before 1.31.0.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "google-oauth-client: missing PKCE support in accordance with the RFC for OAuth 2.0 for Native Apps can lead to improper authorization",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1698294000-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1698294000-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.12:jenkins-0:2.414.3.1698293911-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.414.3.1698293911-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-7692"
},
{
"category": "external",
"summary": "RHBZ#1856376",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1856376"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-7692",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7692"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-7692",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7692"
}
],
"release_date": "2020-07-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-30T11:24:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1698294000-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1698294000-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6172"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.12:jenkins-0:2.414.3.1698293911-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.414.3.1698293911-3.el8.src",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1698294000-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1698294000-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "google-oauth-client: missing PKCE support in accordance with the RFC for OAuth 2.0 for Native Apps can lead to improper authorization"
},
{
"cve": "CVE-2022-25857",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-09-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-0:2.414.3.1698293911-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.414.3.1698293911-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2126789"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Denial of Service due to missing nested depth limitation for collections",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For RHEL-8 it\u0027s downgraded to moderate because \"snakeyaml\" itself in RHEL 8 or RHEL-9 isn\u0027t shipped and \"prometheus-jmx-exporter\" is needed as build dependency. And it\u0027s not directly exploitable, hence severity marked as moderate.\nRed Hat Integration and AMQ products are not vulnerable to this flaw, so their severity has been lowered to moderate.\nRed Hat Single Sign-On uses snakeyaml from liquibase-core and is only used when performing migrations and would require administrator privileges to execute, hence severity marked as Low.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be present soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1698294000-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1698294000-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.12:jenkins-0:2.414.3.1698293911-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.414.3.1698293911-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25857"
},
{
"category": "external",
"summary": "RHBZ#2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25857",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25857"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857"
},
{
"category": "external",
"summary": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525",
"url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525"
}
],
"release_date": "2022-08-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-30T11:24:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1698294000-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1698294000-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6172"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.12:jenkins-0:2.414.3.1698293911-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.414.3.1698293911-3.el8.src",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1698294000-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1698294000-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "snakeyaml: Denial of Service due to missing nested depth limitation for collections"
},
{
"cve": "CVE-2022-29599",
"cwe": {
"id": "CWE-77",
"name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
},
"discovery_date": "2022-03-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-0:2.414.3.1698293911-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.414.3.1698293911-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2066479"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the maven-shared-utils package. This issue allows a Command Injection due to improper escaping, allowing a shell injection attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "maven-shared-utils: Command injection via Commandline class",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite ships Candlepin component, which uses the Tomcatjss module from the RHEL AppStream repository. In turn, Tomcatjss relies on Maven, which itself depends on affected Apache Maven Shared Utils. Due to the fact that Satellite does not directly use Apache Maven Shared Utils, or expose it in its code, it is considered not affected by the flaw. Satellite customers can resolve the security warning by updating to the fixed Apache Maven Shared Utils through the updated Maven module, which is available in the RHEL 8 AppStream repository. It\u0027s worth noting that this solution applies solely to RHEL 8, which supports modules exclusively, and it is not applicable to earlier versions including RHEL 7.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1698294000-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1698294000-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.12:jenkins-0:2.414.3.1698293911-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.414.3.1698293911-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-29599"
},
{
"category": "external",
"summary": "RHBZ#2066479",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066479"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-29599",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29599"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-29599",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-29599"
}
],
"release_date": "2020-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-30T11:24:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1698294000-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1698294000-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6172"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.12:jenkins-0:2.414.3.1698293911-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.414.3.1698293911-3.el8.src",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1698294000-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1698294000-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "maven-shared-utils: Command injection via Commandline class"
},
{
"cve": "CVE-2022-42889",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2022-10-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-0:2.414.3.1698293911-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.414.3.1698293911-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135435"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code execution (RCE) and unintentional contact with untrusted remote servers.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-commons-text: variable interpolation RCE",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In order to carry successful exploitation of this vulnerability, the following conditions must be in place on the affected target:\n - Usage of specific methods that interpolate the variables as described in the flaw\n - Usage of external input for those methods\n - Usage of that external input has to be unsanitized/no \"allow list\"/etc.\n\nThe following products have *Low* impact because they have maven references to the affected package but do not ship it nor use the code:\n- Red Hat EAP Expansion Pack (EAP-XP)\n- Red Hat Camel-K\n- Red Hat Camel-Quarkus\n\nRed Hat Satellite ships Candlepin that embeds Apache Commons Text, however, it is not vulnerable to the flaw since the library has not been exposed in the product code. In Candlepin, the Commons Text is being pulled for the Liquibase and ActiveMQ Artemis libraries as a dependency. Red Hat Product Security has evaluated and rated the impact of the flaw as Low for Satellite since there was no harm identified to the confidentiality, integrity, or availability of systems.\n\n- The OCP has a *Moderate* impact because the affected library is a third-party library in the OCP jenkins-2-plugin component which reduces the possibilities of successful exploitation.\n- The OCP-4.8 is affected by this CVE and is in an extended life phase. For versions of products in the Extended Life Phase, Red Hat will provide limited ongoing technical support. No bug fixes, security fixes, hardware enablement or root-cause analysis will be available during this phase, and support will be provided on existing installations only.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1698294000-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1698294000-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.12:jenkins-0:2.414.3.1698293911-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.414.3.1698293911-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42889"
},
{
"category": "external",
"summary": "RHBZ#2135435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135435"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42889",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42889"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42889",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42889"
},
{
"category": "external",
"summary": "https://blogs.apache.org/security/entry/cve-2022-42889",
"url": "https://blogs.apache.org/security/entry/cve-2022-42889"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om",
"url": "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om"
},
{
"category": "external",
"summary": "https://seclists.org/oss-sec/2022/q4/22",
"url": "https://seclists.org/oss-sec/2022/q4/22"
}
],
"release_date": "2022-10-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-30T11:24:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1698294000-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1698294000-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6172"
},
{
"category": "workaround",
"details": "This flaw may be avoided by ensuring that any external inputs used with the Commons-Text lookup methods are sanitized properly. Untrusted input should always be thoroughly sanitized before using in any potentially risky situations.",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-0:2.414.3.1698293911-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.414.3.1698293911-3.el8.src",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1698294000-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1698294000-1.el8.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.12:jenkins-0:2.414.3.1698293911-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.414.3.1698293911-3.el8.src",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1698294000-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1698294000-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache-commons-text: variable interpolation RCE"
},
{
"cve": "CVE-2023-24422",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2023-01-25T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-0:2.414.3.1698293911-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.414.3.1698293911-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2164278"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the script-security Jenkins Plugin. In affected versions of the script-security plugin, property assignments performed implicitly by the Groovy language runtime when invoking map constructors were not intercepted by the sandbox. This vulnerability allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift 3.11 is already in the ELS support model phase. The Jenkins components are out of scope of the ELS support; hence OpenShift 3.11 Jenkins component is marked in this CVE as out of support scope.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1698294000-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1698294000-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.12:jenkins-0:2.414.3.1698293911-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.414.3.1698293911-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-24422"
},
{
"category": "external",
"summary": "RHBZ#2164278",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164278"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-24422",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24422"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-24422",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24422"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-01-24/#SECURITY-3016",
"url": "https://www.jenkins.io/security/advisory/2023-01-24/#SECURITY-3016"
}
],
"release_date": "2023-01-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-30T11:24:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1698294000-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1698294000-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6172"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.12:jenkins-0:2.414.3.1698293911-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.414.3.1698293911-3.el8.src",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1698294000-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1698294000-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin"
},
{
"cve": "CVE-2023-25761",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2023-02-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-0:2.414.3.1698293911-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.414.3.1698293911-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2170039"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Jenkins JUnit plugin. The affected versions of the JUnit Plugin do not escape test case class names in JavaScript expressions, resulting in a stored cross-site scripting (XSS) vulnerability. This may allow an attacker to control test case class names in the JUnit resources processed by the plugin.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift 3.11 is already in the ELS support model phase. The Jenkins components are out of scope of the ELS support, therefore, the OpenShift 3.11 Jenkins component is marked as out of support scope in this CVE.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1698294000-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1698294000-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.12:jenkins-0:2.414.3.1698293911-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.414.3.1698293911-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-25761"
},
{
"category": "external",
"summary": "RHBZ#2170039",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170039"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-25761",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25761"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-25761",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25761"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-3032",
"url": "https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-3032"
}
],
"release_date": "2023-02-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-30T11:24:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1698294000-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1698294000-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6172"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.12:jenkins-0:2.414.3.1698293911-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.414.3.1698293911-3.el8.src",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1698294000-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1698294000-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin"
},
{
"cve": "CVE-2023-25762",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2023-02-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-0:2.414.3.1698293911-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.414.3.1698293911-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2170041"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Jenkins pipeline-build-step plugin. Affected versions of the pipeline-build-step plugin do not escape job names in a JavaScript expression used in the Pipeline Snippet Generator. This can result in a stored cross-site scripting (XSS) vulnerability that may allow attackers to control job names.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-2-plugins/pipeline-build-step: Stored XSS vulnerability in Pipeline: Build Step Plugin",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift 3.11 is already in the ELS support model phase. The Jenkins components are out of scope of the ELS support, therefore, the OpenShift 3.11 Jenkins component is marked as out of support scope in this CVE.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1698294000-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1698294000-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.12:jenkins-0:2.414.3.1698293911-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.414.3.1698293911-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-25762"
},
{
"category": "external",
"summary": "RHBZ#2170041",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170041"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-25762",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25762"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-25762",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25762"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-3019",
"url": "https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-3019"
}
],
"release_date": "2023-02-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-30T11:24:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1698294000-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1698294000-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6172"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.12:jenkins-0:2.414.3.1698293911-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.414.3.1698293911-3.el8.src",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1698294000-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1698294000-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins-2-plugins/pipeline-build-step: Stored XSS vulnerability in Pipeline: Build Step Plugin"
},
{
"cve": "CVE-2023-27903",
"cwe": {
"id": "CWE-266",
"name": "Incorrect Privilege Assignment"
},
"discovery_date": "2023-03-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1698294000-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1698294000-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2177632"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jenkins. When triggering a build from the Jenkins CLI, Jenkins creates a temporary file on the controller if a file parameter is provided through the CLI\u2019s standard input. Affected versions of Jenkins create this temporary file in the default temporary directory with the default permissions for newly created files. If these permissions are overly permissive, they may allow attackers with access to the Jenkins controller file system to read and write the file before it is used in the build.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Jenkins: Temporary file parameter created with insecure permissions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift 3.11 is already in the ELS support model phase. The Jenkins components are out of the scope of the ELS support; hence OpenShift 3.11 Jenkins component is marked in this CVE as Out of Support Scope.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.12:jenkins-0:2.414.3.1698293911-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.414.3.1698293911-3.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1698294000-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1698294000-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-27903"
},
{
"category": "external",
"summary": "RHBZ#2177632",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177632"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-27903",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27903"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-27903",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27903"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-03-08/#SECURITY-3058",
"url": "https://www.jenkins.io/security/advisory/2023-03-08/#SECURITY-3058"
}
],
"release_date": "2023-03-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-30T11:24:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-0:2.414.3.1698293911-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.414.3.1698293911-3.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6172"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.12:jenkins-0:2.414.3.1698293911-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.414.3.1698293911-3.el8.src",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1698294000-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1698294000-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "Jenkins: Temporary file parameter created with insecure permissions"
},
{
"cve": "CVE-2023-27904",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2023-03-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1698294000-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1698294000-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2177634"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jenkins. The affected version of Jenkins prints an error stack trace on agent-related pages when agent connections are broken. This stack trace may contain information about Jenkins configuration that is otherwise inaccessible to attackers.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Jenkins: Information disclosure through error stack traces related to agents",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift 3.11 is already in the ELS support model phase. The Jenkins components are out of the scope of the ELS support; hence OpenShift 3.11 Jenkins component is marked in this CVE as Out of Support Scope.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.12:jenkins-0:2.414.3.1698293911-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.414.3.1698293911-3.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1698294000-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1698294000-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-27904"
},
{
"category": "external",
"summary": "RHBZ#2177634",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177634"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-27904",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27904"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-27904",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27904"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-03-08/#SECURITY-2120",
"url": "https://www.jenkins.io/security/advisory/2023-03-08/#SECURITY-2120"
}
],
"release_date": "2023-03-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-30T11:24:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-0:2.414.3.1698293911-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.414.3.1698293911-3.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6172"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.12:jenkins-0:2.414.3.1698293911-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.414.3.1698293911-3.el8.src",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1698294000-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1698294000-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "Jenkins: Information disclosure through error stack traces related to agents"
},
{
"cve": "CVE-2023-39325",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2243296"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE is related to CVE-2023-44487.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nAs go-lang vendors its dependencies, a package may contain a library with a known vulnerability, solely because of lower tier libraries including it as a part of its dependencies, but the vulnerable code is not reachable at runtime. In such cases the issue is not exploitable. We classify these situations as \u201cNot affected\u201d or \u201cWill not fix,\u201d depending on the risk of breaking other unrelated packages.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.12:jenkins-0:2.414.3.1698293911-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.414.3.1698293911-3.el8.src",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1698294000-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1698294000-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39325"
},
{
"category": "external",
"summary": "RHBZ#2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-44487",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://go.dev/issue/63417",
"url": "https://go.dev/issue/63417"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-30T11:24:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-0:2.414.3.1698293911-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.414.3.1698293911-3.el8.src",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1698294000-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1698294000-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6172"
},
{
"category": "workaround",
"details": "The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-0:2.414.3.1698293911-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.414.3.1698293911-3.el8.src",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1698294000-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1698294000-1.el8.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.12:jenkins-0:2.414.3.1698293911-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.414.3.1698293911-3.el8.src",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1698294000-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1698294000-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)"
}
]
}
RHSA-2022:8652
Vulnerability from csaf_redhat - Published: 2022-11-28 14:39 - Updated: 2026-04-01 18:42Summary
Red Hat Security Advisory: Red Hat Fuse 7.11.1 release and security update
Severity
Important
Notes
Topic: A minor version update (from 7.11 to 7.11.1) is now available for Red Hat Fuse. The purpose of this text-only errata is to inform you about the security issues fixed in this release.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: This release of Red Hat Fuse 7.11.1 serves as a replacement for Red Hat Fuse 7.11 and includes bug fixes and enhancements, which are documented in the Release Notes document linked in the References.
Security Fix(es):
* hsqldb: Untrusted input may lead to RCE attack [fuse-7] (CVE-2022-41853)
* io.hawt-hawtio-online: bootstrap: XSS in the tooltip or popover data-template attribute [fuse-7] (CVE-2019-8331)
* io.hawt-project: bootstrap: XSS in the tooltip or popover data-template attribute [fuse-7] (CVE-2019-8331)
* wildfly: incorrect JBOSS_LOCAL_USER challenge location may lead to giving access to all the local users [fuse-7] (CVE-2021-3717)
* json-smart: Denial of Service in JSONParserByteArray function [fuse-7] (CVE-2021-31684)
* io.hawt-hawtio-integration: minimist: prototype pollution [fuse-7] (CVE-2021-44906)
* urijs: Authorization Bypass Through User-Controlled Key [fuse-7] (CVE-2022-0613)
* http2-server: Invalid HTTP/2 requests cause DoS [fuse-7] (CVE-2022-2048)
* snakeyaml: Denial of Service due to missing nested depth limitation for collections [fuse-7] (CVE-2022-25857)
* urijs: Leading white space bypasses protocol validation [fuse-7] (CVE-2022-24723)
* Moment.js: Path traversal in moment.locale [fuse-7] (CVE-2022-24785)
* netty: world readable temporary file containing sensitive data [fuse-7] (CVE-2022-24823)
* jdbc-postgresql: postgresql: SQL Injection in ResultSet.refreshRow() with malicious column names [fuse-7] (CVE-2022-31197)
* commons-configuration2: apache-commons-configuration: Apache Commons Configuration insecure interpolation defaults [fuse-7] (CVE-2022-33980)
* commons-text: apache-commons-text: variable interpolation RCE [fuse-7] (CVE-2022-42889)
* undertow: Large AJP request may cause DoS [fuse-7] (CVE-2022-2053)
* moment: inefficient parsing algorithm resulting in DoS [fuse-7] (CVE-2022-31129)
* snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode [fuse-7] (CVE-2022-38749)
For more details about the security issues, including the impact, CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A cross-site scripting vulnerability was discovered in bootstrap. If an attacker could control the data given to tooltip or popover, they could inject HTML or Javascript into the rendered page when tooltip or popover events fired.
6.1 (Medium)
Vendor Fix
Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.
Installation instructions are available from the Fuse 7.11.1 product documentation page:
https://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/
https://access.redhat.com/errata/RHSA-2022:8652
A flaw was found in Wildfly. An incorrect JBOSS_LOCAL_USER challenge location when using the elytron configuration may lead to JBOSS_LOCAL_USER access to all users on the machine. The highest threat from this vulnerability is to confidentiality, integrity, and availability.
7.8 (High)
Vendor Fix
Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.
Installation instructions are available from the Fuse 7.11.1 product documentation page:
https://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/
https://access.redhat.com/errata/RHSA-2022:8652
A flaw was found in the json-smart package in the JSONParserByteArray. This flaw allows an attacker to cause a denial of service.
7.5 (High)
Vendor Fix
Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.
Installation instructions are available from the Fuse 7.11.1 product documentation page:
https://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/
https://access.redhat.com/errata/RHSA-2022:8652
An Uncontrolled Resource Consumption flaw was found in minimist. The original fix for CVE-2020-7598 was incomplete as it was still possible to bypass in some cases. This flaw (CVE-2021-44906) allows an attacker to trick the library into adding or modifying the properties of Object.prototype, using a constructor or __proto__ payload, resulting in prototype pollution and loss of confidentiality, availability, and integrity.
CWE-1321 - Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
Vendor Fix
Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.
Installation instructions are available from the Fuse 7.11.1 product documentation page:
https://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/
https://access.redhat.com/errata/RHSA-2022:8652
A flaw was found in urijs due to the fix of CVE-2021-3647 not considering case-sensitive protocol schemes in the URL. This issue allows attackers to bypass the patch.
6.5 (Medium)
Vendor Fix
Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.
Installation instructions are available from the Fuse 7.11.1 product documentation page:
https://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/
https://access.redhat.com/errata/RHSA-2022:8652
A flaw was found in the Eclipse Jetty http2-server package. This flaw allows an attacker to cause a denial of service in the server via HTTP/2 requests.
7.5 (High)
Vendor Fix
Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.
Installation instructions are available from the Fuse 7.11.1 product documentation page:
https://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/
https://access.redhat.com/errata/RHSA-2022:8652
A flaw was found in Undertow. AJP requests to the server may allow an attacker to send a malicious request and trigger server errors, resulting in a denial of service.
7.5 (High)
Vendor Fix
Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.
Installation instructions are available from the Fuse 7.11.1 product documentation page:
https://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/
https://access.redhat.com/errata/RHSA-2022:8652
An improper input validation flaw was found in urijs where white space characters are not removed from the beginning of an URL. This issue allows bypassing the protocol validation.
5.3 (Medium)
Vendor Fix
Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.
Installation instructions are available from the Fuse 7.11.1 product documentation page:
https://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/
https://access.redhat.com/errata/RHSA-2022:8652
A path traversal vulnerability was found in Moment.js that impacts npm (server) users. This issue occurs if a user-provided locale string is directly used to switch moment locale, which an attacker can exploit to change the correct path to one of their choice. This can result in a loss of integrity.
7.5 (High)
Vendor Fix
Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.
Installation instructions are available from the Fuse 7.11.1 product documentation page:
https://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/
https://access.redhat.com/errata/RHSA-2022:8652
Workaround
Sanitize the user-provided locale name before passing it to Moment.js.
CVE-2021-21290 contains an incomplete fix, and this addresses the issue found in netty. When using multipart decoders in netty, local information disclosure can occur via the local system temporary directory if temporary storing of uploads on the disk is enabled.
5.5 (Medium)
Vendor Fix
Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.
Installation instructions are available from the Fuse 7.11.1 product documentation page:
https://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/
https://access.redhat.com/errata/RHSA-2022:8652
Workaround
As a workaround, specify one's own `java.io.tmpdir` when starting the JVM or use DefaultHttpDataFactory.setBaseDir(...) to set the directory to something that is only readable by the current user.
A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.
7.5 (High)
Vendor Fix
Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.
Installation instructions are available from the Fuse 7.11.1 product documentation page:
https://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/
https://access.redhat.com/errata/RHSA-2022:8652
A flaw was found in the Moment.js package. Users who pass user-provided strings without sanity length checks to the moment constructor are vulnerable to regular expression denial of service (ReDoS) attacks.
7.5 (High)
Vendor Fix
Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.
Installation instructions are available from the Fuse 7.11.1 product documentation page:
https://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/
https://access.redhat.com/errata/RHSA-2022:8652
A flaw was found in PostgresQL. This flaw allows an attacker to benefit from a miss escaping character and leads to a SQL injection attack due to Java.sql.ResultRow.refreshRow() implementation from PGSQL.
8.0 (High)
Vendor Fix
Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.
Installation instructions are available from the Fuse 7.11.1 product documentation page:
https://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/
https://access.redhat.com/errata/RHSA-2022:8652
A flaw was found in Apache Commons Configuration's variable interpolation, which by default included several lookup actions that could permit script invocation on remote servers. This issue could allow an attacker to use one of these actions to send a request to execute arbitrary code on the server.
7.5 (High)
Vendor Fix
Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.
Installation instructions are available from the Fuse 7.11.1 product documentation page:
https://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/
https://access.redhat.com/errata/RHSA-2022:8652
A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash, resulting in a denial of service.
6.5 (Medium)
Vendor Fix
Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.
Installation instructions are available from the Fuse 7.11.1 product documentation page:
https://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/
https://access.redhat.com/errata/RHSA-2022:8652
A flaw was found in the HSQLDB package. This flaw allows untrusted inputs to execute remote code due to any static method of any Java class in the classpath, resulting in code execution by default.
9.8 (Critical)
Vendor Fix
Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.
Installation instructions are available from the Fuse 7.11.1 product documentation page:
https://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/
https://access.redhat.com/errata/RHSA-2022:8652
Workaround
By default, the static methods of any class that is on the classpath are available for use and can compromise security in some systems. The optional Java system property, hsqldb.method_class_names, allows preventing access to classes other than java.lang.Math or specifying a semicolon-separated list of allowed classes. A property value that ends with .* is treated as a wild card and allows access to all class or method names formed by substitution of the * (asterisk).
In the example below, the property has been included as an argument to the Java command.
java -Dhsqldb.method_class_names="org.me.MyClass;org.you.YourClass;org.you.lib.*" [the rest of the command line]
The above example allows access to the methods in the two classes: org.me.MyClass and org.you.YourClass together with all the classes in the org.you.lib package. Note that if the property is not defined, no access control is performed at this level.
The user who creates a Java routine must have the relevant access privileges on the tables that are used inside the Java method.
Once the routine has been defined, the normal database access control applies to its user. The routine can be executed only by those users who have been granted EXECUTE privileges on it. Access to routines can be granted to users with GRANT EXECUTE or GRANT ALL. For example, GRANT EXECUTE ON myroutine TO PUBLIC.
In hsqldb 2.7.1, all classes by default are not accessible, except those in java.lang.Math and need to be manually enabled.
A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code execution (RCE) and unintentional contact with untrusted remote servers.
9.8 (Critical)
Vendor Fix
Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.
Installation instructions are available from the Fuse 7.11.1 product documentation page:
https://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/
https://access.redhat.com/errata/RHSA-2022:8652
Workaround
This flaw may be avoided by ensuring that any external inputs used with the Commons-Text lookup methods are sanitized properly. Untrusted input should always be thoroughly sanitized before using in any potentially risky situations.
References
| URL | Category | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A minor version update (from 7.11 to 7.11.1) is now available for Red Hat Fuse. The purpose of this text-only errata is to inform you about the security issues fixed in this release.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This release of Red Hat Fuse 7.11.1 serves as a replacement for Red Hat Fuse 7.11 and includes bug fixes and enhancements, which are documented in the Release Notes document linked in the References.\n\nSecurity Fix(es):\n\n* hsqldb: Untrusted input may lead to RCE attack [fuse-7] (CVE-2022-41853)\n\n* io.hawt-hawtio-online: bootstrap: XSS in the tooltip or popover data-template attribute [fuse-7] (CVE-2019-8331)\n\n* io.hawt-project: bootstrap: XSS in the tooltip or popover data-template attribute [fuse-7] (CVE-2019-8331)\n\n* wildfly: incorrect JBOSS_LOCAL_USER challenge location may lead to giving access to all the local users [fuse-7] (CVE-2021-3717)\n\n* json-smart: Denial of Service in JSONParserByteArray function [fuse-7] (CVE-2021-31684)\n\n* io.hawt-hawtio-integration: minimist: prototype pollution [fuse-7] (CVE-2021-44906)\n\n* urijs: Authorization Bypass Through User-Controlled Key [fuse-7] (CVE-2022-0613)\n\n* http2-server: Invalid HTTP/2 requests cause DoS [fuse-7] (CVE-2022-2048)\n\n* snakeyaml: Denial of Service due to missing nested depth limitation for collections [fuse-7] (CVE-2022-25857)\n\n* urijs: Leading white space bypasses protocol validation [fuse-7] (CVE-2022-24723)\n\n* Moment.js: Path traversal in moment.locale [fuse-7] (CVE-2022-24785)\n\n* netty: world readable temporary file containing sensitive data [fuse-7] (CVE-2022-24823)\n\n* jdbc-postgresql: postgresql: SQL Injection in ResultSet.refreshRow() with malicious column names [fuse-7] (CVE-2022-31197)\n\n* commons-configuration2: apache-commons-configuration: Apache Commons Configuration insecure interpolation defaults [fuse-7] (CVE-2022-33980)\n\n* commons-text: apache-commons-text: variable interpolation RCE [fuse-7] (CVE-2022-42889)\n\n* undertow: Large AJP request may cause DoS [fuse-7] (CVE-2022-2053)\n\n* moment: inefficient parsing algorithm resulting in DoS [fuse-7] (CVE-2022-31129)\n\n* snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode [fuse-7] (CVE-2022-38749)\n\nFor more details about the security issues, including the impact, CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:8652",
"url": "https://access.redhat.com/errata/RHSA-2022:8652"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "1991305",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1991305"
},
{
"category": "external",
"summary": "2055496",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2055496"
},
{
"category": "external",
"summary": "2062370",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2062370"
},
{
"category": "external",
"summary": "2066009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066009"
},
{
"category": "external",
"summary": "2072009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072009"
},
{
"category": "external",
"summary": "2087186",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2087186"
},
{
"category": "external",
"summary": "2095862",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095862"
},
{
"category": "external",
"summary": "2102695",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102695"
},
{
"category": "external",
"summary": "2105067",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105067"
},
{
"category": "external",
"summary": "2105075",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105075"
},
{
"category": "external",
"summary": "2116952",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2116952"
},
{
"category": "external",
"summary": "2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "2129428",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129428"
},
{
"category": "external",
"summary": "2129706",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129706"
},
{
"category": "external",
"summary": "2135435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135435"
},
{
"category": "external",
"summary": "2136141",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136141"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_8652.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Fuse 7.11.1 release and security update",
"tracking": {
"current_release_date": "2026-04-01T18:42:09+00:00",
"generator": {
"date": "2026-04-01T18:42:09+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.4"
}
},
"id": "RHSA-2022:8652",
"initial_release_date": "2022-11-28T14:39:27+00:00",
"revision_history": [
{
"date": "2022-11-28T14:39:27+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-11-28T14:39:27+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-01T18:42:09+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Fuse 7.11.1",
"product": {
"name": "Red Hat Fuse 7.11.1",
"product_id": "Red Hat Fuse 7.11.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_fuse:7"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Fuse"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-8331",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-02-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1686454"
}
],
"notes": [
{
"category": "description",
"text": "A cross-site scripting vulnerability was discovered in bootstrap. If an attacker could control the data given to tooltip or popover, they could inject HTML or Javascript into the rendered page when tooltip or popover events fired.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the tooltip or popover data-template attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-8331"
},
{
"category": "external",
"summary": "RHBZ#1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-8331",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8331"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331"
}
],
"release_date": "2019-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-28T14:39:27+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.1 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8652"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat Fuse 7.11.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the tooltip or popover data-template attribute"
},
{
"cve": "CVE-2021-3717",
"cwe": {
"id": "CWE-552",
"name": "Files or Directories Accessible to External Parties"
},
"discovery_date": "2021-07-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1991305"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly. An incorrect JBOSS_LOCAL_USER challenge location when using the elytron configuration may lead to JBOSS_LOCAL_USER access to all users on the machine. The highest threat from this vulnerability is to confidentiality, integrity, and availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: incorrect JBOSS_LOCAL_USER challenge location may lead to giving access to all the local users",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3717"
},
{
"category": "external",
"summary": "RHBZ#1991305",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1991305"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3717",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3717"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3717",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3717"
}
],
"release_date": "2021-08-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-28T14:39:27+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.1 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8652"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly: incorrect JBOSS_LOCAL_USER challenge location may lead to giving access to all the local users"
},
{
"cve": "CVE-2021-31684",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-06-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2102695"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the json-smart package in the JSONParserByteArray. This flaw allows an attacker to cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "json-smart: Denial of Service in JSONParserByteArray function",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-31684"
},
{
"category": "external",
"summary": "RHBZ#2102695",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102695"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-31684",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31684"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-31684",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-31684"
}
],
"release_date": "2021-06-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-28T14:39:27+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.1 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8652"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "json-smart: Denial of Service in JSONParserByteArray function"
},
{
"cve": "CVE-2021-44906",
"cwe": {
"id": "CWE-1321",
"name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
},
"discovery_date": "2022-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2066009"
}
],
"notes": [
{
"category": "description",
"text": "An Uncontrolled Resource Consumption flaw was found in minimist. The original fix for CVE-2020-7598 was incomplete as it was still possible to bypass in some cases. This flaw (CVE-2021-44906) allows an attacker to trick the library into adding or modifying the properties of Object.prototype, using a constructor or __proto__ payload, resulting in prototype pollution and loss of confidentiality, availability, and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "minimist: prototype pollution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "As minimist is an argument parsing module for nodejs, exploitation of this vulnerability requires an attacker to influence which arguments are passed to nodejs when running a script. Red Hat products and services are designed in such a way that gaining this ability is not trivial. Additionally, the impact is limited by only enabling the pollution of functions, and not all generic objects.\n\nWithin Red Hat Satellite 6 this flaw has been rated as having a security impact of Low. It is not currently planned to be addressed there, as the minimist library is only included in the -doc subpackage and is part of test fixtures that are not in the execution path used by the rabl gem.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44906"
},
{
"category": "external",
"summary": "RHBZ#2066009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44906",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44906"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44906",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44906"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-xvch-5gv4-984h",
"url": "https://github.com/advisories/GHSA-xvch-5gv4-984h"
}
],
"release_date": "2022-03-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-28T14:39:27+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.1 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8652"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "minimist: prototype pollution"
},
{
"cve": "CVE-2022-0613",
"cwe": {
"id": "CWE-639",
"name": "Authorization Bypass Through User-Controlled Key"
},
"discovery_date": "2022-02-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2055496"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in urijs due to the fix of CVE-2021-3647 not considering case-sensitive protocol schemes in the URL. This issue allows attackers to bypass the patch.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urijs: Authorization Bypass Through User-Controlled Key",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-0613"
},
{
"category": "external",
"summary": "RHBZ#2055496",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2055496"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-0613",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0613"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-0613",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0613"
}
],
"release_date": "2022-02-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-28T14:39:27+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.1 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8652"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "urijs: Authorization Bypass Through User-Controlled Key"
},
{
"cve": "CVE-2022-2048",
"cwe": {
"id": "CWE-410",
"name": "Insufficient Resource Pool"
},
"discovery_date": "2022-08-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2116952"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Eclipse Jetty http2-server package. This flaw allows an attacker to cause a denial of service in the server via HTTP/2 requests.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "http2-server: Invalid HTTP/2 requests cause DoS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-2048"
},
{
"category": "external",
"summary": "RHBZ#2116952",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2116952"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-2048",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2048"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-2048",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2048"
},
{
"category": "external",
"summary": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-wgmr-mf83-7x4j",
"url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-wgmr-mf83-7x4j"
}
],
"release_date": "2022-07-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-28T14:39:27+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.1 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8652"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "http2-server: Invalid HTTP/2 requests cause DoS"
},
{
"cve": "CVE-2022-2053",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2022-06-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2095862"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Undertow. AJP requests to the server may allow an attacker to send a malicious request and trigger server errors, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: Large AJP request may cause DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Fuse 7 is now in Maintenance Support Phase and is marked Fixed. However, Red Hat Fuse Online does not contain the fix for this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-2053"
},
{
"category": "external",
"summary": "RHBZ#2095862",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095862"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-2053",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2053"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-2053",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2053"
}
],
"release_date": "2022-06-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-28T14:39:27+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.1 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8652"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "undertow: Large AJP request may cause DoS"
},
{
"cve": "CVE-2022-24723",
"cwe": {
"id": "CWE-1173",
"name": "Improper Use of Validation Framework"
},
"discovery_date": "2022-03-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2062370"
}
],
"notes": [
{
"category": "description",
"text": "An improper input validation flaw was found in urijs where white space characters are not removed from the beginning of an URL. This issue allows bypassing the protocol validation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urijs: Leading white space bypasses protocol validation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-24723"
},
{
"category": "external",
"summary": "RHBZ#2062370",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2062370"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-24723",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24723"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24723",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24723"
}
],
"release_date": "2022-03-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-28T14:39:27+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.1 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8652"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "urijs: Leading white space bypasses protocol validation"
},
{
"cve": "CVE-2022-24785",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2022-04-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2072009"
}
],
"notes": [
{
"category": "description",
"text": "A path traversal vulnerability was found in Moment.js that impacts npm (server) users. This issue occurs if a user-provided locale string is directly used to switch moment locale, which an attacker can exploit to change the correct path to one of their choice. This can result in a loss of integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Moment.js: Path traversal in moment.locale",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In Quay 3.10 and above, no version of affected momentjs is present.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-24785"
},
{
"category": "external",
"summary": "RHBZ#2072009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-24785",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24785"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24785",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24785"
},
{
"category": "external",
"summary": "https://github.com/moment/moment/security/advisories/GHSA-8hfj-j24r-96c4",
"url": "https://github.com/moment/moment/security/advisories/GHSA-8hfj-j24r-96c4"
}
],
"release_date": "2022-04-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-28T14:39:27+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.1 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8652"
},
{
"category": "workaround",
"details": "Sanitize the user-provided locale name before passing it to Moment.js.",
"product_ids": [
"Red Hat Fuse 7.11.1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Moment.js: Path traversal in moment.locale"
},
{
"cve": "CVE-2022-24823",
"cwe": {
"id": "CWE-379",
"name": "Creation of Temporary File in Directory with Insecure Permissions"
},
"discovery_date": "2022-05-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2087186"
}
],
"notes": [
{
"category": "description",
"text": "CVE-2021-21290 contains an incomplete fix, and this addresses the issue found in netty. When using multipart decoders in netty, local information disclosure can occur via the local system temporary directory if temporary storing of uploads on the disk is enabled.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty: world readable temporary file containing sensitive data",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue only impacts applications running on Java version 6 and lower. Additionally, this vulnerability impacts code running on Unix-like systems, and very old versions of Mac OSX and Windows as they all share the system temporary directory between all users.\n\nRed Hat Satellite 6 is not affected as is using netty 3.6.7 version which is not impacted by this vulnerability.\n\nRed Hat Fuse 7 is now in Maintenance Support Phase and should be fixed soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-24823"
},
{
"category": "external",
"summary": "RHBZ#2087186",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2087186"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-24823",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24823"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24823",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24823"
}
],
"release_date": "2022-05-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-28T14:39:27+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.1 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8652"
},
{
"category": "workaround",
"details": "As a workaround, specify one\u0027s own `java.io.tmpdir` when starting the JVM or use DefaultHttpDataFactory.setBaseDir(...) to set the directory to something that is only readable by the current user.",
"product_ids": [
"Red Hat Fuse 7.11.1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "netty: world readable temporary file containing sensitive data"
},
{
"cve": "CVE-2022-25857",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-09-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2126789"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Denial of Service due to missing nested depth limitation for collections",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For RHEL-8 it\u0027s downgraded to moderate because \"snakeyaml\" itself in RHEL 8 or RHEL-9 isn\u0027t shipped and \"prometheus-jmx-exporter\" is needed as build dependency. And it\u0027s not directly exploitable, hence severity marked as moderate.\nRed Hat Integration and AMQ products are not vulnerable to this flaw, so their severity has been lowered to moderate.\nRed Hat Single Sign-On uses snakeyaml from liquibase-core and is only used when performing migrations and would require administrator privileges to execute, hence severity marked as Low.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be present soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25857"
},
{
"category": "external",
"summary": "RHBZ#2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25857",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25857"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857"
},
{
"category": "external",
"summary": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525",
"url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525"
}
],
"release_date": "2022-08-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-28T14:39:27+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.1 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8652"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Denial of Service due to missing nested depth limitation for collections"
},
{
"cve": "CVE-2022-31129",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-07-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2105075"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Moment.js package. Users who pass user-provided strings without sanity length checks to the moment constructor are vulnerable to regular expression denial of service (ReDoS) attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "moment: inefficient parsing algorithm resulting in DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Fuse provides the affected software but does not use the functionality and as such its impact has been downgraded to Low.\n\nRed Hat Advanced Cluster Management for Kubernetes (RHACM) ships a vulnerable version of the moment library. However, this affected functionality is restricted behind OAuth, reducing the impact to Moderate.\n\nRed Hat Satellite ships a vulnerable version of the moment library. However, this only affects a specific component (qpid-dispatch), reducing the impact to Moderate.\n\nRed Hat Ceph Storage (RHCS) ships a vulnerable version of the moment library, however, it is not directly used and is a transitive dependency from Angular. In addition, the impact would only be to the grafana browser, and not the underlying RHCS system, which reduces the impact to Moderate. \n\nRed Hat OpenShift Service Mesh (OSSM) ships a vulnerable version of the moment library, however, it is not directly used, and as such, the impact has been lowered to Moderate.\n\nRed Hat OpenShift distributed tracing ships a vulnerable version of the moment library, however, it is not directly used, and as such, the impact has been lowered to Moderate.\n\nIn Logging Subsystem for Red Hat OpenShift the vulnerable moment nodejs package is bundled in the ose-logging-kibana6 container as a transitive dependency, hence the direct impact is reduced to Moderate.\n\nIn OpenShift Container Platform 4 the vulnerabile moment package is a third party dependency, hence the direct impact is reduced to Moderate.\n\nIn Quay IO 3.10 and above, no version of affected momentjs is present.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-31129"
},
{
"category": "external",
"summary": "RHBZ#2105075",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105075"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-31129",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31129"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-31129",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-31129"
},
{
"category": "external",
"summary": "https://github.com/moment/moment/security/advisories/GHSA-wc69-rhjr-hc9g",
"url": "https://github.com/moment/moment/security/advisories/GHSA-wc69-rhjr-hc9g"
}
],
"release_date": "2022-07-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-28T14:39:27+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.1 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8652"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "moment: inefficient parsing algorithm resulting in DoS"
},
{
"cve": "CVE-2022-31197",
"cwe": {
"id": "CWE-89",
"name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
},
"discovery_date": "2022-09-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129428"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in PostgresQL. This flaw allows an attacker to benefit from a miss escaping character and leads to a SQL injection attack due to Java.sql.ResultRow.refreshRow() implementation from PGSQL.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "postgresql: SQL Injection in ResultSet.refreshRow() with malicious column names",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "User applications that do not invoke the `ResultSet.refreshRow()` method are not impacted.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be presented soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-31197"
},
{
"category": "external",
"summary": "RHBZ#2129428",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129428"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-31197",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31197"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-31197",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-31197"
},
{
"category": "external",
"summary": "https://github.com/pgjdbc/pgjdbc/security/advisories/GHSA-r38f-c4h4-hqq2",
"url": "https://github.com/pgjdbc/pgjdbc/security/advisories/GHSA-r38f-c4h4-hqq2"
}
],
"release_date": "2022-08-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-28T14:39:27+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.1 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8652"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "postgresql: SQL Injection in ResultSet.refreshRow() with malicious column names"
},
{
"cve": "CVE-2022-33980",
"discovery_date": "2022-07-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2105067"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Commons Configuration\u0027s variable interpolation, which by default included several lookup actions that could permit script invocation on remote servers. This issue could allow an attacker to use one of these actions to send a request to execute arbitrary code on the server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-commons-configuration: Apache Commons Configuration insecure interpolation defaults",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite embeds affected commons-configuration2 with Candlepin, however, product is not affected since vulnerable org.apache.commons.configuration2.interpol.Lookup is not exposed in code. Product Security has rated this vulnerability Low for Satellite and there is no harm identified to confidentiality, integrity, and availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-33980"
},
{
"category": "external",
"summary": "RHBZ#2105067",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105067"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-33980",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33980"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-33980",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-33980"
}
],
"release_date": "2022-07-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-28T14:39:27+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.1 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8652"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache-commons-configuration: Apache Commons Configuration insecure interpolation defaults"
},
{
"cve": "CVE-2022-38749",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129706"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38749"
},
{
"category": "external",
"summary": "RHBZ#2129706",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129706"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38749",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38749"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38749",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38749"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-28T14:39:27+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.1 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8652"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode"
},
{
"cve": "CVE-2022-41853",
"cwe": {
"id": "CWE-470",
"name": "Use of Externally-Controlled Input to Select Classes or Code (\u0027Unsafe Reflection\u0027)"
},
"discovery_date": "2022-10-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2136141"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the HSQLDB package. This flaw allows untrusted inputs to execute remote code due to any static method of any Java class in the classpath, resulting in code execution by default.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hsqldb: Untrusted input may lead to RCE attack",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41853"
},
{
"category": "external",
"summary": "RHBZ#2136141",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136141"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41853",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41853"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41853",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41853"
},
{
"category": "external",
"summary": "http://hsqldb.org/doc/2.0/guide/sqlroutines-chapt.html#src_jrt_access_control",
"url": "http://hsqldb.org/doc/2.0/guide/sqlroutines-chapt.html#src_jrt_access_control"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-77xx-rxvh-q682",
"url": "https://github.com/advisories/GHSA-77xx-rxvh-q682"
}
],
"release_date": "2022-10-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-28T14:39:27+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.1 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8652"
},
{
"category": "workaround",
"details": "By default, the static methods of any class that is on the classpath are available for use and can compromise security in some systems. The optional Java system property, hsqldb.method_class_names, allows preventing access to classes other than java.lang.Math or specifying a semicolon-separated list of allowed classes. A property value that ends with .* is treated as a wild card and allows access to all class or method names formed by substitution of the * (asterisk).\n\nIn the example below, the property has been included as an argument to the Java command.\n\n java -Dhsqldb.method_class_names=\"org.me.MyClass;org.you.YourClass;org.you.lib.*\" [the rest of the command line]\n\nThe above example allows access to the methods in the two classes: org.me.MyClass and org.you.YourClass together with all the classes in the org.you.lib package. Note that if the property is not defined, no access control is performed at this level.\n\nThe user who creates a Java routine must have the relevant access privileges on the tables that are used inside the Java method.\n\nOnce the routine has been defined, the normal database access control applies to its user. The routine can be executed only by those users who have been granted EXECUTE privileges on it. Access to routines can be granted to users with GRANT EXECUTE or GRANT ALL. For example, GRANT EXECUTE ON myroutine TO PUBLIC.\n\nIn hsqldb 2.7.1, all classes by default are not accessible, except those in java.lang.Math and need to be manually enabled.",
"product_ids": [
"Red Hat Fuse 7.11.1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "hsqldb: Untrusted input may lead to RCE attack"
},
{
"cve": "CVE-2022-42889",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2022-10-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135435"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code execution (RCE) and unintentional contact with untrusted remote servers.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-commons-text: variable interpolation RCE",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In order to carry successful exploitation of this vulnerability, the following conditions must be in place on the affected target:\n - Usage of specific methods that interpolate the variables as described in the flaw\n - Usage of external input for those methods\n - Usage of that external input has to be unsanitized/no \"allow list\"/etc.\n\nThe following products have *Low* impact because they have maven references to the affected package but do not ship it nor use the code:\n- Red Hat EAP Expansion Pack (EAP-XP)\n- Red Hat Camel-K\n- Red Hat Camel-Quarkus\n\nRed Hat Satellite ships Candlepin that embeds Apache Commons Text, however, it is not vulnerable to the flaw since the library has not been exposed in the product code. In Candlepin, the Commons Text is being pulled for the Liquibase and ActiveMQ Artemis libraries as a dependency. Red Hat Product Security has evaluated and rated the impact of the flaw as Low for Satellite since there was no harm identified to the confidentiality, integrity, or availability of systems.\n\n- The OCP has a *Moderate* impact because the affected library is a third-party library in the OCP jenkins-2-plugin component which reduces the possibilities of successful exploitation.\n- The OCP-4.8 is affected by this CVE and is in an extended life phase. For versions of products in the Extended Life Phase, Red Hat will provide limited ongoing technical support. No bug fixes, security fixes, hardware enablement or root-cause analysis will be available during this phase, and support will be provided on existing installations only.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.11.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42889"
},
{
"category": "external",
"summary": "RHBZ#2135435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135435"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42889",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42889"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42889",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42889"
},
{
"category": "external",
"summary": "https://blogs.apache.org/security/entry/cve-2022-42889",
"url": "https://blogs.apache.org/security/entry/cve-2022-42889"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om",
"url": "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om"
},
{
"category": "external",
"summary": "https://seclists.org/oss-sec/2022/q4/22",
"url": "https://seclists.org/oss-sec/2022/q4/22"
}
],
"release_date": "2022-10-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-28T14:39:27+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.11.1 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.11/",
"product_ids": [
"Red Hat Fuse 7.11.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8652"
},
{
"category": "workaround",
"details": "This flaw may be avoided by ensuring that any external inputs used with the Commons-Text lookup methods are sanitized properly. Untrusted input should always be thoroughly sanitized before using in any potentially risky situations.",
"product_ids": [
"Red Hat Fuse 7.11.1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Fuse 7.11.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache-commons-text: variable interpolation RCE"
}
]
}
RHSA-2023:0777
Vulnerability from csaf_redhat - Published: 2023-02-23 00:01 - Updated: 2026-04-01 18:43Summary
Red Hat Security Advisory: OpenShift Container Platform 4.9.56 security update
Severity
Critical
Notes
Topic: Red Hat OpenShift Container Platform release 4.9.56 is now available with updates to packages and images that fix several bugs and add enhancements.
This release includes a security update for Red Hat OpenShift Container Platform 4.9.
Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.9.56. See the following advisory for the container images for this release:
https://access.redhat.com/errata/RHSA-2023:0778
Security Fix(es):
* jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin (CVE-2022-43401)
* jenkins-plugin/workflow-cps: Sandbox bypass vulnerabilities in Pipeline: Groovy Plugin (CVE-2022-43402)
* jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin (CVE-2022-43403)
* jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin (CVE-2022-43404)
* jenkins-plugin/pipeline-groovy-lib: Sandbox bypass vulnerability in Pipeline: Groovy Libraries Plugin (CVE-2022-43405)
* jenkins-plugin/workflow-cps-global-lib: Sandbox bypass vulnerability in Pipeline: Deprecated Groovy Libraries Plugin (CVE-2022-43406)
* google-oauth-client: missing PKCE support in accordance with the RFC for OAuth 2.0 for Native Apps can lead to improper authorization (CVE-2020-7692)
* SnakeYaml: Constructor Deserialization Remote Code Execution (CVE-2022-1471)
* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)
* jenkins-plugin/pipeline-input-step: CSRF protection for any URL can be bypassed in Pipeline: Input Step Plugin (CVE-2022-43407)
* mina-sshd: Java unsafe deserialization vulnerability (CVE-2022-45047)
* jenkins-plugin/script-security: Whole-script approval in Script Security Plugin vulnerable to SHA-1 collisions (CVE-2022-45379)
* jenkins-plugin/JUnit: Stored XSS vulnerability in JUnit Plugin (CVE-2022-45380)
* jenkins-plugin/pipeline-utility-steps: Arbitrary file read vulnerability in Pipeline Utility Steps Plugin (CVE-2022-45381)
* http2-server: Invalid HTTP/2 requests cause DoS (CVE-2022-2048)
* Jenkins plugin: CSRF vulnerability in Script Security Plugin (CVE-2022-30946)
* Jenkins plugin: User-scoped credentials exposed to other users by Pipeline SCM API for Blue Ocean Plugin (CVE-2022-30952)
* Jenkins plugin: CSRF vulnerability in Blue Ocean Plugin (CVE-2022-30953)
* Jenkins plugin: missing permission checks in Blue Ocean Plugin (CVE-2022-30954)
* jenkins: Observable timing discrepancy allows determining username validity (CVE-2022-34174)
* jenkins-plugin: Cross-site Request Forgery (CSRF) in org.jenkins-ci.plugins:git (CVE-2022-36882)
* jenkins plugin: Lack of authentication mechanism in Git Plugin webhook (CVE-2022-36883)
* jenkins plugin: Lack of authentication mechanism in Git Plugin webhook (CVE-2022-36884)
* jenkins plugin: Non-constant time webhook signature comparison in GitHub Plugin (CVE-2022-36885)
* jenkins-plugin/pipeline-stage-view: CSRF protection for any URL can be bypassed in Pipeline: Stage View Plugin (CVE-2022-43408)
* jenkins-plugin/workflow-support: Stored XSS vulnerability in Pipeline: Supporting APIs Plugin (CVE-2022-43409)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
All OpenShift Container Platform 4.9 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.9/updating/updating-cluster-cli.html
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
PKCE support is not implemented in accordance with the RFC for OAuth 2.0 for Native Apps. Without the use of PKCE, the authorization code returned by an authorization server is not enough to guarantee that the client that issued the initial authorization request is the one that will be authorized. An attacker is able to obtain the authorization code using a malicious app on the client-side and use it to gain authorization to the protected resource. This affects the package com.google.oauth-client:google-oauth-client before 1.31.0.
7.4 (High)
Vendor Fix
For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html
https://access.redhat.com/errata/RHSA-2023:0777
A flaw was found in the SnakeYaml package. This flaw allows an attacker to benefit from remote code execution by sending malicious YAML content and this content being deserialized by the constructor. Deserialization is unsafe and leads to Remote Code Execution (RCE).
9.8 (Critical)
Vendor Fix
For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html
https://access.redhat.com/errata/RHSA-2023:0777
A flaw was found in the Eclipse Jetty http2-server package. This flaw allows an attacker to cause a denial of service in the server via HTTP/2 requests.
7.5 (High)
Vendor Fix
For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html
https://access.redhat.com/errata/RHSA-2023:0777
A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.
7.5 (High)
Vendor Fix
For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html
https://access.redhat.com/errata/RHSA-2023:0777
A cross-site request forgery (CSRF) vulnerability in Jenkins Script Security Plugin 1158.v7c1b_73a_69a_08 and earlier allows attackers to have Jenkins send an HTTP request to an attacker-specified webserver.
4.3 (Medium)
Vendor Fix
For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html
https://access.redhat.com/errata/RHSA-2023:0777
Jenkins Pipeline SCM API for Blue Ocean Plugin 1.25.3 and earlier allows attackers with Job/Configure permission to access credentials with attacker-specified IDs stored in the private per-user credentials stores of any attacker-specified user in Jenkins.
6.5 (Medium)
Vendor Fix
For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html
https://access.redhat.com/errata/RHSA-2023:0777
A cross-site request forgery (CSRF) vulnerability in Jenkins Blue Ocean Plugin 1.25.3 and earlier allows attackers to connect to an attacker-specified HTTP server.
6.5 (Medium)
Vendor Fix
For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html
https://access.redhat.com/errata/RHSA-2023:0777
Jenkins Blue Ocean Plugin 1.25.3 and earlier does not perform a permission check in several HTTP endpoints, allowing attackers with Overall/Read permission to connect to an attacker-specified HTTP server.
6.5 (Medium)
Vendor Fix
For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html
https://access.redhat.com/errata/RHSA-2023:0777
In Jenkins 2.355 and earlier, LTS 2.332.3 and earlier, an observable timing discrepancy on the login form allows distinguishing between login attempts with an invalid username, and login attempts with a valid username and wrong password, when using the Jenkins user database security realm.
7.5 (High)
Vendor Fix
For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html
https://access.redhat.com/errata/RHSA-2023:0777
A flaw was found in the Git Jenkins plugin. The affected versions of the Git Jenkins Plugin allow attackers to trigger the builds of jobs configured to use an attacker-specified Git repository and to cause them to check out an attacker-specified commit.
8.8 (High)
Vendor Fix
For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html
https://access.redhat.com/errata/RHSA-2023:0777
A missing permission check in Jenkins Git Plugin 4.11.3 and earlier allows unauthenticated attackers to trigger builds of jobs configured to use an attacker-specified Git repository and to cause them to check out an attacker-specified commit.
7.5 (High)
Vendor Fix
For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html
https://access.redhat.com/errata/RHSA-2023:0777
The webhook endpoint in Jenkins Git Plugin 4.11.3 and earlier provide unauthenticated attackers information about the existence of jobs configured to use an attacker-specified Git repository.
5.3 (Medium)
Vendor Fix
For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html
https://access.redhat.com/errata/RHSA-2023:0777
Jenkins GitHub Plugin 1.34.4 and earlier uses a non-constant time comparison function when checking whether the provided and computed webhook signatures are equal, allowing attackers to use statistical methods to obtain a valid webhook signature.
5.3 (Medium)
Vendor Fix
For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html
https://access.redhat.com/errata/RHSA-2023:0777
A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and confidentiality of Jenkins.
9.9 (Critical)
Vendor Fix
For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html
https://access.redhat.com/errata/RHSA-2023:0777
A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and confidentiality of Jenkins.
9.9 (Critical)
Vendor Fix
For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html
https://access.redhat.com/errata/RHSA-2023:0777
A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and confidentiality of Jenkins.
9.9 (Critical)
Vendor Fix
For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html
https://access.redhat.com/errata/RHSA-2023:0777
A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and confidentiality of Jenkins.
9.9 (Critical)
Vendor Fix
For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html
https://access.redhat.com/errata/RHSA-2023:0777
A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and confidentiality of Jenkins.
9.9 (Critical)
Vendor Fix
For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html
https://access.redhat.com/errata/RHSA-2023:0777
A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and confidentiality of Jenkins.
9.9 (Critical)
Vendor Fix
For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html
https://access.redhat.com/errata/RHSA-2023:0777
A cross-site request forgery (CSRF) vulnerability was found in a Jenkins plugin. This issue may allow an unauthenticated attacker to access Jenkins builds, bypassing CSRF protections. This could compromise the integrity, availability, and confidentiality of Jenkins.
8.8 (High)
Vendor Fix
For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html
https://access.redhat.com/errata/RHSA-2023:0777
A Cross-site request forgery (CSRF) vulnerability was found in a Jenkins plugin. This issue may allow an authenticated attacker to access Jenkins builds, bypassing CSRF protections.
5.7 (Medium)
Vendor Fix
For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html
https://access.redhat.com/errata/RHSA-2023:0777
A Cross-site scripting (XSS) vulnerability was found in a Jenkins plugin. This issue may allow an authenticated remote attacker to create Pipelines.
5.4 (Medium)
Vendor Fix
For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html
https://access.redhat.com/errata/RHSA-2023:0777
A flaw was found in Apache MINA SSHD, when using Java deserialization to load a serialized java.security.PrivateKey. An attacker could benefit from unsafe deserialization by inserting unsecured data that may affect the application or server.
9.8 (Critical)
Vendor Fix
For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html
https://access.redhat.com/errata/RHSA-2023:0777
Workaround
From the maintainer:
For Apache MINA SSHD <= 2.9.1, do not use org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to generate and later load your server's host key. Use separately generated host key files, for instance in OpenSSH format, and load them via a org.apache.sshd.common.keyprovider.FileKeyPairProvider instead. Or use a custom implementation instead of
SimpleGeneratorHostKeyProvider that uses the OpenSSH format for storing and loading the host key (via classes OpenSSHKeyPairResourceWriter and OpenSSHKeyPairResourceParser).
A flaw was found in the script-security Jenkins Plugin. SHA-1 no longer meets the security standards for producing a cryptographically secure message digest. The affected version of the script-security Plugin stores whole-script approvals as the SHA-1 hash of the approved script.
8.0 (High)
Vendor Fix
For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html
https://access.redhat.com/errata/RHSA-2023:0777
A flaw was found in the JUnit Jenkins Plugin. The affected version of the JUnit plugin converts HTTP(S) URLs in test report output to clickable links, which leads to a stored Cross-site scripting (XSS) attack.
8.0 (High)
Vendor Fix
For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html
https://access.redhat.com/errata/RHSA-2023:0777
A flaw was found in the Pipeline Utility Steps Jenkins Plugin. The affected version of the Pipeline Utility Steps Plugin does not restrict the set of enabled prefix interpolators and bundles versions of this library that enable the file: prefix interpolator by default. This flaw allows attackers who can configure Pipelines to read arbitrary files from the Jenkins controller file system.
8.1 (High)
Vendor Fix
For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html
https://access.redhat.com/errata/RHSA-2023:0777
References
| URL | Category | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Container Platform release 4.9.56 is now available with updates to packages and images that fix several bugs and add enhancements.\n\nThis release includes a security update for Red Hat OpenShift Container Platform 4.9.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.\n\nThis advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.9.56. See the following advisory for the container images for this release:\n\nhttps://access.redhat.com/errata/RHSA-2023:0778\n\nSecurity Fix(es):\n\n* jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin (CVE-2022-43401)\n\n* jenkins-plugin/workflow-cps: Sandbox bypass vulnerabilities in Pipeline: Groovy Plugin (CVE-2022-43402)\n\n* jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin (CVE-2022-43403)\n\n* jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin (CVE-2022-43404)\n\n* jenkins-plugin/pipeline-groovy-lib: Sandbox bypass vulnerability in Pipeline: Groovy Libraries Plugin (CVE-2022-43405)\n\n* jenkins-plugin/workflow-cps-global-lib: Sandbox bypass vulnerability in Pipeline: Deprecated Groovy Libraries Plugin (CVE-2022-43406)\n\n* google-oauth-client: missing PKCE support in accordance with the RFC for OAuth 2.0 for Native Apps can lead to improper authorization (CVE-2020-7692)\n\n* SnakeYaml: Constructor Deserialization Remote Code Execution (CVE-2022-1471)\n\n* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)\n\n* jenkins-plugin/pipeline-input-step: CSRF protection for any URL can be bypassed in Pipeline: Input Step Plugin (CVE-2022-43407)\n\n* mina-sshd: Java unsafe deserialization vulnerability (CVE-2022-45047)\n\n* jenkins-plugin/script-security: Whole-script approval in Script Security Plugin vulnerable to SHA-1 collisions (CVE-2022-45379)\n\n* jenkins-plugin/JUnit: Stored XSS vulnerability in JUnit Plugin (CVE-2022-45380)\n\n* jenkins-plugin/pipeline-utility-steps: Arbitrary file read vulnerability in Pipeline Utility Steps Plugin (CVE-2022-45381)\n\n* http2-server: Invalid HTTP/2 requests cause DoS (CVE-2022-2048)\n\n* Jenkins plugin: CSRF vulnerability in Script Security Plugin (CVE-2022-30946)\n\n* Jenkins plugin: User-scoped credentials exposed to other users by Pipeline SCM API for Blue Ocean Plugin (CVE-2022-30952)\n\n* Jenkins plugin: CSRF vulnerability in Blue Ocean Plugin (CVE-2022-30953)\n\n* Jenkins plugin: missing permission checks in Blue Ocean Plugin (CVE-2022-30954)\n\n* jenkins: Observable timing discrepancy allows determining username validity (CVE-2022-34174)\n\n* jenkins-plugin: Cross-site Request Forgery (CSRF) in org.jenkins-ci.plugins:git (CVE-2022-36882)\n\n* jenkins plugin: Lack of authentication mechanism in Git Plugin webhook (CVE-2022-36883)\n\n* jenkins plugin: Lack of authentication mechanism in Git Plugin webhook (CVE-2022-36884)\n\n* jenkins plugin: Non-constant time webhook signature comparison in GitHub Plugin (CVE-2022-36885)\n\n* jenkins-plugin/pipeline-stage-view: CSRF protection for any URL can be bypassed in Pipeline: Stage View Plugin (CVE-2022-43408)\n\n* jenkins-plugin/workflow-support: Stored XSS vulnerability in Pipeline: Supporting APIs Plugin (CVE-2022-43409)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAll OpenShift Container Platform 4.9 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.9/updating/updating-cluster-cli.html",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:0777",
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"url": "https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html"
},
{
"category": "external",
"summary": "1856376",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1856376"
},
{
"category": "external",
"summary": "2116840",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2116840"
},
{
"category": "external",
"summary": "2116952",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2116952"
},
{
"category": "external",
"summary": "2119643",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119643"
},
{
"category": "external",
"summary": "2119645",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119645"
},
{
"category": "external",
"summary": "2119646",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119646"
},
{
"category": "external",
"summary": "2119647",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119647"
},
{
"category": "external",
"summary": "2119653",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119653"
},
{
"category": "external",
"summary": "2119656",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119656"
},
{
"category": "external",
"summary": "2119657",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119657"
},
{
"category": "external",
"summary": "2119658",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119658"
},
{
"category": "external",
"summary": "2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "2136370",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136370"
},
{
"category": "external",
"summary": "2136374",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136374"
},
{
"category": "external",
"summary": "2136379",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136379"
},
{
"category": "external",
"summary": "2136381",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136381"
},
{
"category": "external",
"summary": "2136382",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136382"
},
{
"category": "external",
"summary": "2136383",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136383"
},
{
"category": "external",
"summary": "2136386",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136386"
},
{
"category": "external",
"summary": "2136388",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136388"
},
{
"category": "external",
"summary": "2136391",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136391"
},
{
"category": "external",
"summary": "2143086",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143086"
},
{
"category": "external",
"summary": "2143089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143089"
},
{
"category": "external",
"summary": "2143090",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143090"
},
{
"category": "external",
"summary": "2145194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
},
{
"category": "external",
"summary": "2150009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150009"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_0777.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Container Platform 4.9.56 security update",
"tracking": {
"current_release_date": "2026-04-01T18:43:04+00:00",
"generator": {
"date": "2026-04-01T18:43:04+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.4"
}
},
"id": "RHSA-2023:0777",
"initial_release_date": "2023-02-23T00:01:27+00:00",
"revision_history": [
{
"date": "2023-02-23T00:01:27+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-02-23T00:01:27+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-01T18:43:04+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.9",
"product": {
"name": "Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.9::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "jenkins-0:2.361.1.1675668150-1.el8.src",
"product": {
"name": "jenkins-0:2.361.1.1675668150-1.el8.src",
"product_id": "jenkins-0:2.361.1.1675668150-1.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins@2.361.1.1675668150-1.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "jenkins-2-plugins-0:4.9.1675668922-1.el8.src",
"product": {
"name": "jenkins-2-plugins-0:4.9.1675668922-1.el8.src",
"product_id": "jenkins-2-plugins-0:4.9.1675668922-1.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins-2-plugins@4.9.1675668922-1.el8?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "jenkins-0:2.361.1.1675668150-1.el8.noarch",
"product": {
"name": "jenkins-0:2.361.1.1675668150-1.el8.noarch",
"product_id": "jenkins-0:2.361.1.1675668150-1.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins@2.361.1.1675668150-1.el8?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"product": {
"name": "jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"product_id": "jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins-2-plugins@4.9.1675668922-1.el8?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-0:2.361.1.1675668150-1.el8.noarch as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch"
},
"product_reference": "jenkins-0:2.361.1.1675668150-1.el8.noarch",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-0:2.361.1.1675668150-1.el8.src as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
},
"product_reference": "jenkins-0:2.361.1.1675668150-1.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch"
},
"product_reference": "jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-2-plugins-0:4.9.1675668922-1.el8.src as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
},
"product_reference": "jenkins-2-plugins-0:4.9.1675668922-1.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.9"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-7692",
"cwe": {
"id": "CWE-306",
"name": "Missing Authentication for Critical Function"
},
"discovery_date": "2020-07-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1856376"
}
],
"notes": [
{
"category": "description",
"text": "PKCE support is not implemented in accordance with the RFC for OAuth 2.0 for Native Apps. Without the use of PKCE, the authorization code returned by an authorization server is not enough to guarantee that the client that issued the initial authorization request is the one that will be authorized. An attacker is able to obtain the authorization code using a malicious app on the client-side and use it to gain authorization to the protected resource. This affects the package com.google.oauth-client:google-oauth-client before 1.31.0.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "google-oauth-client: missing PKCE support in accordance with the RFC for OAuth 2.0 for Native Apps can lead to improper authorization",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-7692"
},
{
"category": "external",
"summary": "RHBZ#1856376",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1856376"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-7692",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7692"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-7692",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7692"
}
],
"release_date": "2020-07-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "google-oauth-client: missing PKCE support in accordance with the RFC for OAuth 2.0 for Native Apps can lead to improper authorization"
},
{
"cve": "CVE-2022-1471",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-12-01T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2150009"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the SnakeYaml package. This flaw allows an attacker to benefit from remote code execution by sending malicious YAML content and this content being deserialized by the constructor. Deserialization is unsafe and leads to Remote Code Execution (RCE).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "SnakeYaml: Constructor Deserialization Remote Code Execution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In the Red Hat Process Automation 7 (RHPAM) the untrusted, malicious YAML file for deserialization by the vulnerable Snakeyaml\u0027s SafeConstructor class must be provided intentionally by the RHPAM user which requires high privileges. The potential attack complexity is also high because it depends on conditions that are beyond the attacker\u0027s control. Due to that the impact for RHPAM is reduced to Low.\n\nRed Hat Fuse 7 does not expose by default any endpoint that passes incoming data/request into vulnerable Snakeyaml\u0027s Constructor class nor pass untrusted data to this class. When this class is used, it\u2019s still only used to parse internal configuration, hence the impact by this vulnerability to Red Hat Fuse 7 is reduced to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-1471"
},
{
"category": "external",
"summary": "RHBZ#2150009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-1471",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1471"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1471",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1471"
},
{
"category": "external",
"summary": "https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2",
"url": "https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2"
}
],
"release_date": "2022-10-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "SnakeYaml: Constructor Deserialization Remote Code Execution"
},
{
"cve": "CVE-2022-2048",
"cwe": {
"id": "CWE-410",
"name": "Insufficient Resource Pool"
},
"discovery_date": "2022-08-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2116952"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Eclipse Jetty http2-server package. This flaw allows an attacker to cause a denial of service in the server via HTTP/2 requests.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "http2-server: Invalid HTTP/2 requests cause DoS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-2048"
},
{
"category": "external",
"summary": "RHBZ#2116952",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2116952"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-2048",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2048"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-2048",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2048"
},
{
"category": "external",
"summary": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-wgmr-mf83-7x4j",
"url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-wgmr-mf83-7x4j"
}
],
"release_date": "2022-07-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "http2-server: Invalid HTTP/2 requests cause DoS"
},
{
"cve": "CVE-2022-25857",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-09-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2126789"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Denial of Service due to missing nested depth limitation for collections",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For RHEL-8 it\u0027s downgraded to moderate because \"snakeyaml\" itself in RHEL 8 or RHEL-9 isn\u0027t shipped and \"prometheus-jmx-exporter\" is needed as build dependency. And it\u0027s not directly exploitable, hence severity marked as moderate.\nRed Hat Integration and AMQ products are not vulnerable to this flaw, so their severity has been lowered to moderate.\nRed Hat Single Sign-On uses snakeyaml from liquibase-core and is only used when performing migrations and would require administrator privileges to execute, hence severity marked as Low.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be present soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25857"
},
{
"category": "external",
"summary": "RHBZ#2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25857",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25857"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857"
},
{
"category": "external",
"summary": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525",
"url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525"
}
],
"release_date": "2022-08-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "snakeyaml: Denial of Service due to missing nested depth limitation for collections"
},
{
"cve": "CVE-2022-30946",
"cwe": {
"id": "CWE-352",
"name": "Cross-Site Request Forgery (CSRF)"
},
"discovery_date": "2022-08-19T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2119643"
}
],
"notes": [
{
"category": "description",
"text": "A cross-site request forgery (CSRF) vulnerability in Jenkins Script Security Plugin 1158.v7c1b_73a_69a_08 and earlier allows attackers to have Jenkins send an HTTP request to an attacker-specified webserver.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "plugin: CSRF vulnerability in Script Security Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-30946"
},
{
"category": "external",
"summary": "RHBZ#2119643",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119643"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-30946",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30946"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-30946",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30946"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-05-17/#SECURITY-2116",
"url": "https://www.jenkins.io/security/advisory/2022-05-17/#SECURITY-2116"
}
],
"release_date": "2022-05-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "plugin: CSRF vulnerability in Script Security Plugin"
},
{
"cve": "CVE-2022-30952",
"cwe": {
"id": "CWE-1220",
"name": "Insufficient Granularity of Access Control"
},
"discovery_date": "2022-08-19T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2119645"
}
],
"notes": [
{
"category": "description",
"text": "Jenkins Pipeline SCM API for Blue Ocean Plugin 1.25.3 and earlier allows attackers with Job/Configure permission to access credentials with attacker-specified IDs stored in the private per-user credentials stores of any attacker-specified user in Jenkins.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "plugin: User-scoped credentials exposed to other users by Pipeline SCM API for Blue Ocean Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-30952"
},
{
"category": "external",
"summary": "RHBZ#2119645",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119645"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-30952",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30952"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-30952",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30952"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-05-17/#SECURITY-714",
"url": "https://www.jenkins.io/security/advisory/2022-05-17/#SECURITY-714"
}
],
"release_date": "2022-05-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "plugin: User-scoped credentials exposed to other users by Pipeline SCM API for Blue Ocean Plugin"
},
{
"cve": "CVE-2022-30953",
"cwe": {
"id": "CWE-352",
"name": "Cross-Site Request Forgery (CSRF)"
},
"discovery_date": "2022-08-19T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2119646"
}
],
"notes": [
{
"category": "description",
"text": "A cross-site request forgery (CSRF) vulnerability in Jenkins Blue Ocean Plugin 1.25.3 and earlier allows attackers to connect to an attacker-specified HTTP server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "plugin: CSRF vulnerability in Blue Ocean Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-30953"
},
{
"category": "external",
"summary": "RHBZ#2119646",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119646"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-30953",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30953"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-30953",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30953"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-05-17/#SECURITY-2502",
"url": "https://www.jenkins.io/security/advisory/2022-05-17/#SECURITY-2502"
}
],
"release_date": "2022-05-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "plugin: CSRF vulnerability in Blue Ocean Plugin"
},
{
"cve": "CVE-2022-30954",
"cwe": {
"id": "CWE-862",
"name": "Missing Authorization"
},
"discovery_date": "2022-08-19T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2119647"
}
],
"notes": [
{
"category": "description",
"text": "Jenkins Blue Ocean Plugin 1.25.3 and earlier does not perform a permission check in several HTTP endpoints, allowing attackers with Overall/Read permission to connect to an attacker-specified HTTP server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "plugin: missing permission checks in Blue Ocean Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-30954"
},
{
"category": "external",
"summary": "RHBZ#2119647",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119647"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-30954",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30954"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-30954",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30954"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-05-17/#SECURITY-2502",
"url": "https://www.jenkins.io/security/advisory/2022-05-17/#SECURITY-2502"
}
],
"release_date": "2022-05-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "plugin: missing permission checks in Blue Ocean Plugin"
},
{
"cve": "CVE-2022-34174",
"cwe": {
"id": "CWE-208",
"name": "Observable Timing Discrepancy"
},
"discovery_date": "2022-08-19T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2119653"
}
],
"notes": [
{
"category": "description",
"text": "In Jenkins 2.355 and earlier, LTS 2.332.3 and earlier, an observable timing discrepancy on the login form allows distinguishing between login attempts with an invalid username, and login attempts with a valid username and wrong password, when using the Jenkins user database security realm.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins: Observable timing discrepancy allows determining username validity",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-34174"
},
{
"category": "external",
"summary": "RHBZ#2119653",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119653"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-34174",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34174"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-34174",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34174"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-06-22/#SECURITY-2566",
"url": "https://www.jenkins.io/security/advisory/2022-06-22/#SECURITY-2566"
}
],
"release_date": "2022-06-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins: Observable timing discrepancy allows determining username validity"
},
{
"cve": "CVE-2022-36882",
"cwe": {
"id": "CWE-352",
"name": "Cross-Site Request Forgery (CSRF)"
},
"discovery_date": "2022-08-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2116840"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Git Jenkins plugin. The affected versions of the Git Jenkins Plugin allow attackers to trigger the builds of jobs configured to use an attacker-specified Git repository and to cause them to check out an attacker-specified commit.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin: Cross-site Request Forgery (CSRF) in org.jenkins-ci.plugins:git",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-36882"
},
{
"category": "external",
"summary": "RHBZ#2116840",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2116840"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-36882",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36882"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-36882",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-36882"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-284",
"url": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-284"
}
],
"release_date": "2022-08-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins-plugin: Cross-site Request Forgery (CSRF) in org.jenkins-ci.plugins:git"
},
{
"cve": "CVE-2022-36883",
"cwe": {
"id": "CWE-862",
"name": "Missing Authorization"
},
"discovery_date": "2022-08-19T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2119656"
}
],
"notes": [
{
"category": "description",
"text": "A missing permission check in Jenkins Git Plugin 4.11.3 and earlier allows unauthenticated attackers to trigger builds of jobs configured to use an attacker-specified Git repository and to cause them to check out an attacker-specified commit.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "plugin: Lack of authentication mechanism in Git Plugin webhook",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-36883"
},
{
"category": "external",
"summary": "RHBZ#2119656",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119656"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-36883",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36883"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-36883",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-36883"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-284",
"url": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-284"
}
],
"release_date": "2022-07-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "plugin: Lack of authentication mechanism in Git Plugin webhook"
},
{
"cve": "CVE-2022-36884",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2022-08-19T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2119657"
}
],
"notes": [
{
"category": "description",
"text": "The webhook endpoint in Jenkins Git Plugin 4.11.3 and earlier provide unauthenticated attackers information about the existence of jobs configured to use an attacker-specified Git repository.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "plugin: Lack of authentication mechanism in Git Plugin webhook",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-36884"
},
{
"category": "external",
"summary": "RHBZ#2119657",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119657"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-36884",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36884"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-36884",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-36884"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-284",
"url": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-284"
}
],
"release_date": "2022-07-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "plugin: Lack of authentication mechanism in Git Plugin webhook"
},
{
"cve": "CVE-2022-36885",
"cwe": {
"id": "CWE-208",
"name": "Observable Timing Discrepancy"
},
"discovery_date": "2022-08-19T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2119658"
}
],
"notes": [
{
"category": "description",
"text": "Jenkins GitHub Plugin 1.34.4 and earlier uses a non-constant time comparison function when checking whether the provided and computed webhook signatures are equal, allowing attackers to use statistical methods to obtain a valid webhook signature.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "plugin: Non-constant time webhook signature comparison in GitHub Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-36885"
},
{
"category": "external",
"summary": "RHBZ#2119658",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119658"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-36885",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36885"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-36885",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-36885"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-1849",
"url": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-1849"
}
],
"release_date": "2022-07-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "plugin: Non-constant time webhook signature comparison in GitHub Plugin"
},
{
"cve": "CVE-2022-43401",
"cwe": {
"id": "CWE-693",
"name": "Protection Mechanism Failure"
},
"discovery_date": "2022-10-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2136381"
}
],
"notes": [
{
"category": "description",
"text": "A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and confidentiality of Jenkins.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-43401"
},
{
"category": "external",
"summary": "RHBZ#2136381",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136381"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-43401",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43401"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43401",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43401"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(1)",
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(1)"
}
],
"release_date": "2022-10-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin"
},
{
"cve": "CVE-2022-43402",
"cwe": {
"id": "CWE-693",
"name": "Protection Mechanism Failure"
},
"discovery_date": "2022-10-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2136379"
}
],
"notes": [
{
"category": "description",
"text": "A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and confidentiality of Jenkins.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin/workflow-cps: Sandbox bypass vulnerabilities in Pipeline: Groovy Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-43402"
},
{
"category": "external",
"summary": "RHBZ#2136379",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136379"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-43402",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43402"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43402",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43402"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(1)",
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(1)"
}
],
"release_date": "2022-10-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "jenkins-plugin/workflow-cps: Sandbox bypass vulnerabilities in Pipeline: Groovy Plugin"
},
{
"cve": "CVE-2022-43403",
"cwe": {
"id": "CWE-693",
"name": "Protection Mechanism Failure"
},
"discovery_date": "2022-10-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2136382"
}
],
"notes": [
{
"category": "description",
"text": "A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and confidentiality of Jenkins.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-43403"
},
{
"category": "external",
"summary": "RHBZ#2136382",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136382"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-43403",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43403"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43403",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43403"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(1)",
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(1)"
}
],
"release_date": "2022-10-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin"
},
{
"cve": "CVE-2022-43404",
"cwe": {
"id": "CWE-693",
"name": "Protection Mechanism Failure"
},
"discovery_date": "2022-10-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2136383"
}
],
"notes": [
{
"category": "description",
"text": "A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and confidentiality of Jenkins.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-43404"
},
{
"category": "external",
"summary": "RHBZ#2136383",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136383"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-43404",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43404"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43404",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43404"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(1)",
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(1)"
}
],
"release_date": "2022-10-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin"
},
{
"cve": "CVE-2022-43405",
"cwe": {
"id": "CWE-693",
"name": "Protection Mechanism Failure"
},
"discovery_date": "2022-10-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2136374"
}
],
"notes": [
{
"category": "description",
"text": "A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and confidentiality of Jenkins.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin/pipeline-groovy-lib: Sandbox bypass vulnerability in Pipeline: Groovy Libraries Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-43405"
},
{
"category": "external",
"summary": "RHBZ#2136374",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136374"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-43405",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43405"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43405",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43405"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(2)",
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(2)"
}
],
"release_date": "2022-10-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "jenkins-plugin/pipeline-groovy-lib: Sandbox bypass vulnerability in Pipeline: Groovy Libraries Plugin"
},
{
"cve": "CVE-2022-43406",
"cwe": {
"id": "CWE-693",
"name": "Protection Mechanism Failure"
},
"discovery_date": "2022-10-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2136370"
}
],
"notes": [
{
"category": "description",
"text": "A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and confidentiality of Jenkins.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin/workflow-cps-global-lib: Sandbox bypass vulnerability in Pipeline: Deprecated Groovy Libraries Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-43406"
},
{
"category": "external",
"summary": "RHBZ#2136370",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136370"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-43406",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43406"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43406",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43406"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(2)",
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(2)"
}
],
"release_date": "2022-10-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "jenkins-plugin/workflow-cps-global-lib: Sandbox bypass vulnerability in Pipeline: Deprecated Groovy Libraries Plugin"
},
{
"cve": "CVE-2022-43407",
"cwe": {
"id": "CWE-838",
"name": "Inappropriate Encoding for Output Context"
},
"discovery_date": "2022-10-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2136386"
}
],
"notes": [
{
"category": "description",
"text": "A cross-site request forgery (CSRF) vulnerability was found in a Jenkins plugin. This issue may allow an unauthenticated attacker to access Jenkins builds, bypassing CSRF protections. This could compromise the integrity, availability, and confidentiality of Jenkins.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin/pipeline-input-step: CSRF protection for any URL can be bypassed in Pipeline: Input Step Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-43407"
},
{
"category": "external",
"summary": "RHBZ#2136386",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136386"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-43407",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43407"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43407",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43407"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2880",
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2880"
}
],
"release_date": "2022-10-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jenkins-plugin/pipeline-input-step: CSRF protection for any URL can be bypassed in Pipeline: Input Step Plugin"
},
{
"cve": "CVE-2022-43408",
"cwe": {
"id": "CWE-838",
"name": "Inappropriate Encoding for Output Context"
},
"discovery_date": "2022-10-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2136388"
}
],
"notes": [
{
"category": "description",
"text": "A Cross-site request forgery (CSRF) vulnerability was found in a Jenkins plugin. This issue may allow an authenticated attacker to access Jenkins builds, bypassing CSRF protections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin/pipeline-stage-view: CSRF protection for any URL can be bypassed in Pipeline: Stage View Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-43408"
},
{
"category": "external",
"summary": "RHBZ#2136388",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136388"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-43408",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43408"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43408",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43408"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2828",
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2828"
}
],
"release_date": "2022-10-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins-plugin/pipeline-stage-view: CSRF protection for any URL can be bypassed in Pipeline: Stage View Plugin"
},
{
"cve": "CVE-2022-43409",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2022-10-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2136391"
}
],
"notes": [
{
"category": "description",
"text": "A Cross-site scripting (XSS) vulnerability was found in a Jenkins plugin. This issue may allow an authenticated remote attacker to create Pipelines.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin/workflow-support: Stored XSS vulnerability in Pipeline: Supporting APIs Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-43409"
},
{
"category": "external",
"summary": "RHBZ#2136391",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136391"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-43409",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43409"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43409",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43409"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2881",
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2881"
}
],
"release_date": "2022-10-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins-plugin/workflow-support: Stored XSS vulnerability in Pipeline: Supporting APIs Plugin"
},
{
"cve": "CVE-2022-45047",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-11-23T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2145194"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache MINA SSHD, when using Java deserialization to load a serialized java.security.PrivateKey. An attacker could benefit from unsafe deserialization by inserting unsecured data that may affect the application or server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mina-sshd: Java unsafe deserialization vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Impact as High as there\u0027s a mitigation for minimizing the impact which the flaw requires org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to be impacted, which would require an external/public API for an attacker to benefit from it. \n\nRed Hat Fuse 7 and Red Hat JBoss Enterprise Application Platform 7 have a lower rate (moderate) as it\u0027s very unlikely to be exploited since those are for internal usage or use a custom implementation in their case.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45047"
},
{
"category": "external",
"summary": "RHBZ#2145194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45047",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45047"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047"
},
{
"category": "external",
"summary": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html",
"url": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html"
}
],
"release_date": "2022-11-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
},
{
"category": "workaround",
"details": "From the maintainer:\n\nFor Apache MINA SSHD \u003c= 2.9.1, do not use org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to generate and later load your server\u0027s host key. Use separately generated host key files, for instance in OpenSSH format, and load them via a org.apache.sshd.common.keyprovider.FileKeyPairProvider instead. Or use a custom implementation instead of \nSimpleGeneratorHostKeyProvider that uses the OpenSSH format for storing and loading the host key (via classes OpenSSHKeyPairResourceWriter and OpenSSHKeyPairResourceParser).",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "mina-sshd: Java unsafe deserialization vulnerability"
},
{
"cve": "CVE-2022-45379",
"cwe": {
"id": "CWE-328",
"name": "Use of Weak Hash"
},
"discovery_date": "2022-11-16T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2143090"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the script-security Jenkins Plugin. SHA-1 no longer meets the security standards for producing a cryptographically secure message digest. The affected version of the script-security Plugin stores whole-script approvals as the SHA-1 hash of the approved script.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin/script-security: Whole-script approval in Script Security Plugin vulnerable to SHA-1 collisions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift 3.11 is already in the ELS support model phase. The Jenkins components are out of scope of the ELS support; hence OpenShift 3.11 Jenkins component is marked in this CVE as out of support scope.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45379"
},
{
"category": "external",
"summary": "RHBZ#2143090",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143090"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45379",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45379"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45379",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45379"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2564",
"url": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2564"
}
],
"release_date": "2022-11-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jenkins-plugin/script-security: Whole-script approval in Script Security Plugin vulnerable to SHA-1 collisions"
},
{
"cve": "CVE-2022-45380",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2022-11-16T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2143086"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the JUnit Jenkins Plugin. The affected version of the JUnit plugin converts HTTP(S) URLs in test report output to clickable links, which leads to a stored Cross-site scripting (XSS) attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin/JUnit: Stored XSS vulnerability in JUnit Plugin",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift 3.11 is already in the ELS support model phase. The Jenkins components are out of scope of the ELS support; hence OpenShift 3.11 Jenkins component is marked in this CVE as Out of Support Scope.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45380"
},
{
"category": "external",
"summary": "RHBZ#2143086",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143086"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45380",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45380"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45380",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45380"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2888",
"url": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2888"
}
],
"release_date": "2022-11-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jenkins-plugin/JUnit: Stored XSS vulnerability in JUnit Plugin"
},
{
"cve": "CVE-2022-45381",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2022-11-16T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2143089"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Pipeline Utility Steps Jenkins Plugin. The affected version of the Pipeline Utility Steps Plugin does not restrict the set of enabled prefix interpolators and bundles versions of this library that enable the file: prefix interpolator by default. This flaw allows attackers who can configure Pipelines to read arbitrary files from the Jenkins controller file system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin/pipeline-utility-steps: Arbitrary file read vulnerability in Pipeline Utility Steps Plugin",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift 3.11 is already in the ELS support model phase. The Jenkins components are out of scope of the ELS support; hence the OpenShift 3.11 Jenkins component is marked in this CVE as out of support scope.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"known_not_affected": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45381"
},
{
"category": "external",
"summary": "RHBZ#2143089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143089"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45381",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45381"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45381",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45381"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2949",
"url": "https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2949"
}
],
"release_date": "2022-11-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-23T00:01:27+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0777"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-0:2.361.1.1675668150-1.el8.src",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1675668922-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jenkins-plugin/pipeline-utility-steps: Arbitrary file read vulnerability in Pipeline Utility Steps Plugin"
}
]
}
RHSA-2023:6179
Vulnerability from csaf_redhat - Published: 2023-10-30 13:03 - Updated: 2026-04-01 18:48Summary
Red Hat Security Advisory: Red Hat Product OCP Tools 4.13 OpenShift Jenkins security update
Severity
Critical
Notes
Topic: An update for jenkins and jenkins-2-plugins is now available for OpenShift Developer Tools and Services for OCP 4.13.
Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron.
Security Fix(es):
* golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) (CVE-2023-39325)
* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)
* apache-commons-text: variable interpolation RCE (CVE-2022-42889)
* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)
* maven-shared-utils: Command injection via Commandline class (CVE-2022-29599)
* jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin (CVE-2023-24422)
* jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin (CVE-2023-25761)
* jenkins-2-plugins/pipeline-build-step: Stored XSS vulnerability in Pipeline: Build Step Plugin (CVE-2023-25762)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.
7.5 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:6179
A flaw was found in the maven-shared-utils package. This issue allows a Command Injection due to improper escaping, allowing a shell injection attack.
9.8 (Critical)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:6179
A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code execution (RCE) and unintentional contact with untrusted remote servers.
9.8 (Critical)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:6179
Workaround
This flaw may be avoided by ensuring that any external inputs used with the Commons-Text lookup methods are sanitized properly. Untrusted input should always be thoroughly sanitized before using in any potentially risky situations.
A flaw was found in the script-security Jenkins Plugin. In affected versions of the script-security plugin, property assignments performed implicitly by the Groovy language runtime when invoking map constructors were not intercepted by the sandbox. This vulnerability allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM.
8.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:6179
A flaw was found in the Jenkins JUnit plugin. The affected versions of the JUnit Plugin do not escape test case class names in JavaScript expressions, resulting in a stored cross-site scripting (XSS) vulnerability. This may allow an attacker to control test case class names in the JUnit resources processed by the plugin.
5.4 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:6179
A flaw was found in the Jenkins pipeline-build-step plugin. Affected versions of the pipeline-build-step plugin do not escape job names in a JavaScript expression used in the Pipeline Snippet Generator. This can result in a stored cross-site scripting (XSS) vulnerability that may allow attackers to control job names.
5.4 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:6179
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.
7.5 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:6179
Workaround
The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages. Security Bulletin https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
7.5 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:6179
Workaround
Users are strongly urged to update their software as soon as fixes are available.
There are several mitigation approaches for this flaw.
1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.
2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.
3. Several package specific mitigations are also available.
a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/
b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p
c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487
d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg
e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.
References
| URL | Category | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for jenkins and jenkins-2-plugins is now available for OpenShift Developer Tools and Services for OCP 4.13.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron.\n\nSecurity Fix(es):\n\n* golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) (CVE-2023-39325)\n\n* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)\n\n* apache-commons-text: variable interpolation RCE (CVE-2022-42889)\n\n* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)\n\n* maven-shared-utils: Command injection via Commandline class (CVE-2022-29599)\n\n* jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin (CVE-2023-24422)\n\n* jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin (CVE-2023-25761)\n\n* jenkins-2-plugins/pipeline-build-step: Stored XSS vulnerability in Pipeline: Build Step Plugin (CVE-2023-25762)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:6179",
"url": "https://access.redhat.com/errata/RHSA-2023:6179"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "2066479",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066479"
},
{
"category": "external",
"summary": "2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "2135435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135435"
},
{
"category": "external",
"summary": "2164278",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164278"
},
{
"category": "external",
"summary": "2170039",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170039"
},
{
"category": "external",
"summary": "2170041",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170041"
},
{
"category": "external",
"summary": "2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_6179.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Product OCP Tools 4.13 OpenShift Jenkins security update",
"tracking": {
"current_release_date": "2026-04-01T18:48:55+00:00",
"generator": {
"date": "2026-04-01T18:48:55+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.4"
}
},
"id": "RHSA-2023:6179",
"initial_release_date": "2023-10-30T13:03:06+00:00",
"revision_history": [
{
"date": "2023-10-30T13:03:06+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-10-30T13:03:06+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-01T18:48:55+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenShift Developer Tools and Services for OCP 4.13",
"product": {
"name": "OpenShift Developer Tools and Services for OCP 4.13",
"product_id": "8Base-OCP-Tools-4.13",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ocp_tools:4.13::el8"
}
}
}
],
"category": "product_family",
"name": "OpenShift Jenkins"
},
{
"branches": [
{
"category": "product_version",
"name": "jenkins-0:2.414.3.1698292201-3.el8.src",
"product": {
"name": "jenkins-0:2.414.3.1698292201-3.el8.src",
"product_id": "jenkins-0:2.414.3.1698292201-3.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins@2.414.3.1698292201-3.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "jenkins-2-plugins-0:4.13.1698292274-1.el8.src",
"product": {
"name": "jenkins-2-plugins-0:4.13.1698292274-1.el8.src",
"product_id": "jenkins-2-plugins-0:4.13.1698292274-1.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins-2-plugins@4.13.1698292274-1.el8?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "jenkins-0:2.414.3.1698292201-3.el8.noarch",
"product": {
"name": "jenkins-0:2.414.3.1698292201-3.el8.noarch",
"product_id": "jenkins-0:2.414.3.1698292201-3.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins@2.414.3.1698292201-3.el8?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jenkins-2-plugins-0:4.13.1698292274-1.el8.noarch",
"product": {
"name": "jenkins-2-plugins-0:4.13.1698292274-1.el8.noarch",
"product_id": "jenkins-2-plugins-0:4.13.1698292274-1.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins-2-plugins@4.13.1698292274-1.el8?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-0:2.414.3.1698292201-3.el8.noarch as a component of OpenShift Developer Tools and Services for OCP 4.13",
"product_id": "8Base-OCP-Tools-4.13:jenkins-0:2.414.3.1698292201-3.el8.noarch"
},
"product_reference": "jenkins-0:2.414.3.1698292201-3.el8.noarch",
"relates_to_product_reference": "8Base-OCP-Tools-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-0:2.414.3.1698292201-3.el8.src as a component of OpenShift Developer Tools and Services for OCP 4.13",
"product_id": "8Base-OCP-Tools-4.13:jenkins-0:2.414.3.1698292201-3.el8.src"
},
"product_reference": "jenkins-0:2.414.3.1698292201-3.el8.src",
"relates_to_product_reference": "8Base-OCP-Tools-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-2-plugins-0:4.13.1698292274-1.el8.noarch as a component of OpenShift Developer Tools and Services for OCP 4.13",
"product_id": "8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1698292274-1.el8.noarch"
},
"product_reference": "jenkins-2-plugins-0:4.13.1698292274-1.el8.noarch",
"relates_to_product_reference": "8Base-OCP-Tools-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-2-plugins-0:4.13.1698292274-1.el8.src as a component of OpenShift Developer Tools and Services for OCP 4.13",
"product_id": "8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1698292274-1.el8.src"
},
"product_reference": "jenkins-2-plugins-0:4.13.1698292274-1.el8.src",
"relates_to_product_reference": "8Base-OCP-Tools-4.13"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-25857",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-09-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.13:jenkins-0:2.414.3.1698292201-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.414.3.1698292201-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2126789"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Denial of Service due to missing nested depth limitation for collections",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For RHEL-8 it\u0027s downgraded to moderate because \"snakeyaml\" itself in RHEL 8 or RHEL-9 isn\u0027t shipped and \"prometheus-jmx-exporter\" is needed as build dependency. And it\u0027s not directly exploitable, hence severity marked as moderate.\nRed Hat Integration and AMQ products are not vulnerable to this flaw, so their severity has been lowered to moderate.\nRed Hat Single Sign-On uses snakeyaml from liquibase-core and is only used when performing migrations and would require administrator privileges to execute, hence severity marked as Low.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be present soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1698292274-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1698292274-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.13:jenkins-0:2.414.3.1698292201-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.414.3.1698292201-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25857"
},
{
"category": "external",
"summary": "RHBZ#2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25857",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25857"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857"
},
{
"category": "external",
"summary": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525",
"url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525"
}
],
"release_date": "2022-08-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-30T13:03:06+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1698292274-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1698292274-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6179"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.13:jenkins-0:2.414.3.1698292201-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.414.3.1698292201-3.el8.src",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1698292274-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1698292274-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "snakeyaml: Denial of Service due to missing nested depth limitation for collections"
},
{
"cve": "CVE-2022-29599",
"cwe": {
"id": "CWE-77",
"name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
},
"discovery_date": "2022-03-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.13:jenkins-0:2.414.3.1698292201-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.414.3.1698292201-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2066479"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the maven-shared-utils package. This issue allows a Command Injection due to improper escaping, allowing a shell injection attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "maven-shared-utils: Command injection via Commandline class",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite ships Candlepin component, which uses the Tomcatjss module from the RHEL AppStream repository. In turn, Tomcatjss relies on Maven, which itself depends on affected Apache Maven Shared Utils. Due to the fact that Satellite does not directly use Apache Maven Shared Utils, or expose it in its code, it is considered not affected by the flaw. Satellite customers can resolve the security warning by updating to the fixed Apache Maven Shared Utils through the updated Maven module, which is available in the RHEL 8 AppStream repository. It\u0027s worth noting that this solution applies solely to RHEL 8, which supports modules exclusively, and it is not applicable to earlier versions including RHEL 7.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1698292274-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1698292274-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.13:jenkins-0:2.414.3.1698292201-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.414.3.1698292201-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-29599"
},
{
"category": "external",
"summary": "RHBZ#2066479",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066479"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-29599",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29599"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-29599",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-29599"
}
],
"release_date": "2020-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-30T13:03:06+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1698292274-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1698292274-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6179"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.13:jenkins-0:2.414.3.1698292201-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.414.3.1698292201-3.el8.src",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1698292274-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1698292274-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "maven-shared-utils: Command injection via Commandline class"
},
{
"cve": "CVE-2022-42889",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2022-10-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.13:jenkins-0:2.414.3.1698292201-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.414.3.1698292201-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135435"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code execution (RCE) and unintentional contact with untrusted remote servers.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-commons-text: variable interpolation RCE",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In order to carry successful exploitation of this vulnerability, the following conditions must be in place on the affected target:\n - Usage of specific methods that interpolate the variables as described in the flaw\n - Usage of external input for those methods\n - Usage of that external input has to be unsanitized/no \"allow list\"/etc.\n\nThe following products have *Low* impact because they have maven references to the affected package but do not ship it nor use the code:\n- Red Hat EAP Expansion Pack (EAP-XP)\n- Red Hat Camel-K\n- Red Hat Camel-Quarkus\n\nRed Hat Satellite ships Candlepin that embeds Apache Commons Text, however, it is not vulnerable to the flaw since the library has not been exposed in the product code. In Candlepin, the Commons Text is being pulled for the Liquibase and ActiveMQ Artemis libraries as a dependency. Red Hat Product Security has evaluated and rated the impact of the flaw as Low for Satellite since there was no harm identified to the confidentiality, integrity, or availability of systems.\n\n- The OCP has a *Moderate* impact because the affected library is a third-party library in the OCP jenkins-2-plugin component which reduces the possibilities of successful exploitation.\n- The OCP-4.8 is affected by this CVE and is in an extended life phase. For versions of products in the Extended Life Phase, Red Hat will provide limited ongoing technical support. No bug fixes, security fixes, hardware enablement or root-cause analysis will be available during this phase, and support will be provided on existing installations only.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1698292274-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1698292274-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.13:jenkins-0:2.414.3.1698292201-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.414.3.1698292201-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42889"
},
{
"category": "external",
"summary": "RHBZ#2135435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135435"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42889",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42889"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42889",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42889"
},
{
"category": "external",
"summary": "https://blogs.apache.org/security/entry/cve-2022-42889",
"url": "https://blogs.apache.org/security/entry/cve-2022-42889"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om",
"url": "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om"
},
{
"category": "external",
"summary": "https://seclists.org/oss-sec/2022/q4/22",
"url": "https://seclists.org/oss-sec/2022/q4/22"
}
],
"release_date": "2022-10-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-30T13:03:06+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1698292274-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1698292274-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6179"
},
{
"category": "workaround",
"details": "This flaw may be avoided by ensuring that any external inputs used with the Commons-Text lookup methods are sanitized properly. Untrusted input should always be thoroughly sanitized before using in any potentially risky situations.",
"product_ids": [
"8Base-OCP-Tools-4.13:jenkins-0:2.414.3.1698292201-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.414.3.1698292201-3.el8.src",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1698292274-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1698292274-1.el8.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.13:jenkins-0:2.414.3.1698292201-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.414.3.1698292201-3.el8.src",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1698292274-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1698292274-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache-commons-text: variable interpolation RCE"
},
{
"cve": "CVE-2023-24422",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2023-01-25T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.13:jenkins-0:2.414.3.1698292201-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.414.3.1698292201-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2164278"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the script-security Jenkins Plugin. In affected versions of the script-security plugin, property assignments performed implicitly by the Groovy language runtime when invoking map constructors were not intercepted by the sandbox. This vulnerability allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift 3.11 is already in the ELS support model phase. The Jenkins components are out of scope of the ELS support; hence OpenShift 3.11 Jenkins component is marked in this CVE as out of support scope.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1698292274-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1698292274-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.13:jenkins-0:2.414.3.1698292201-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.414.3.1698292201-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-24422"
},
{
"category": "external",
"summary": "RHBZ#2164278",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164278"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-24422",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24422"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-24422",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24422"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-01-24/#SECURITY-3016",
"url": "https://www.jenkins.io/security/advisory/2023-01-24/#SECURITY-3016"
}
],
"release_date": "2023-01-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-30T13:03:06+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1698292274-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1698292274-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6179"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.13:jenkins-0:2.414.3.1698292201-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.414.3.1698292201-3.el8.src",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1698292274-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1698292274-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin"
},
{
"cve": "CVE-2023-25761",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2023-02-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.13:jenkins-0:2.414.3.1698292201-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.414.3.1698292201-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2170039"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Jenkins JUnit plugin. The affected versions of the JUnit Plugin do not escape test case class names in JavaScript expressions, resulting in a stored cross-site scripting (XSS) vulnerability. This may allow an attacker to control test case class names in the JUnit resources processed by the plugin.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift 3.11 is already in the ELS support model phase. The Jenkins components are out of scope of the ELS support, therefore, the OpenShift 3.11 Jenkins component is marked as out of support scope in this CVE.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1698292274-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1698292274-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.13:jenkins-0:2.414.3.1698292201-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.414.3.1698292201-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-25761"
},
{
"category": "external",
"summary": "RHBZ#2170039",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170039"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-25761",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25761"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-25761",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25761"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-3032",
"url": "https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-3032"
}
],
"release_date": "2023-02-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-30T13:03:06+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1698292274-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1698292274-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6179"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.13:jenkins-0:2.414.3.1698292201-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.414.3.1698292201-3.el8.src",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1698292274-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1698292274-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin"
},
{
"cve": "CVE-2023-25762",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2023-02-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.13:jenkins-0:2.414.3.1698292201-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.414.3.1698292201-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2170041"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Jenkins pipeline-build-step plugin. Affected versions of the pipeline-build-step plugin do not escape job names in a JavaScript expression used in the Pipeline Snippet Generator. This can result in a stored cross-site scripting (XSS) vulnerability that may allow attackers to control job names.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-2-plugins/pipeline-build-step: Stored XSS vulnerability in Pipeline: Build Step Plugin",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift 3.11 is already in the ELS support model phase. The Jenkins components are out of scope of the ELS support, therefore, the OpenShift 3.11 Jenkins component is marked as out of support scope in this CVE.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1698292274-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1698292274-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.13:jenkins-0:2.414.3.1698292201-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.414.3.1698292201-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-25762"
},
{
"category": "external",
"summary": "RHBZ#2170041",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170041"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-25762",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25762"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-25762",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25762"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-3019",
"url": "https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-3019"
}
],
"release_date": "2023-02-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-30T13:03:06+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1698292274-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1698292274-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6179"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.13:jenkins-0:2.414.3.1698292201-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.414.3.1698292201-3.el8.src",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1698292274-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1698292274-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins-2-plugins/pipeline-build-step: Stored XSS vulnerability in Pipeline: Build Step Plugin"
},
{
"cve": "CVE-2023-39325",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-10T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.13:jenkins-0:2.414.3.1698292201-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.414.3.1698292201-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2243296"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE is related to CVE-2023-44487.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nAs go-lang vendors its dependencies, a package may contain a library with a known vulnerability, solely because of lower tier libraries including it as a part of its dependencies, but the vulnerable code is not reachable at runtime. In such cases the issue is not exploitable. We classify these situations as \u201cNot affected\u201d or \u201cWill not fix,\u201d depending on the risk of breaking other unrelated packages.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1698292274-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1698292274-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.13:jenkins-0:2.414.3.1698292201-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.414.3.1698292201-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39325"
},
{
"category": "external",
"summary": "RHBZ#2243296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-44487",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://go.dev/issue/63417",
"url": "https://go.dev/issue/63417"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-30T13:03:06+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1698292274-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1698292274-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6179"
},
{
"category": "workaround",
"details": "The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-OCP-Tools-4.13:jenkins-0:2.414.3.1698292201-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.414.3.1698292201-3.el8.src",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1698292274-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1698292274-1.el8.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.13:jenkins-0:2.414.3.1698292201-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.414.3.1698292201-3.el8.src",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1698292274-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1698292274-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)"
},
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1698292274-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1698292274-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242803"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the Rapid Reset Attack in the Go language packages.\r\n\r\nSecurity Bulletin\r\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "NGINX has been marked as Moderate Impact because, for performance and resource consumption reasons, NGINX limits the number of concurrent streams to a default of 128. In addition, to optimally balance network and server performance, NGINX allows the client to persist HTTP connections for up to 1000 requests by default using an HTTP keepalive.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nrhc component is no longer impacted by CVE-2023-44487 \u0026 CVE-2023-39325.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.13:jenkins-0:2.414.3.1698292201-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.414.3.1698292201-3.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1698292274-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1698292274-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "RHBZ#2242803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
},
{
"category": "external",
"summary": "RHSB-2023-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
},
{
"category": "external",
"summary": "https://github.com/dotnet/announcements/issues/277",
"url": "https://github.com/dotnet/announcements/issues/277"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2102",
"url": "https://pkg.go.dev/vuln/GO-2023-2102"
},
{
"category": "external",
"summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
},
{
"category": "external",
"summary": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/",
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2023-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-10-30T13:03:06+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.13:jenkins-0:2.414.3.1698292201-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.414.3.1698292201-3.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:6179"
},
{
"category": "workaround",
"details": "Users are strongly urged to update their software as soon as fixes are available. \nThere are several mitigation approaches for this flaw. \n\n1. If circumstances permit, users may disable http2 endpoints to circumvent the flaw altogether until a fix is available.\n2. IP-based blocking or flood protection and rate control tools may be used at network endpoints to filter incoming traffic.\n3. Several package specific mitigations are also available. \n a. nginx: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/\n b. netty: https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p\n c. haproxy: https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487\n d. nghttp2: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg\n e. golang: The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
"product_ids": [
"8Base-OCP-Tools-4.13:jenkins-0:2.414.3.1698292201-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.414.3.1698292201-3.el8.src",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1698292274-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1698292274-1.el8.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.13:jenkins-0:2.414.3.1698292201-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.414.3.1698292201-3.el8.src",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1698292274-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1698292274-1.el8.src"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2023-10-10T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)"
}
]
}
RHSA-2023_4983
Vulnerability from csaf_redhat - Published: 2023-09-05 18:37 - Updated: 2024-12-17 22:56Summary
Red Hat Security Advisory: Red Hat Process Automation Manager 7.13.4 security update
Severity
Important
Notes
Topic: An update is now available for Red Hat Process Automation Manager.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which provides a detailed severity rating, is available for each vulnerability from the CVE links in the References section.
Details: Red Hat Process Automation Manager is an open source business process management suite that combines process management and decision service management and enables business and IT users to create, manage, validate, and deploy process applications and decision services.
This asynchronous security patch is an update to Red Hat Process Automation Manager 7.
Security Fixes:
* apache-bcel: Apache-Commons-BCEL: arbitrary bytecode produced via out-of-bounds writing (CVE-2022-42920)
* decode-uri-component: improper input validation resulting in DoS (CVE-2022-38900)
* mina-sshd: Java unsafe deserialization vulnerability (CVE-2022-45047)
* spring-boot: Spring Boot Welcome Page DoS Vulnerability (CVE-2023-20883)
* springframework: Security Bypass With Un-Prefixed Double Wildcard Pattern (CVE-2023-20860)
* loader-utils: regular expression denial of service in interpolateName.js (CVE-2022-37599)
* protobuf-java: timeout in parser leads to DoS (CVE-2022-3171)
* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)
* woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks (CVE-2022-40152)
* RESTEasy: creation of insecure temp files (CVE-2023-0482)
* sshd-core: mina-sshd-core: Memory leak denial of service in Apache Mina SSHD Server (CVE-2021-30129)
For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE pages listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A vulnerability in sshd-core of Apache Mina SSHD allows an attacker to overflow the server causing an OutOfMemory error. This issue affects the SFTP and port forwarding features of Apache Mina SSHD version 2.0.0 and later versions. It was addressed in Apache Mina SSHD 2.7.0
6.5 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:4983
A flaw was found in Wildfly-elytron. Wildfly-elytron uses java.util.Arrays.equals in several places, which is unsafe and vulnerable to timing attacks. To compare values securely, use java.security.MessageDigest.isEqual instead. This flaw allows an attacker to access secure information or impersonate an authed user.
7.4 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:4983
A parsing issue with binary data in protobuf-java core and lite versions prior to 3.21.7, 3.20.3, 3.19.6 and 3.16.3 can lead to a denial of service attack. Inputs containing multiple instances of non-repeated embedded messages with repeated or unknown fields causes objects to be converted back-n-forth between mutable and immutable forms, resulting in potentially long garbage collection pauses. We recommend updating to the versions mentioned above.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:4983
A flaw was found in Textformat in protobuf-java core that can lead to a denial of service. Inputs containing multiple instances of non-repeated embedded messages with repeated or unknown fields can cause objects to convert between mutable and immutable forms, resulting in long garbage collection pauses.
5.3 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:4983
A flaw was found in Message-Type Extensions in protobuf-java core that can lead to a denial of service. Inputs containing multiple instances of non-repeated embedded messages with repeated or unknown fields can cause objects to convert between mutable and immutable forms, resulting in long garbage collection pauses.
5.3 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:4983
A flaw was found in undertow. The undertow client is not checking the server identity the server certificate presents in HTTPS connections. This is a compulsory step ( that should at least be performed by default) in HTTPS and in http/2.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:4983
A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.
5.9 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:4983
A flaw was found in the interpolateName function in interpolateName.js in the webpack loader-utils 2.0.0 via the resourcePath variable in interpolateName.js. This flaw can lead to a regular expression denial of service (ReDoS).
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:4983
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
A flaw was found in decode-uri-component. This issue occurs due to a specially crafted input, resulting in a denial of service.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:4983
A flaw was found in the FasterXML/woodstox package. This flaw allows an attacker to cause a denial of service (DoS) in its target via XML serialization. An attacker may benefit from the parser sending a malicious input that may cause a crash. This vulnerability is only relevant for users using the DTD parsing functionality.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:4983
Those using Snakeyaml to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack overflow. This effect may support a denial of service attack.
6.5 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:4983
An out-of-bounds (OOB) write flaw was found in Apache Commons BCEL API. This flaw can be used to produce arbitrary bytecode and may abuse applications that pass attacker-controlled data to those APIs, giving the attacker more control over the resulting bytecode than otherwise expected.
8.1 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:4983
A flaw was found in Apache MINA SSHD, when using Java deserialization to load a serialized java.security.PrivateKey. An attacker could benefit from unsafe deserialization by inserting unsecured data that may affect the application or server.
9.8 (Critical)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:4983
Workaround
From the maintainer:
For Apache MINA SSHD <= 2.9.1, do not use org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to generate and later load your server's host key. Use separately generated host key files, for instance in OpenSSH format, and load them via a org.apache.sshd.common.keyprovider.FileKeyPairProvider instead. Or use a custom implementation instead of
SimpleGeneratorHostKeyProvider that uses the OpenSSH format for storing and loading the host key (via classes OpenSSHKeyPairResourceWriter and OpenSSHKeyPairResourceParser).
In RESTEasy the insecure File.createTempFile() is used in the DataSourceProvider, FileProvider and Mime4JWorkaround classes which creates temp files with insecure permissions that could be read by a local user.
5.3 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:4983
A flaw was found in Spring Framework. In this vulnerability, a security bypass is possible due to the behavior of the wildcard pattern.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:4983
A flaw found was found in Spring Framework. This flaw allows a malicious user to use a specially crafted SpEL expression that causes a denial of service (DoS).
5.3 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:4983
A flaw was found in Spring Boot, occurring prominently in Spring MVC with a reverse proxy cache. This issue requires Spring MVC to have auto-configuration enabled and the application to use Spring Boot's welcome page support, either static or templated, resulting in the application being deployed behind a proxy that caches 404 responses. This issue may cause a denial of service (DoS) attack.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:4983
A flaw was found in Apache Commons FileUpload, where it does not limit the number of parts being processed in a request. This issue may allow an attacker to use a malicious upload or series of uploads to trigger a denial of service. While Red Hat Satellite relies upon Apache Tomcat, it does not directly ship it. Tomcat is shipped with Red Hat Enterprise Linux and consumed by the Candlepin component of Satellite. Red Hat Satellite users are therefore advised to check the impact state of Red Hat Enterprise Linux, since any necessary fixes will be distributed through the platform.
6.5 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:4983
References
| URL | Category | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat Process Automation Manager.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which provides a detailed severity rating, is available for each vulnerability from the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Process Automation Manager is an open source business process management suite that combines process management and decision service management and enables business and IT users to create, manage, validate, and deploy process applications and decision services.\n\nThis asynchronous security patch is an update to Red Hat Process Automation Manager 7.\n\nSecurity Fixes:\n\n* apache-bcel: Apache-Commons-BCEL: arbitrary bytecode produced via out-of-bounds writing (CVE-2022-42920)\n\n* decode-uri-component: improper input validation resulting in DoS (CVE-2022-38900)\n\n* mina-sshd: Java unsafe deserialization vulnerability (CVE-2022-45047)\n\n* spring-boot: Spring Boot Welcome Page DoS Vulnerability (CVE-2023-20883)\n\n* springframework: Security Bypass With Un-Prefixed Double Wildcard Pattern (CVE-2023-20860)\n\n* loader-utils: regular expression denial of service in interpolateName.js (CVE-2022-37599)\n\n* protobuf-java: timeout in parser leads to DoS (CVE-2022-3171)\n\n* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)\n\n* woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks (CVE-2022-40152)\n\n* RESTEasy: creation of insecure temp files (CVE-2023-0482)\n\n* sshd-core: mina-sshd-core: Memory leak denial of service in Apache Mina SSHD Server (CVE-2021-30129)\n\nFor more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE pages listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:4983",
"url": "https://access.redhat.com/errata/RHSA-2023:4983"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1981527",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1981527"
},
{
"category": "external",
"summary": "2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "2134291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134291"
},
{
"category": "external",
"summary": "2134872",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134872"
},
{
"category": "external",
"summary": "2137645",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2137645"
},
{
"category": "external",
"summary": "2142707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2142707"
},
{
"category": "external",
"summary": "2145194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
},
{
"category": "external",
"summary": "2166004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2166004"
},
{
"category": "external",
"summary": "2170644",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170644"
},
{
"category": "external",
"summary": "2180528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2180528"
},
{
"category": "external",
"summary": "2209342",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2209342"
},
{
"category": "external",
"summary": "RHPAM-4639",
"url": "https://issues.redhat.com/browse/RHPAM-4639"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_4983.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Process Automation Manager 7.13.4 security update",
"tracking": {
"current_release_date": "2024-12-17T22:56:41+00:00",
"generator": {
"date": "2024-12-17T22:56:41+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2023:4983",
"initial_release_date": "2023-09-05T18:37:03+00:00",
"revision_history": [
{
"date": "2023-09-05T18:37:03+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-09-05T18:37:03+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-17T22:56:41+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHPAM 7.13.4 async",
"product": {
"name": "RHPAM 7.13.4 async",
"product_id": "RHPAM 7.13.4 async",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_bpms_platform:7.13"
}
}
}
],
"category": "product_family",
"name": "Red Hat Process Automation Manager"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-30129",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-07-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1981527"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability in sshd-core of Apache Mina SSHD allows an attacker to overflow the server causing an OutOfMemory error. This issue affects the SFTP and port forwarding features of Apache Mina SSHD version 2.0.0 and later versions. It was addressed in Apache Mina SSHD 2.7.0",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mina-sshd-core: Memory leak denial of service in Apache Mina SSHD Server",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform\u0027s OpenDaylight will not be updated for this flaw because it was deprecated as of OpenStack Platform 14 and is only receiving security fixes for Critical flaws.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHPAM 7.13.4 async"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-30129"
},
{
"category": "external",
"summary": "RHBZ#1981527",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1981527"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-30129",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30129"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-30129",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-30129"
}
],
"release_date": "2021-07-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-09-05T18:37:03+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHPAM 7.13.4 async"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4983"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHPAM 7.13.4 async"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "mina-sshd-core: Memory leak denial of service in Apache Mina SSHD Server"
},
{
"cve": "CVE-2022-3143",
"cwe": {
"id": "CWE-208",
"name": "Observable Timing Discrepancy"
},
"discovery_date": "2022-09-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2124682"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly-elytron. Wildfly-elytron uses java.util.Arrays.equals in several places, which is unsafe and vulnerable to timing attacks. To compare values securely, use java.security.MessageDigest.isEqual instead. This flaw allows an attacker to access secure information or impersonate an authed user.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly-elytron: possible timing attacks via use of unsafe comparator",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHPAM 7.13.4 async"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3143"
},
{
"category": "external",
"summary": "RHBZ#2124682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124682"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3143",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3143"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3143",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3143"
}
],
"release_date": "2022-09-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-09-05T18:37:03+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHPAM 7.13.4 async"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4983"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"RHPAM 7.13.4 async"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly-elytron: possible timing attacks via use of unsafe comparator"
},
{
"cve": "CVE-2022-3171",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2022-10-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2137645"
}
],
"notes": [
{
"category": "description",
"text": "A parsing issue with binary data in protobuf-java core and lite versions prior to 3.21.7, 3.20.3, 3.19.6 and 3.16.3 can lead to a denial of service attack. Inputs containing multiple instances of non-repeated embedded messages with repeated or unknown fields causes objects to be converted back-n-forth between mutable and immutable forms, resulting in potentially long garbage collection pauses. We recommend updating to the versions mentioned above.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "protobuf-java: timeout in parser leads to DoS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHPAM 7.13.4 async"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3171"
},
{
"category": "external",
"summary": "RHBZ#2137645",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2137645"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3171",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3171"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3171",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3171"
},
{
"category": "external",
"summary": "https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-h4h5-3hr4-j3g2",
"url": "https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-h4h5-3hr4-j3g2"
}
],
"release_date": "2022-10-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-09-05T18:37:03+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHPAM 7.13.4 async"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4983"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHPAM 7.13.4 async"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "protobuf-java: timeout in parser leads to DoS"
},
{
"cve": "CVE-2022-3509",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2022-12-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2184161"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Textformat in protobuf-java core that can lead to a denial of service. Inputs containing multiple instances of non-repeated embedded messages with repeated or unknown fields can cause objects to convert between mutable and immutable forms, resulting in long garbage collection pauses.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "protobuf-java: Textformat parsing issue leads to DoS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHPAM 7.13.4 async"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3509"
},
{
"category": "external",
"summary": "RHBZ#2184161",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184161"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3509",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3509"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3509",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3509"
}
],
"release_date": "2022-12-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-09-05T18:37:03+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHPAM 7.13.4 async"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4983"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHPAM 7.13.4 async"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "protobuf-java: Textformat parsing issue leads to DoS"
},
{
"cve": "CVE-2022-3510",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2022-12-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2184176"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Message-Type Extensions in protobuf-java core that can lead to a denial of service. Inputs containing multiple instances of non-repeated embedded messages with repeated or unknown fields can cause objects to convert between mutable and immutable forms, resulting in long garbage collection pauses.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "protobuf-java: Message-Type Extensions parsing issue leads to DoS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHPAM 7.13.4 async"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3510"
},
{
"category": "external",
"summary": "RHBZ#2184176",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184176"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3510",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3510"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3510",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3510"
}
],
"release_date": "2022-12-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-09-05T18:37:03+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHPAM 7.13.4 async"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4983"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHPAM 7.13.4 async"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "protobuf-java: Message-Type Extensions parsing issue leads to DoS"
},
{
"cve": "CVE-2022-4492",
"cwe": {
"id": "CWE-550",
"name": "Server-generated Error Message Containing Sensitive Information"
},
"discovery_date": "2022-12-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2153260"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in undertow. The undertow client is not checking the server identity the server certificate presents in HTTPS connections. This is a compulsory step ( that should at least be performed by default) in HTTPS and in http/2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: Server identity in https connection is not checked by the undertow client",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHPAM 7.13.4 async"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-4492"
},
{
"category": "external",
"summary": "RHBZ#2153260",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153260"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-4492",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4492"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-4492",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4492"
}
],
"release_date": "2022-12-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-09-05T18:37:03+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHPAM 7.13.4 async"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4983"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"RHPAM 7.13.4 async"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undertow: Server identity in https connection is not checked by the undertow client"
},
{
"cve": "CVE-2022-25857",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-09-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2126789"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Denial of Service due to missing nested depth limitation for collections",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For RHEL-8 it\u0027s downgraded to moderate because \"snakeyaml\" itself in RHEL 8 or RHEL-9 isn\u0027t shipped and \"prometheus-jmx-exporter\" is needed as build dependency. And it\u0027s not directly exploitable, hence severity marked as moderate.\nRed Hat Integration and AMQ products are not vulnerable to this flaw, so their severity has been lowered to moderate.\nRed Hat Single Sign-On uses snakeyaml from liquibase-core and is only used when performing migrations and would require administrator privileges to execute, hence severity marked as Low.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be present soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHPAM 7.13.4 async"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25857"
},
{
"category": "external",
"summary": "RHBZ#2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25857",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25857"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857"
},
{
"category": "external",
"summary": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525",
"url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525"
}
],
"release_date": "2022-08-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-09-05T18:37:03+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHPAM 7.13.4 async"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4983"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHPAM 7.13.4 async"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Denial of Service due to missing nested depth limitation for collections"
},
{
"cve": "CVE-2022-37599",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-10-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2134872"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the interpolateName function in interpolateName.js in the webpack loader-utils 2.0.0 via the resourcePath variable in interpolateName.js. This flaw can lead to a regular expression denial of service (ReDoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "loader-utils: regular expression denial of service in interpolateName.js",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In Red Hat OpenShift Logging the openshift-logging/kibana6-rhel8 container and openshift-logging/logging-view-plugin-rhel8 bundles many nodejs packages as a build time dependencies, including loader-utils package. The vulnerable code is not used hence the impact to OpenShift Logging by this vulnerability is Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHPAM 7.13.4 async"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-37599"
},
{
"category": "external",
"summary": "RHBZ#2134872",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134872"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-37599",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37599"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-37599",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-37599"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-hhq3-ff78-jv3g",
"url": "https://github.com/advisories/GHSA-hhq3-ff78-jv3g"
},
{
"category": "external",
"summary": "https://github.com/webpack/loader-utils/issues/211",
"url": "https://github.com/webpack/loader-utils/issues/211"
}
],
"release_date": "2022-10-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-09-05T18:37:03+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHPAM 7.13.4 async"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4983"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"RHPAM 7.13.4 async"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHPAM 7.13.4 async"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "loader-utils: regular expression denial of service in interpolateName.js"
},
{
"cve": "CVE-2022-38900",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2023-02-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2170644"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in decode-uri-component. This issue occurs due to a specially crafted input, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "decode-uri-component: improper input validation resulting in DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For OpenShift Container Platform (OCP), Advanced Clusters Management for Kubernetes (ACM) and Advanced Cluster Security (ACS), the NPM decode-uri-component package is only present in source repositories as a development dependency, it is not used in production. Therefore this vulnerability is rated Low for OCP and ACS.\n\nIn Red Hat OpenShift Logging the openshift-logging/kibana6-rhel8 container bundles many nodejs packages as a build time dependencies, including the decode-uri-component package. \nThe vulnerable code is not used, hence the impact to OpenShift Logging by this vulnerability is Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHPAM 7.13.4 async"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38900"
},
{
"category": "external",
"summary": "RHBZ#2170644",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170644"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38900",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38900"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38900",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38900"
},
{
"category": "external",
"summary": "https://github.com/SamVerschueren/decode-uri-component/issues/5",
"url": "https://github.com/SamVerschueren/decode-uri-component/issues/5"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-w573-4hg7-7wgq",
"url": "https://github.com/advisories/GHSA-w573-4hg7-7wgq"
}
],
"release_date": "2022-11-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-09-05T18:37:03+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHPAM 7.13.4 async"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4983"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHPAM 7.13.4 async"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "decode-uri-component: improper input validation resulting in DoS"
},
{
"cve": "CVE-2022-40152",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-10-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2134291"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the FasterXML/woodstox package. This flaw allows an attacker to cause a denial of service (DoS) in its target via XML serialization. An attacker may benefit from the parser sending a malicious input that may cause a crash. This vulnerability is only relevant for users using the DTD parsing functionality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHPAM 7.13.4 async"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40152"
},
{
"category": "external",
"summary": "RHBZ#2134291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134291"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40152",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40152"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40152",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40152"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-3f7h-mf4q-vrm4",
"url": "https://github.com/advisories/GHSA-3f7h-mf4q-vrm4"
}
],
"release_date": "2022-09-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-09-05T18:37:03+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHPAM 7.13.4 async"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4983"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHPAM 7.13.4 async"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks"
},
{
"cve": "CVE-2022-41854",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-12-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2151988"
}
],
"notes": [
{
"category": "description",
"text": "Those using Snakeyaml to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack overflow. This effect may support a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "dev-java/snakeyaml: DoS via stack overflow",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHPAM 7.13.4 async"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41854"
},
{
"category": "external",
"summary": "RHBZ#2151988",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2151988"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41854",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41854"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41854",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41854"
},
{
"category": "external",
"summary": "https://bitbucket.org/snakeyaml/snakeyaml/issues/543/stackoverflow-oss-fuzz-50355",
"url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/543/stackoverflow-oss-fuzz-50355"
},
{
"category": "external",
"summary": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50355",
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50355"
}
],
"release_date": "2022-11-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-09-05T18:37:03+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHPAM 7.13.4 async"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4983"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHPAM 7.13.4 async"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "dev-java/snakeyaml: DoS via stack overflow"
},
{
"cve": "CVE-2022-42920",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-11-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2142707"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds (OOB) write flaw was found in Apache Commons BCEL API. This flaw can be used to produce arbitrary bytecode and may abuse applications that pass attacker-controlled data to those APIs, giving the attacker more control over the resulting bytecode than otherwise expected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Apache-Commons-BCEL: arbitrary bytecode produced via out-of-bounds writing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Fuse 7 ships the code in question but does not utilize it in the product, so it is affected at a reduced impact of Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHPAM 7.13.4 async"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42920"
},
{
"category": "external",
"summary": "RHBZ#2142707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2142707"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42920",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42920"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42920",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42920"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/lfxk7q8qmnh5bt9jm6nmjlv5hsxjhrz4",
"url": "https://lists.apache.org/thread/lfxk7q8qmnh5bt9jm6nmjlv5hsxjhrz4"
}
],
"release_date": "2022-11-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-09-05T18:37:03+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHPAM 7.13.4 async"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4983"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"RHPAM 7.13.4 async"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Apache-Commons-BCEL: arbitrary bytecode produced via out-of-bounds writing"
},
{
"cve": "CVE-2022-45047",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-11-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2145194"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache MINA SSHD, when using Java deserialization to load a serialized java.security.PrivateKey. An attacker could benefit from unsafe deserialization by inserting unsecured data that may affect the application or server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mina-sshd: Java unsafe deserialization vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Impact as High as there\u0027s a mitigation for minimizing the impact which the flaw requires org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to be impacted, which would require an external/public API for an attacker to benefit from it. \n\nRed Hat Fuse 7 and Red Hat JBoss Enterprise Application Platform 7 have a lower rate (moderate) as it\u0027s very unlikely to be exploited since those are for internal usage or use a custom implementation in their case.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHPAM 7.13.4 async"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45047"
},
{
"category": "external",
"summary": "RHBZ#2145194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45047",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45047"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047"
},
{
"category": "external",
"summary": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html",
"url": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html"
}
],
"release_date": "2022-11-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-09-05T18:37:03+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHPAM 7.13.4 async"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4983"
},
{
"category": "workaround",
"details": "From the maintainer:\n\nFor Apache MINA SSHD \u003c= 2.9.1, do not use org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to generate and later load your server\u0027s host key. Use separately generated host key files, for instance in OpenSSH format, and load them via a org.apache.sshd.common.keyprovider.FileKeyPairProvider instead. Or use a custom implementation instead of \nSimpleGeneratorHostKeyProvider that uses the OpenSSH format for storing and loading the host key (via classes OpenSSHKeyPairResourceWriter and OpenSSHKeyPairResourceParser).",
"product_ids": [
"RHPAM 7.13.4 async"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"RHPAM 7.13.4 async"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "mina-sshd: Java unsafe deserialization vulnerability"
},
{
"cve": "CVE-2023-0482",
"cwe": {
"id": "CWE-378",
"name": "Creation of Temporary File With Insecure Permissions"
},
"discovery_date": "2023-01-31T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2166004"
}
],
"notes": [
{
"category": "description",
"text": "In RESTEasy the insecure File.createTempFile() is used in the DataSourceProvider, FileProvider and Mime4JWorkaround classes which creates temp files with insecure permissions that could be read by a local user.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "RESTEasy: creation of insecure temp files",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHPAM 7.13.4 async"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-0482"
},
{
"category": "external",
"summary": "RHBZ#2166004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2166004"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-0482",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0482"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0482",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0482"
}
],
"release_date": "2023-01-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-09-05T18:37:03+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHPAM 7.13.4 async"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4983"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"RHPAM 7.13.4 async"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "RESTEasy: creation of insecure temp files"
},
{
"cve": "CVE-2023-20860",
"cwe": {
"id": "CWE-155",
"name": "Improper Neutralization of Wildcards or Matching Symbols"
},
"discovery_date": "2023-03-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2180528"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Spring Framework. In this vulnerability, a security bypass is possible due to the behavior of the wildcard pattern.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "springframework: Security Bypass With Un-Prefixed Double Wildcard Pattern",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHPAM 7.13.4 async"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-20860"
},
{
"category": "external",
"summary": "RHBZ#2180528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2180528"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-20860",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20860"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-20860",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-20860"
},
{
"category": "external",
"summary": "https://spring.io/blog/2023/03/20/spring-framework-6-0-7-and-5-3-26-fix-cve-2023-20860-and-cve-2023-20861",
"url": "https://spring.io/blog/2023/03/20/spring-framework-6-0-7-and-5-3-26-fix-cve-2023-20860-and-cve-2023-20861"
}
],
"release_date": "2023-03-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-09-05T18:37:03+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHPAM 7.13.4 async"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4983"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"RHPAM 7.13.4 async"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "springframework: Security Bypass With Un-Prefixed Double Wildcard Pattern"
},
{
"cve": "CVE-2023-20861",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2023-03-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2180530"
}
],
"notes": [
{
"category": "description",
"text": "A flaw found was found in Spring Framework. This flaw allows a malicious user to use a specially crafted SpEL expression that causes a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "springframework: Spring Expression DoS Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHPAM 7.13.4 async"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-20861"
},
{
"category": "external",
"summary": "RHBZ#2180530",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2180530"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-20861",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20861"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-20861",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-20861"
},
{
"category": "external",
"summary": "https://spring.io/blog/2023/03/20/spring-framework-6-0-7-and-5-3-26-fix-cve-2023-20860-and-cve-2023-20861",
"url": "https://spring.io/blog/2023/03/20/spring-framework-6-0-7-and-5-3-26-fix-cve-2023-20860-and-cve-2023-20861"
}
],
"release_date": "2023-03-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-09-05T18:37:03+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHPAM 7.13.4 async"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4983"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"RHPAM 7.13.4 async"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "springframework: Spring Expression DoS Vulnerability"
},
{
"cve": "CVE-2023-20883",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-05-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2209342"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Spring Boot, occurring prominently in Spring MVC with a reverse proxy cache. This issue requires Spring MVC to have auto-configuration enabled and the application to use Spring Boot\u0027s welcome page support, either static or templated, resulting in the application being deployed behind a proxy that caches 404 responses. This issue may cause a denial of service (DoS) attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "spring-boot: Spring Boot Welcome Page DoS Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHPAM 7.13.4 async"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-20883"
},
{
"category": "external",
"summary": "RHBZ#2209342",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2209342"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-20883",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20883"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-20883",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-20883"
}
],
"release_date": "2023-05-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-09-05T18:37:03+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHPAM 7.13.4 async"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4983"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHPAM 7.13.4 async"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "spring-boot: Spring Boot Welcome Page DoS Vulnerability"
},
{
"cve": "CVE-2023-24998",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2023-02-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2172298"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Commons FileUpload, where it does not limit the number of parts being processed in a request. This issue may allow an attacker to use a malicious upload or series of uploads to trigger a denial of service.\r\n\r\nWhile Red Hat Satellite relies upon Apache Tomcat, it does not directly ship it. Tomcat is shipped with Red Hat Enterprise Linux and consumed by the Candlepin component of Satellite. Red Hat Satellite users are therefore advised to check the impact state of Red Hat Enterprise Linux, since any necessary fixes will be distributed through the platform.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "FileUpload: FileUpload DoS with excessive parts",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHPAM 7.13.4 async"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-24998"
},
{
"category": "external",
"summary": "RHBZ#2172298",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2172298"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-24998",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24998"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-24998",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24998"
},
{
"category": "external",
"summary": "https://commons.apache.org/proper/commons-fileupload/security-reports.html#Fixed_in_Apache_Commons_FileUpload_1.5",
"url": "https://commons.apache.org/proper/commons-fileupload/security-reports.html#Fixed_in_Apache_Commons_FileUpload_1.5"
}
],
"release_date": "2023-02-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-09-05T18:37:03+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHPAM 7.13.4 async"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4983"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHPAM 7.13.4 async"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "FileUpload: FileUpload DoS with excessive parts"
}
]
}
RHSA-2023:2100
Vulnerability from csaf_redhat - Published: 2023-05-03 14:05 - Updated: 2026-04-01 18:45Summary
Red Hat Security Advisory: Red Hat Integration Camel for Spring Boot 3.20.1 security update
Severity
Important
Notes
Topic: Red Hat Integration Camel for Spring Boot 3.20.1 release and security update is now available.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: This release of Camel for Spring Boot 3.20.1 serves as a replacement for Camel for Spring Boot 3.18.3 and includes bug fixes and enhancements, which are documented in the Release Notes document linked in the References.
The purpose of this text-only errata is to inform you about the security issues fixed.
Security Fix(es):
* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)
* JXPath: untrusted XPath expressions may lead to RCE attack (CVE-2022-41852)
* hsqldb: Untrusted input may lead to RCE attack (CVE-2022-41853)
* xstream: Denial of Service by injecting recursive collections or maps based on element's hash values raising a stack overflow (CVE-2022-41966)
* springframework: Security Bypass With Un-Prefixed Double Wildcard Pattern (CVE-2023-20860)
* apache-commons-net: FTP client trusts the host from PASV response by default (CVE-2021-37533)
* undertow: Server identity in https connection is not checked by the undertow client (CVE-2022-4492)
* apache-spark: XSS vulnerability in log viewer UI Javascript (CVE-2022-31777)
* Apache Pulsar: Improper Hostname Verification in Java Client and Proxy can expose authentication data via MITM (CVE-2022-33681)
* apache-ivy: Directory Traversal (CVE-2022-37865)
* : Apache Ivy: Ivy Path traversal (CVE-2022-37866)
* batik: Server-Side Request Forgery (CVE-2022-38398)
* batik: Server-Side Request Forgery (CVE-2022-38648)
* snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode (CVE-2022-38749)
* snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject (CVE-2022-38750)
* snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match (CVE-2022-38751)
* snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode (CVE-2022-38752)
* scandium: Failing DTLS handshakes may cause throttling to block processing of records (CVE-2022-39368)
* batik: Server-Side Request Forgery (SSRF) vulnerability (CVE-2022-40146)
* xstream: Xstream to serialise XML data was vulnerable to Denial of Service attacks (CVE-2022-40151)
* woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks (CVE-2022-40152)
* xstream: Xstream to serialise XML data was vulnerable to Denial of Service attacks (CVE-2022-40156)
* batik: Apache XML Graphics Batik vulnerable to code execution via SVG (CVE-2022-41704)
* dev-java/snakeyaml: DoS via stack overflow (CVE-2022-41854)
* codec-haproxy: HAProxyMessageDecoder Stack Exhaustion DoS (CVE-2022-41881)
* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)
* jackson-databind: use of deeply nested arrays (CVE-2022-42004)
* batik: Untrusted code execution in Apache XML Graphics Batik (CVE-2022-42890)
* jettison: Uncontrolled Recursion in JSONArray (CVE-2023-1436)
* springframework: Spring Expression DoS Vulnerability (CVE-2023-20861)
* shiro: Authentication bypass through a specially crafted HTTP request (CVE-2023-22602)
* Apache Commons FileUpload: FileUpload DoS with excessive parts (CVE-2023-24998)
* jettison: memory exhaustion via user-supplied XML or JSON data (CVE-2022-40150)
* springframework: Spring Expression DoS Vulnerability (CVE-2023-20863)
* json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion) (CVE-2023-1370)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in Apache Commons Net's FTP, where the client trusts the host from PASV response by default. A malicious server could redirect the Commons Net code to use a different host, but the user has to connect to the malicious server in the first place. This issue could lead to leakage of information about services running on the private network of the client.
6.5 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2100
A flaw was found in undertow. The undertow client is not checking the server identity the server certificate presents in HTTPS connections. This is a compulsory step ( that should at least be performed by default) in HTTPS and in http/2.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2100
A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2100
A stored cross-site scripting (XSS) flaw was found in Apache Spark. This issue allows an attacker to execute arbitrary JavaScript in the web browser of a user, including a malicious payload into the logs which are returned in logs rendered in the UI.
5.4 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2100
A flaw was found in the Apache Pulsar Java Client. This flaw allows an attacker to use a Man-in-the-Middle (MITM) attack, manipulating network traffic and gaining the client's authentication data.
5.9 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2100
A flaw was found in Apache Ivy. With Apache Ivy 2.4.0, an optional packaging attribute was introduced that allows artifacts to be unpacked on the fly if pack200 or zip packaging was used. This issue could allow a malicious used to have unwanted access.
9.1 (Critical)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2100
A flaw was found in Apache Ivy. This may allow an attacker to place artifacts inside and outside of Ivy's repository and overwrite artifacts that the user will use later.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2100
Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to load a url thru the jar protocol. This issue affects Apache XML Graphics Batik 1.14.
5.3 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2100
Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to fetch external resources. This issue affects Apache XML Graphics Batik 1.14.
5.3 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2100
A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash, resulting in a denial of service.
6.5 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2100
A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.
5.5 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2100
A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.
6.5 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2100
A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.
6.5 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2100
A flaw was found in the Eclipse Californium Scandium package. This issue occurs when failing handshakes don't clean up counters for throttling, causing the threshold to be reached without being released again, resulting in a denial of service. An attacker could submit a high quantity of server requests, leaving the server unable to respond.
8.2 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2100
Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to access files using a Jar url. This issue affects Apache XML Graphics Batik 1.14.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2100
A vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. If the parser is running on user-supplied input, an attacker may supply content that causes the parser to crash, causing memory exhaustion. This effect may support a denial of service attack.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2100
A flaw was found in the XStream package. This flaw allows an attacker to cause a denial of service (DoS) in its target via XML serialization.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2100
A flaw was found in the FasterXML/woodstox package. This flaw allows an attacker to cause a denial of service (DoS) in its target via XML serialization. An attacker may benefit from the parser sending a malicious input that may cause a crash. This vulnerability is only relevant for users using the DTD parsing functionality.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2100
A flaw was found in the XStream package. This flaw allows an attacker to cause a denial of service (DoS) in its target via XML serialization.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2100
A flaw was found in Batik. This issue may allow a malicious user to run untrusted Java code from an SVG.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2100
A flaw was found in the Apache Commons JXPath package. This flaw allows an attacker to use the interpreter to execute untrusted expressions and a remote code attack.
9.8 (Critical)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2100
A flaw was found in the HSQLDB package. This flaw allows untrusted inputs to execute remote code due to any static method of any Java class in the classpath, resulting in code execution by default.
9.8 (Critical)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2100
Workaround
By default, the static methods of any class that is on the classpath are available for use and can compromise security in some systems. The optional Java system property, hsqldb.method_class_names, allows preventing access to classes other than java.lang.Math or specifying a semicolon-separated list of allowed classes. A property value that ends with .* is treated as a wild card and allows access to all class or method names formed by substitution of the * (asterisk).
In the example below, the property has been included as an argument to the Java command.
java -Dhsqldb.method_class_names="org.me.MyClass;org.you.YourClass;org.you.lib.*" [the rest of the command line]
The above example allows access to the methods in the two classes: org.me.MyClass and org.you.YourClass together with all the classes in the org.you.lib package. Note that if the property is not defined, no access control is performed at this level.
The user who creates a Java routine must have the relevant access privileges on the tables that are used inside the Java method.
Once the routine has been defined, the normal database access control applies to its user. The routine can be executed only by those users who have been granted EXECUTE privileges on it. Access to routines can be granted to users with GRANT EXECUTE or GRANT ALL. For example, GRANT EXECUTE ON myroutine TO PUBLIC.
In hsqldb 2.7.1, all classes by default are not accessible, except those in java.lang.Math and need to be manually enabled.
Those using Snakeyaml to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack overflow. This effect may support a denial of service attack.
6.5 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2100
A flaw was found in codec-haproxy from the Netty project. This flaw allows an attacker to build a malformed crafted message and cause infinite recursion, causing stack exhaustion and leading to a denial of service (DoS).
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2100
A flaw was found in the xstream package. This flaw allows an attacker to cause a denial of service by injecting recursive collections or maps, raising a stack overflow.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2100
A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2100
A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2100
A flaw was found in Batik of Apache XML Graphics. This issue may allow a malicious user to run Java code from untrusted SVG via JavaScript.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2100
A flaw was found in the json-smart package. This security flaw occurs when reaching a ‘[‘ or ‘{‘ character in the JSON input, and the code parses an array or an object, respectively. The 3PP does not have any limit to the nesting of such arrays or objects. Since nested arrays and objects are parsed recursively, nesting too many of them can cause stack exhaustion (stack overflow) and crash the software.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2100
A flaw was found in Jettison. Infinite recursion is triggered in Jettison when constructing a JSONArray from a Collection that contains a self-reference in one of its elements. This issue leads to a StackOverflowError exception being thrown.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2100
A flaw was found in Spring Framework. In this vulnerability, a security bypass is possible due to the behavior of the wildcard pattern.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2100
A flaw found was found in Spring Framework. This flaw allows a malicious user to use a specially crafted SpEL expression that causes a denial of service (DoS).
5.3 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2100
A flaw was found in Spring Framework. Certain versions of Spring Framework's Expression Language were not restricting the size of Spring Expressions. This could allow an attacker to craft a malicious Spring Expression to cause a denial of service on the server.
6.5 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2100
A flaw was found in Apache Shiro. This issue may allow a malicious user to send a specially crafted HTTP request that could cause an authentication bypass.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2100
A flaw was found in Apache Commons FileUpload, where it does not limit the number of parts being processed in a request. This issue may allow an attacker to use a malicious upload or series of uploads to trigger a denial of service. While Red Hat Satellite relies upon Apache Tomcat, it does not directly ship it. Tomcat is shipped with Red Hat Enterprise Linux and consumed by the Candlepin component of Satellite. Red Hat Satellite users are therefore advised to check the impact state of Red Hat Enterprise Linux, since any necessary fixes will be distributed through the platform.
6.5 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:2100
References
| URL | Category | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat Integration Camel for Spring Boot 3.20.1 release and security update is now available.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This release of Camel for Spring Boot 3.20.1 serves as a replacement for Camel for Spring Boot 3.18.3 and includes bug fixes and enhancements, which are documented in the Release Notes document linked in the References.\n\nThe purpose of this text-only errata is to inform you about the security issues fixed.\n\nSecurity Fix(es):\n\n* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)\n\n* JXPath: untrusted XPath expressions may lead to RCE attack (CVE-2022-41852)\n\n* hsqldb: Untrusted input may lead to RCE attack (CVE-2022-41853)\n\n* xstream: Denial of Service by injecting recursive collections or maps based on element\u0027s hash values raising a stack overflow (CVE-2022-41966)\n\n* springframework: Security Bypass With Un-Prefixed Double Wildcard Pattern (CVE-2023-20860)\n\n* apache-commons-net: FTP client trusts the host from PASV response by default (CVE-2021-37533)\n\n* undertow: Server identity in https connection is not checked by the undertow client (CVE-2022-4492)\n\n* apache-spark: XSS vulnerability in log viewer UI Javascript (CVE-2022-31777)\n\n* Apache Pulsar: Improper Hostname Verification in Java Client and Proxy can expose authentication data via MITM (CVE-2022-33681)\n\n* apache-ivy: Directory Traversal (CVE-2022-37865)\n\n* : Apache Ivy: Ivy Path traversal (CVE-2022-37866)\n\n* batik: Server-Side Request Forgery (CVE-2022-38398)\n\n* batik: Server-Side Request Forgery (CVE-2022-38648)\n\n* snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode (CVE-2022-38749)\n\n* snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject (CVE-2022-38750)\n\n* snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match (CVE-2022-38751)\n\n* snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode (CVE-2022-38752)\n\n* scandium: Failing DTLS handshakes may cause throttling to block processing of records (CVE-2022-39368)\n\n* batik: Server-Side Request Forgery (SSRF) vulnerability (CVE-2022-40146)\n\n* xstream: Xstream to serialise XML data was vulnerable to Denial of Service attacks (CVE-2022-40151)\n\n* woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks (CVE-2022-40152)\n\n* xstream: Xstream to serialise XML data was vulnerable to Denial of Service attacks (CVE-2022-40156)\n\n* batik: Apache XML Graphics Batik vulnerable to code execution via SVG (CVE-2022-41704)\n\n* dev-java/snakeyaml: DoS via stack overflow (CVE-2022-41854)\n\n* codec-haproxy: HAProxyMessageDecoder Stack Exhaustion DoS (CVE-2022-41881)\n\n* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)\n\n* jackson-databind: use of deeply nested arrays (CVE-2022-42004)\n\n* batik: Untrusted code execution in Apache XML Graphics Batik (CVE-2022-42890)\n\n* jettison: Uncontrolled Recursion in JSONArray (CVE-2023-1436)\n\n* springframework: Spring Expression DoS Vulnerability (CVE-2023-20861)\n\n* shiro: Authentication bypass through a specially crafted HTTP request (CVE-2023-22602)\n\n* Apache Commons FileUpload: FileUpload DoS with excessive parts (CVE-2023-24998)\n\n* jettison: memory exhaustion via user-supplied XML or JSON data (CVE-2022-40150)\n\n* springframework: Spring Expression DoS Vulnerability (CVE-2023-20863)\n\n* json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion) (CVE-2023-1370)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:2100",
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=red.hat.integration\u0026version=2023-Q2",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=red.hat.integration\u0026version=2023-Q2"
},
{
"category": "external",
"summary": "2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "2129706",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129706"
},
{
"category": "external",
"summary": "2129707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129707"
},
{
"category": "external",
"summary": "2129709",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129709"
},
{
"category": "external",
"summary": "2129710",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129710"
},
{
"category": "external",
"summary": "2134288",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134288"
},
{
"category": "external",
"summary": "2134291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134291"
},
{
"category": "external",
"summary": "2134292",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134292"
},
{
"category": "external",
"summary": "2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "2135770",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770"
},
{
"category": "external",
"summary": "2136128",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136128"
},
{
"category": "external",
"summary": "2136141",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136141"
},
{
"category": "external",
"summary": "2136207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136207"
},
{
"category": "external",
"summary": "2145205",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145205"
},
{
"category": "external",
"summary": "2145264",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145264"
},
{
"category": "external",
"summary": "2150011",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150011"
},
{
"category": "external",
"summary": "2151988",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2151988"
},
{
"category": "external",
"summary": "2153260",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153260"
},
{
"category": "external",
"summary": "2153379",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153379"
},
{
"category": "external",
"summary": "2155291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155291"
},
{
"category": "external",
"summary": "2155292",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155292"
},
{
"category": "external",
"summary": "2155295",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155295"
},
{
"category": "external",
"summary": "2169924",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2169924"
},
{
"category": "external",
"summary": "2170431",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170431"
},
{
"category": "external",
"summary": "2172298",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2172298"
},
{
"category": "external",
"summary": "2180528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2180528"
},
{
"category": "external",
"summary": "2180530",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2180530"
},
{
"category": "external",
"summary": "2182182",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182182"
},
{
"category": "external",
"summary": "2182183",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182183"
},
{
"category": "external",
"summary": "2182188",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182188"
},
{
"category": "external",
"summary": "2182198",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182198"
},
{
"category": "external",
"summary": "2182788",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182788"
},
{
"category": "external",
"summary": "2187742",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187742"
},
{
"category": "external",
"summary": "2188542",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2188542"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_2100.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Integration Camel for Spring Boot 3.20.1 security update",
"tracking": {
"current_release_date": "2026-04-01T18:45:42+00:00",
"generator": {
"date": "2026-04-01T18:45:42+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.4"
}
},
"id": "RHSA-2023:2100",
"initial_release_date": "2023-05-03T14:05:29+00:00",
"revision_history": [
{
"date": "2023-05-03T14:05:29+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-05-03T14:05:29+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-01T18:45:42+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHINT Camel-Springboot 3.20.1",
"product": {
"name": "RHINT Camel-Springboot 3.20.1",
"product_id": "RHINT Camel-Springboot 3.20.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:camel_spring_boot:3.20.1"
}
}
}
],
"category": "product_family",
"name": "Red Hat Integration"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-37533",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2023-02-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2169924"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Commons Net\u0027s FTP, where the client trusts the host from PASV response by default. A malicious server could redirect the Commons Net code to use a different host, but the user has to connect to the malicious server in the first place. This issue could lead to leakage of information about services running on the private network of the client.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-commons-net: FTP client trusts the host from PASV response by default",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-37533"
},
{
"category": "external",
"summary": "RHBZ#2169924",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2169924"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-37533",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37533"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-37533",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37533"
}
],
"release_date": "2023-02-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache-commons-net: FTP client trusts the host from PASV response by default"
},
{
"cve": "CVE-2022-4492",
"cwe": {
"id": "CWE-550",
"name": "Server-generated Error Message Containing Sensitive Information"
},
"discovery_date": "2022-12-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2153260"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in undertow. The undertow client is not checking the server identity the server certificate presents in HTTPS connections. This is a compulsory step ( that should at least be performed by default) in HTTPS and in http/2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: Server identity in https connection is not checked by the undertow client",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-4492"
},
{
"category": "external",
"summary": "RHBZ#2153260",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153260"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-4492",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4492"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-4492",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4492"
}
],
"release_date": "2022-12-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undertow: Server identity in https connection is not checked by the undertow client"
},
{
"cve": "CVE-2022-25857",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-09-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2126789"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Denial of Service due to missing nested depth limitation for collections",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For RHEL-8 it\u0027s downgraded to moderate because \"snakeyaml\" itself in RHEL 8 or RHEL-9 isn\u0027t shipped and \"prometheus-jmx-exporter\" is needed as build dependency. And it\u0027s not directly exploitable, hence severity marked as moderate.\nRed Hat Integration and AMQ products are not vulnerable to this flaw, so their severity has been lowered to moderate.\nRed Hat Single Sign-On uses snakeyaml from liquibase-core and is only used when performing migrations and would require administrator privileges to execute, hence severity marked as Low.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be present soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25857"
},
{
"category": "external",
"summary": "RHBZ#2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25857",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25857"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857"
},
{
"category": "external",
"summary": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525",
"url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525"
}
],
"release_date": "2022-08-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Denial of Service due to missing nested depth limitation for collections"
},
{
"cve": "CVE-2022-31777",
"cwe": {
"id": "CWE-74",
"name": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)"
},
"discovery_date": "2022-11-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2145264"
}
],
"notes": [
{
"category": "description",
"text": "A stored cross-site scripting (XSS) flaw was found in Apache Spark. This issue allows an attacker to execute arbitrary JavaScript in the web browser of a user, including a malicious payload into the logs which are returned in logs rendered in the UI.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-spark: XSS vulnerability in log viewer UI Javascript",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-31777"
},
{
"category": "external",
"summary": "RHBZ#2145264",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145264"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-31777",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31777"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-31777",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-31777"
}
],
"release_date": "2022-11-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache-spark: XSS vulnerability in log viewer UI Javascript"
},
{
"cve": "CVE-2022-33681",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2022-10-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2136207"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Pulsar Java Client. This flaw allows an attacker to use a Man-in-the-Middle (MITM) attack, manipulating network traffic and gaining the client\u0027s authentication data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Pulsar: Improper Hostname Verification in Java Client and Proxy can expose authentication data via MITM",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-33681"
},
{
"category": "external",
"summary": "RHBZ#2136207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136207"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-33681",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33681"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-33681",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-33681"
}
],
"release_date": "2022-09-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Pulsar: Improper Hostname Verification in Java Client and Proxy can expose authentication data via MITM"
},
{
"cve": "CVE-2022-37865",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2023-03-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2182188"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Ivy. With Apache Ivy 2.4.0, an optional packaging attribute was introduced that allows artifacts to be unpacked on the fly if pack200 or zip packaging was used. This issue could allow a malicious used to have unwanted access.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-ivy: Directory Traversal",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Although the CVSS states High according to NIST, due to the nature of this flaw, considering it\u0027s an optional attribute and there must be restrictions in other layers to prevent attacks, this flaw is taken as a Moderate following the Medium impact from Apache.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-37865"
},
{
"category": "external",
"summary": "RHBZ#2182188",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182188"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-37865",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37865"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-37865",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-37865"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/gqvvv7qsm2dfjg6xzsw1s2h08tbr0sdy",
"url": "https://lists.apache.org/thread/gqvvv7qsm2dfjg6xzsw1s2h08tbr0sdy"
}
],
"release_date": "2022-11-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache-ivy: Directory Traversal"
},
{
"cve": "CVE-2022-37866",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2022-12-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2150011"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Ivy. This may allow an attacker to place artifacts inside and outside of Ivy\u0027s repository and overwrite artifacts that the user will use later.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Ivy: Ivy Path traversal",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-37866"
},
{
"category": "external",
"summary": "RHBZ#2150011",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150011"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-37866",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37866"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-37866",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-37866"
}
],
"release_date": "2022-11-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Ivy: Ivy Path traversal"
},
{
"cve": "CVE-2022-38398",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2022-12-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155292"
}
],
"notes": [
{
"category": "description",
"text": "Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to load a url thru the jar protocol. This issue affects Apache XML Graphics Batik 1.14.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "batik: Server-Side Request Forgery",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38398"
},
{
"category": "external",
"summary": "RHBZ#2155292",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155292"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38398",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38398"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38398",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38398"
},
{
"category": "external",
"summary": "http://svn.apache.org/viewvc?view=revision\u0026revision=1903462",
"url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1903462"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/BATIK-1331",
"url": "https://issues.apache.org/jira/browse/BATIK-1331"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/712c9xwtmyghyokzrm2ml6sps4xlmbsx",
"url": "https://lists.apache.org/thread/712c9xwtmyghyokzrm2ml6sps4xlmbsx"
}
],
"release_date": "2022-09-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "batik: Server-Side Request Forgery"
},
{
"cve": "CVE-2022-38648",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2022-12-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155295"
}
],
"notes": [
{
"category": "description",
"text": "Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to fetch external resources. This issue affects Apache XML Graphics Batik 1.14.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "batik: Server-Side Request Forgery",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38648"
},
{
"category": "external",
"summary": "RHBZ#2155295",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155295"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38648",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38648"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38648",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38648"
},
{
"category": "external",
"summary": "http://svn.apache.org/viewvc?view=revision\u0026revision=1903625",
"url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1903625"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/BATIK-1333",
"url": "https://issues.apache.org/jira/browse/BATIK-1333"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/gfsktxvj7jtwyovmhhbrw0bs13wfjd7b",
"url": "https://lists.apache.org/thread/gfsktxvj7jtwyovmhhbrw0bs13wfjd7b"
}
],
"release_date": "2022-09-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "batik: Server-Side Request Forgery"
},
{
"cve": "CVE-2022-38749",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129706"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38749"
},
{
"category": "external",
"summary": "RHBZ#2129706",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129706"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38749",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38749"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38749",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38749"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode"
},
{
"cve": "CVE-2022-38750",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129707"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38750"
},
{
"category": "external",
"summary": "RHBZ#2129707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129707"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38750",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38750"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38750",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38750"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject"
},
{
"cve": "CVE-2022-38751",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129709"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38751"
},
{
"category": "external",
"summary": "RHBZ#2129709",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129709"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38751",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38751"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38751",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38751"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match"
},
{
"cve": "CVE-2022-38752",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129710"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38752"
},
{
"category": "external",
"summary": "RHBZ#2129710",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129710"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38752",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38752"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38752",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38752"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode"
},
{
"cve": "CVE-2022-39368",
"cwe": {
"id": "CWE-459",
"name": "Incomplete Cleanup"
},
"discovery_date": "2022-11-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2145205"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Eclipse Californium Scandium package. This issue occurs when failing handshakes don\u0027t clean up counters for throttling, causing the threshold to be reached without being released again, resulting in a denial of service. An attacker could submit a high quantity of server requests, leaving the server unable to respond.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "scandium: Failing DTLS handshakes may cause throttling to block processing of records",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-39368"
},
{
"category": "external",
"summary": "RHBZ#2145205",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145205"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-39368",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39368"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-39368",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-39368"
},
{
"category": "external",
"summary": "https://github.com/eclipse-californium/californium/security/advisories/GHSA-p72g-cgh9-ghjgc",
"url": "https://github.com/eclipse-californium/californium/security/advisories/GHSA-p72g-cgh9-ghjgc"
}
],
"release_date": "2022-11-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "scandium: Failing DTLS handshakes may cause throttling to block processing of records"
},
{
"cve": "CVE-2022-40146",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2022-12-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155291"
}
],
"notes": [
{
"category": "description",
"text": "Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to access files using a Jar url. This issue affects Apache XML Graphics Batik 1.14.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "batik: Server-Side Request Forgery (SSRF) vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40146"
},
{
"category": "external",
"summary": "RHBZ#2155291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155291"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40146",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40146"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40146",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40146"
},
{
"category": "external",
"summary": "http://svn.apache.org/viewvc?view=revision\u0026revision=1903910",
"url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1903910"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/BATIK-1335",
"url": "https://issues.apache.org/jira/browse/BATIK-1335"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/hxtddqjty2sbs12y97c8g7xfh17jzxsx",
"url": "https://lists.apache.org/thread/hxtddqjty2sbs12y97c8g7xfh17jzxsx"
}
],
"release_date": "2022-09-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "batik: Server-Side Request Forgery (SSRF) vulnerability"
},
{
"cve": "CVE-2022-40150",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-10-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135770"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. If the parser is running on user-supplied input, an attacker may supply content that causes the parser to crash, causing memory exhaustion. This effect may support a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: memory exhaustion via user-supplied XML or JSON data",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40150"
},
{
"category": "external",
"summary": "RHBZ#2135770",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40150",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40150"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150"
},
{
"category": "external",
"summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1",
"url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1"
}
],
"release_date": "2022-09-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jettison: memory exhaustion via user-supplied XML or JSON data"
},
{
"cve": "CVE-2022-40151",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-10-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2134292"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the XStream package. This flaw allows an attacker to cause a denial of service (DoS) in its target via XML serialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "xstream: Xstream to serialise XML data was vulnerable to Denial of Service attacks",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40151"
},
{
"category": "external",
"summary": "RHBZ#2134292",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134292"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40151",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40151"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40151",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40151"
}
],
"release_date": "2022-09-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "xstream: Xstream to serialise XML data was vulnerable to Denial of Service attacks"
},
{
"cve": "CVE-2022-40152",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-10-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2134291"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the FasterXML/woodstox package. This flaw allows an attacker to cause a denial of service (DoS) in its target via XML serialization. An attacker may benefit from the parser sending a malicious input that may cause a crash. This vulnerability is only relevant for users using the DTD parsing functionality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40152"
},
{
"category": "external",
"summary": "RHBZ#2134291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134291"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40152",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40152"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40152",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40152"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-3f7h-mf4q-vrm4",
"url": "https://github.com/advisories/GHSA-3f7h-mf4q-vrm4"
}
],
"release_date": "2022-09-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks"
},
{
"cve": "CVE-2022-40156",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-10-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2134288"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the XStream package. This flaw allows an attacker to cause a denial of service (DoS) in its target via XML serialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "xstream: Xstream to serialise XML data was vulnerable to Denial of Service attacks",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40156"
},
{
"category": "external",
"summary": "RHBZ#2134288",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134288"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40156",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40156"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40156",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40156"
}
],
"release_date": "2022-09-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "xstream: Xstream to serialise XML data was vulnerable to Denial of Service attacks"
},
{
"cve": "CVE-2022-41704",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2023-03-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2182182"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Batik.\u00a0This issue may allow a malicious user to run untrusted Java code from an SVG.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "batik: Apache XML Graphics Batik vulnerable to code execution via SVG",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41704"
},
{
"category": "external",
"summary": "RHBZ#2182182",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182182"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41704",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41704"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41704",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41704"
}
],
"release_date": "2022-10-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "batik: Apache XML Graphics Batik vulnerable to code execution via SVG"
},
{
"cve": "CVE-2022-41852",
"cwe": {
"id": "CWE-470",
"name": "Use of Externally-Controlled Input to Select Classes or Code (\u0027Unsafe Reflection\u0027)"
},
"discovery_date": "2022-10-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2136128"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Commons JXPath package. This flaw allows an attacker to use the interpreter to execute untrusted expressions and a remote code attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JXPath: untrusted XPath expressions may lead to RCE attack",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41852"
},
{
"category": "external",
"summary": "RHBZ#2136128",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136128"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41852",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41852"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41852",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41852"
}
],
"release_date": "2022-10-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "JXPath: untrusted XPath expressions may lead to RCE attack"
},
{
"cve": "CVE-2022-41853",
"cwe": {
"id": "CWE-470",
"name": "Use of Externally-Controlled Input to Select Classes or Code (\u0027Unsafe Reflection\u0027)"
},
"discovery_date": "2022-10-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2136141"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the HSQLDB package. This flaw allows untrusted inputs to execute remote code due to any static method of any Java class in the classpath, resulting in code execution by default.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hsqldb: Untrusted input may lead to RCE attack",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41853"
},
{
"category": "external",
"summary": "RHBZ#2136141",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136141"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41853",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41853"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41853",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41853"
},
{
"category": "external",
"summary": "http://hsqldb.org/doc/2.0/guide/sqlroutines-chapt.html#src_jrt_access_control",
"url": "http://hsqldb.org/doc/2.0/guide/sqlroutines-chapt.html#src_jrt_access_control"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-77xx-rxvh-q682",
"url": "https://github.com/advisories/GHSA-77xx-rxvh-q682"
}
],
"release_date": "2022-10-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
},
{
"category": "workaround",
"details": "By default, the static methods of any class that is on the classpath are available for use and can compromise security in some systems. The optional Java system property, hsqldb.method_class_names, allows preventing access to classes other than java.lang.Math or specifying a semicolon-separated list of allowed classes. A property value that ends with .* is treated as a wild card and allows access to all class or method names formed by substitution of the * (asterisk).\n\nIn the example below, the property has been included as an argument to the Java command.\n\n java -Dhsqldb.method_class_names=\"org.me.MyClass;org.you.YourClass;org.you.lib.*\" [the rest of the command line]\n\nThe above example allows access to the methods in the two classes: org.me.MyClass and org.you.YourClass together with all the classes in the org.you.lib package. Note that if the property is not defined, no access control is performed at this level.\n\nThe user who creates a Java routine must have the relevant access privileges on the tables that are used inside the Java method.\n\nOnce the routine has been defined, the normal database access control applies to its user. The routine can be executed only by those users who have been granted EXECUTE privileges on it. Access to routines can be granted to users with GRANT EXECUTE or GRANT ALL. For example, GRANT EXECUTE ON myroutine TO PUBLIC.\n\nIn hsqldb 2.7.1, all classes by default are not accessible, except those in java.lang.Math and need to be manually enabled.",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "hsqldb: Untrusted input may lead to RCE attack"
},
{
"cve": "CVE-2022-41854",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-12-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2151988"
}
],
"notes": [
{
"category": "description",
"text": "Those using Snakeyaml to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack overflow. This effect may support a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "dev-java/snakeyaml: DoS via stack overflow",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41854"
},
{
"category": "external",
"summary": "RHBZ#2151988",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2151988"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41854",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41854"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41854",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41854"
},
{
"category": "external",
"summary": "https://bitbucket.org/snakeyaml/snakeyaml/issues/543/stackoverflow-oss-fuzz-50355",
"url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/543/stackoverflow-oss-fuzz-50355"
},
{
"category": "external",
"summary": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50355",
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50355"
}
],
"release_date": "2022-11-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "dev-java/snakeyaml: DoS via stack overflow"
},
{
"cve": "CVE-2022-41881",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2022-12-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2153379"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in codec-haproxy from the Netty project. This flaw allows an attacker to build a malformed crafted message and cause infinite recursion, causing stack exhaustion and leading to a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "codec-haproxy: HAProxyMessageDecoder Stack Exhaustion DoS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41881"
},
{
"category": "external",
"summary": "RHBZ#2153379",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153379"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41881",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41881"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41881",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41881"
}
],
"release_date": "2022-12-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "codec-haproxy: HAProxyMessageDecoder Stack Exhaustion DoS"
},
{
"cve": "CVE-2022-41966",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2023-02-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2170431"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the xstream package. This flaw allows an attacker to cause a denial of service by injecting recursive collections or maps, raising a stack overflow.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "xstream: Denial of Service by injecting recursive collections or maps based on element\u0027s hash values raising a stack overflow",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Fuse 7 ships an affected version of XStream. No endpoint in any flavor of Fuse is accepting by default an unverified input stream passed directly to XStream unmarshaller. Documentation always recommend all the endpoints (TCP/UDP/HTTP(S)/other listeners) to have at least one layer of authentication/authorization and Fuse in general itself in particular has a lot of mechanisms to protect the endpoints.\n\nRed Hat Single Sign-On contains XStream as a transitive dependency from Infinispan and the same is not affected as NO_REFERENCE is in use.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41966"
},
{
"category": "external",
"summary": "RHBZ#2170431",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170431"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41966",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41966"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41966",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41966"
},
{
"category": "external",
"summary": "https://github.com/x-stream/xstream/security/advisories/GHSA-j563-grx4-pjpv",
"url": "https://github.com/x-stream/xstream/security/advisories/GHSA-j563-grx4-pjpv"
}
],
"release_date": "2022-12-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "xstream: Denial of Service by injecting recursive collections or maps based on element\u0027s hash values raising a stack overflow"
},
{
"cve": "CVE-2022-42003",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135244"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42003"
},
{
"category": "external",
"summary": "RHBZ#2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42003",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS"
},
{
"cve": "CVE-2022-42004",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135247"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: use of deeply nested arrays",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42004"
},
{
"category": "external",
"summary": "RHBZ#2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42004",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: use of deeply nested arrays"
},
{
"cve": "CVE-2022-42890",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2023-03-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2182183"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Batik of Apache XML Graphics. This issue may allow a malicious user to run Java code from untrusted SVG via JavaScript.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "batik: Untrusted code execution in Apache XML Graphics Batik",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42890"
},
{
"category": "external",
"summary": "RHBZ#2182183",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182183"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42890",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42890"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42890",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42890"
}
],
"release_date": "2022-10-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "batik: Untrusted code execution in Apache XML Graphics Batik"
},
{
"cve": "CVE-2023-1370",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2023-04-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2188542"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the json-smart package. This security flaw occurs when reaching a \u2018[\u2018 or \u2018{\u2018 character in the JSON input, and the code parses an array or an object, respectively. The 3PP does not have any limit to the nesting of such arrays or objects. Since nested arrays and objects are parsed recursively, nesting too many of them can cause stack exhaustion (stack overflow) and crash the software.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-1370"
},
{
"category": "external",
"summary": "RHBZ#2188542",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2188542"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-1370",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1370"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-1370",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1370"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-493p-pfq6-5258",
"url": "https://github.com/advisories/GHSA-493p-pfq6-5258"
},
{
"category": "external",
"summary": "https://research.jfrog.com/vulnerabilities/stack-exhaustion-in-json-smart-leads-to-denial-of-service-when-parsing-malformed-json-xray-427633/",
"url": "https://research.jfrog.com/vulnerabilities/stack-exhaustion-in-json-smart-leads-to-denial-of-service-when-parsing-malformed-json-xray-427633/"
}
],
"release_date": "2023-03-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion)"
},
{
"cve": "CVE-2023-1436",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2023-03-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2182788"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jettison. Infinite recursion is triggered in Jettison when constructing a JSONArray from a Collection that contains a self-reference in one of its elements. This issue leads to a StackOverflowError exception being thrown.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: Uncontrolled Recursion in JSONArray",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-1436"
},
{
"category": "external",
"summary": "RHBZ#2182788",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182788"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-1436",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1436"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-1436",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1436"
},
{
"category": "external",
"summary": "https://research.jfrog.com/vulnerabilities/jettison-json-array-dos-xray-427911/",
"url": "https://research.jfrog.com/vulnerabilities/jettison-json-array-dos-xray-427911/"
}
],
"release_date": "2023-03-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jettison: Uncontrolled Recursion in JSONArray"
},
{
"cve": "CVE-2023-20860",
"cwe": {
"id": "CWE-155",
"name": "Improper Neutralization of Wildcards or Matching Symbols"
},
"discovery_date": "2023-03-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2180528"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Spring Framework. In this vulnerability, a security bypass is possible due to the behavior of the wildcard pattern.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "springframework: Security Bypass With Un-Prefixed Double Wildcard Pattern",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-20860"
},
{
"category": "external",
"summary": "RHBZ#2180528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2180528"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-20860",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20860"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-20860",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-20860"
},
{
"category": "external",
"summary": "https://spring.io/blog/2023/03/20/spring-framework-6-0-7-and-5-3-26-fix-cve-2023-20860-and-cve-2023-20861",
"url": "https://spring.io/blog/2023/03/20/spring-framework-6-0-7-and-5-3-26-fix-cve-2023-20860-and-cve-2023-20861"
}
],
"release_date": "2023-03-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "springframework: Security Bypass With Un-Prefixed Double Wildcard Pattern"
},
{
"cve": "CVE-2023-20861",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2023-03-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2180530"
}
],
"notes": [
{
"category": "description",
"text": "A flaw found was found in Spring Framework. This flaw allows a malicious user to use a specially crafted SpEL expression that causes a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "springframework: Spring Expression DoS Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-20861"
},
{
"category": "external",
"summary": "RHBZ#2180530",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2180530"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-20861",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20861"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-20861",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-20861"
},
{
"category": "external",
"summary": "https://spring.io/blog/2023/03/20/spring-framework-6-0-7-and-5-3-26-fix-cve-2023-20860-and-cve-2023-20861",
"url": "https://spring.io/blog/2023/03/20/spring-framework-6-0-7-and-5-3-26-fix-cve-2023-20860-and-cve-2023-20861"
}
],
"release_date": "2023-03-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "springframework: Spring Expression DoS Vulnerability"
},
{
"cve": "CVE-2023-20863",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-04-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2187742"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Spring Framework. Certain versions of Spring Framework\u0027s Expression Language were not restricting the size of Spring Expressions. This could allow an attacker to craft a malicious Spring Expression to cause a denial of service on the server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "springframework: Spring Expression DoS Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-20863"
},
{
"category": "external",
"summary": "RHBZ#2187742",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187742"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-20863",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20863"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-20863",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-20863"
},
{
"category": "external",
"summary": "https://spring.io/security/cve-2023-20863",
"url": "https://spring.io/security/cve-2023-20863"
}
],
"release_date": "2023-04-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "springframework: Spring Expression DoS Vulnerability"
},
{
"cve": "CVE-2023-22602",
"cwe": {
"id": "CWE-436",
"name": "Interpretation Conflict"
},
"discovery_date": "2023-03-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2182198"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Shiro. This issue may allow a malicious user to send a specially crafted HTTP request that could cause an authentication bypass.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "shiro: Authentication bypass through a specially crafted HTTP request",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-22602"
},
{
"category": "external",
"summary": "RHBZ#2182198",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182198"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-22602",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22602"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-22602",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-22602"
}
],
"release_date": "2023-01-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "shiro: Authentication bypass through a specially crafted HTTP request"
},
{
"cve": "CVE-2023-24998",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2023-02-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2172298"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Commons FileUpload, where it does not limit the number of parts being processed in a request. This issue may allow an attacker to use a malicious upload or series of uploads to trigger a denial of service.\r\n\r\nWhile Red Hat Satellite relies upon Apache Tomcat, it does not directly ship it. Tomcat is shipped with Red Hat Enterprise Linux and consumed by the Candlepin component of Satellite. Red Hat Satellite users are therefore advised to check the impact state of Red Hat Enterprise Linux, since any necessary fixes will be distributed through the platform.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "FileUpload: FileUpload DoS with excessive parts",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-24998"
},
{
"category": "external",
"summary": "RHBZ#2172298",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2172298"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-24998",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24998"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-24998",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24998"
},
{
"category": "external",
"summary": "https://commons.apache.org/proper/commons-fileupload/security-reports.html#Fixed_in_Apache_Commons_FileUpload_1.5",
"url": "https://commons.apache.org/proper/commons-fileupload/security-reports.html#Fixed_in_Apache_Commons_FileUpload_1.5"
}
],
"release_date": "2023-02-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "FileUpload: FileUpload DoS with excessive parts"
}
]
}
RHSA-2022:6835
Vulnerability from csaf_redhat - Published: 2022-10-06 12:26 - Updated: 2026-04-01 18:38Summary
Red Hat Security Advisory: Service Registry (container images) release and security update [2.3.0.GA]
Severity
Important
Notes
Topic: An update to the images for Red Hat Integration Service Registry is now available from the Red Hat Container Catalog. The purpose of this text-only errata is to inform you about the security issues fixed in this release.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: This release of Red Hat Integration - Service registry 2.3.0.GA serves as a replacement for 2.0.3.GA, and includes the below security fixes.
Security Fix(es):
* cron-utils: template Injection leading to unauthenticated Remote Code Execution (CVE-2021-41269)
* prismjs: improperly escaped output allows a XSS (CVE-2022-23647)
* snakeyaml: Denial of Service due missing to nested depth limitation for collections (CVE-2022-25857)
* moment: inefficient parsing algorithm resulting in DoS (CVE-2022-31129)
* moment: inefficient parsing algorithm resulting in DoS (CVE-2022-31129)
* protobuf-java: potential DoS in the parsing procedure for binary data (CVE-2021-22569)
* quarkus: privilege escalation vulnerability with RestEasy Reactive scope leakage in Quarkus (CVE-2022-0981)
* quarkus-jdbc-postgresql-deployment: jdbc-postgresql: Unchecked Class Instantiation when providing Plugin Classes (CVE-2022-21724)
* netty-codec: SnappyFrameDecoder doesn't restrict chunk length and may buffer skippable chunks in an unnecessary way (CVE-2021-37137)
* netty-codec: Bzip2Decoder doesn't allow setting size restrictions for decompressed data (CVE-2021-37136)
* node-fetch: exposure of sensitive information to an unauthorized actor (CVE-2022-0235)
* follow-redirects: Exposure of Sensitive Information via Authorization Header leak (CVE-2022-0536)
* jdbc-postgresql: postgresql-jdbc: Arbitrary File Write Vulnerability (CVE-2022-26520)
* node-forge: Signature verification leniency in checking `digestAlgorithm` structure can lead to signature forgery (CVE-2022-24771)
* node-forge: Signature verification failing to check tailing garbage bytes can lead to signature forgery (CVE-2022-24772)
* node-forge: Signature verification leniency in checking `DigestInfo` structure (CVE-2022-24773)
* com.google.code.gson-gson: Deserialization of Untrusted Data in com.google.code.gson-gson (CVE-2022-25647)
* terser: insecure use of regular expressions leads to ReDoS (CVE-2022-25858)
* graphql-java: DoS by malicious query (CVE-2022-37734)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in protobuf-java. Google Protocol Buffer (protobuf-java) allows the interleaving of com.google.protobuf.UnknownFieldSet fields. By persuading a victim to open specially-crafted content, a remote attacker could cause a timeout in the ProtobufFuzzer function, resulting in a denial of service.
5.5 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2022:6835
A flaw was found in Netty's netty-codec due to size restrictions for decompressed data in the Bzip2Decoder. By sending a specially-crafted input, a remote attacker could cause a denial of service.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2022:6835
A flaw was found in the Netty's netty-codec due to unrestricted chunk lengths in the SnappyFrameDecoder. By sending a specially-crafted input, a remote attacker could cause excessive memory usage resulting in a denial of service.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2022:6835
A flaw was found in cron-utils. This flaw allows an attacker to perform unauthenticated Remote Code Execution (RCE) via Java Expression Language (EL) injection.
9.8 (Critical)
Vendor Fix
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2022:6835
A flaw was found in node-fetch. When following a redirect to a third-party domain, node-fetch was forwarding sensitive headers such as "Authorization," "WWW-Authenticate," and "Cookie" to potentially untrusted targets. This flaw leads to the exposure of sensitive information to an unauthorized actor.
6.1 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2022:6835
A flaw was found in the follow-redirects package. This flaw allows the exposure of sensitive information to an unauthorized actor due to the usage of insecure HTTP protocol. This issue happens with an Authorization header leak from the same hostname, https-http, and requires a Man-in-the-Middle (MITM) attack.
5.9 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2022:6835
A flaw was found in Quarkus. The state and potentially associated permissions can leak from one web request to another in RestEasy Reactive. This flaw allows a low-privileged user to perform operations on the database with a different set of privileges than intended.
7.6 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2022:6835
pgjdbc is the offical PostgreSQL JDBC Driver. A security hole was found in the jdbc driver for postgresql database while doing security research. The system using the postgresql library will be attacked when attacker control the jdbc url or properties. pgjdbc instantiates plugin instances based on class names provided via `authenticationPluginClassName`, `sslhostnameverifier`, `socketFactory`, `sslfactory`, `sslpasswordcallback` connection properties. However, the driver did not verify if the class implements the expected interface before instantiating the class. This can lead to code execution loaded via arbitrary classes. Users using plugins are advised to upgrade. There are no known workarounds for this issue.
7.0 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2022:6835
A Cross-site scripting attack was found in Prism. The command-line plugin did not properly escape its output. This issue leads to the input text being inserted into the Document Object Model (DOM) as HTML code, which can be exploited by an attacker.
6.1 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2022:6835
A flaw was found in the node-forge package. This signature verification leniency allows an attacker to forge a signature.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2022:6835
A flaw was found in the node-forge package. This signature verification leniency allows an attacker to forge a signature.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2022:6835
A flaw was found in the node-forge library when verifying the signature on the ASN.1 structure in RSA PKCS#1 v1.5. This flaw allows an attacker to obtain successful verification for invalid DigestInfo structure, affecting the integrity of the attacked resource.
5.3 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2022:6835
A flaw was found in gson, which is vulnerable to Deserialization of Untrusted Data via the writeReplace() method in internal classes. This issue may lead to availability attacks.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2022:6835
A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2022:6835
A vulnerability was found in the terser package. Affected versions of this package are vulnerable to Regular expression denial of service (ReDoS) attacks, affecting system availability.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2022:6835
A flaw was found in Postgres JDBC. This flaw allows an attacker to use a method to write arbitrary files through the connection properties settings. For example, an attacker can create an executable file under the server the application is running and make it a new part of the application or server.
9.8 (Critical)
Vendor Fix
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2022:6835
A flaw was found in the Moment.js package. Users who pass user-provided strings without sanity length checks to the moment constructor are vulnerable to regular expression denial of service (ReDoS) attacks.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2022:6835
A flaw was found in GraphQL Java. This flaw allows an attacker to use a malicious query in GraphQL to cause a denial of service due to inefficient lexer input validation.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2022:6835
References
| URL | Category | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Acknowledgments
Red Hat
Sanne Grinovero
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update to the images for Red Hat Integration Service Registry is now available from the Red Hat Container Catalog. The purpose of this text-only errata is to inform you about the security issues fixed in this release.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This release of Red Hat Integration - Service registry 2.3.0.GA serves as a replacement for 2.0.3.GA, and includes the below security fixes.\n\nSecurity Fix(es):\n\n* cron-utils: template Injection leading to unauthenticated Remote Code Execution (CVE-2021-41269)\n\n* prismjs: improperly escaped output allows a XSS (CVE-2022-23647)\n\n* snakeyaml: Denial of Service due missing to nested depth limitation for collections (CVE-2022-25857)\n\n* moment: inefficient parsing algorithm resulting in DoS (CVE-2022-31129)\n\n* moment: inefficient parsing algorithm resulting in DoS (CVE-2022-31129)\n\n* protobuf-java: potential DoS in the parsing procedure for binary data (CVE-2021-22569)\n\n* quarkus: privilege escalation vulnerability with RestEasy Reactive scope leakage in Quarkus (CVE-2022-0981)\n\n* quarkus-jdbc-postgresql-deployment: jdbc-postgresql: Unchecked Class Instantiation when providing Plugin Classes (CVE-2022-21724)\n\n* netty-codec: SnappyFrameDecoder doesn\u0027t restrict chunk length and may buffer skippable chunks in an unnecessary way (CVE-2021-37137)\n\n* netty-codec: Bzip2Decoder doesn\u0027t allow setting size restrictions for decompressed data (CVE-2021-37136)\n\n* node-fetch: exposure of sensitive information to an unauthorized actor (CVE-2022-0235)\n\n* follow-redirects: Exposure of Sensitive Information via Authorization Header leak (CVE-2022-0536)\n\n* jdbc-postgresql: postgresql-jdbc: Arbitrary File Write Vulnerability (CVE-2022-26520)\n\n* node-forge: Signature verification leniency in checking `digestAlgorithm` structure can lead to signature forgery (CVE-2022-24771)\n\n* node-forge: Signature verification failing to check tailing garbage bytes can lead to signature forgery (CVE-2022-24772)\n\n* node-forge: Signature verification leniency in checking `DigestInfo` structure (CVE-2022-24773)\n\n* com.google.code.gson-gson: Deserialization of Untrusted Data in com.google.code.gson-gson (CVE-2022-25647)\n\n* terser: insecure use of regular expressions leads to ReDoS (CVE-2022-25858)\n\n* graphql-java: DoS by malicious query (CVE-2022-37734)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:6835",
"url": "https://access.redhat.com/errata/RHSA-2022:6835"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2004133",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2004133"
},
{
"category": "external",
"summary": "2004135",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2004135"
},
{
"category": "external",
"summary": "2024632",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2024632"
},
{
"category": "external",
"summary": "2039903",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039903"
},
{
"category": "external",
"summary": "2044591",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044591"
},
{
"category": "external",
"summary": "2050863",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2050863"
},
{
"category": "external",
"summary": "2053259",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2053259"
},
{
"category": "external",
"summary": "2056643",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2056643"
},
{
"category": "external",
"summary": "2062520",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2062520"
},
{
"category": "external",
"summary": "2064007",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064007"
},
{
"category": "external",
"summary": "2067387",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2067387"
},
{
"category": "external",
"summary": "2067458",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2067458"
},
{
"category": "external",
"summary": "2067461",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2067461"
},
{
"category": "external",
"summary": "2080850",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2080850"
},
{
"category": "external",
"summary": "2105075",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105075"
},
{
"category": "external",
"summary": "2126277",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126277"
},
{
"category": "external",
"summary": "2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "2126809",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126809"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_6835.json"
}
],
"title": "Red Hat Security Advisory: Service Registry (container images) release and security update [2.3.0.GA]",
"tracking": {
"current_release_date": "2026-04-01T18:38:09+00:00",
"generator": {
"date": "2026-04-01T18:38:09+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.4"
}
},
"id": "RHSA-2022:6835",
"initial_release_date": "2022-10-06T12:26:20+00:00",
"revision_history": [
{
"date": "2022-10-06T12:26:20+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-10-06T12:26:20+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-01T18:38:09+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHINT Service Registry 2.3.0 GA",
"product": {
"name": "RHINT Service Registry 2.3.0 GA",
"product_id": "RHINT Service Registry 2.3.0 GA",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:service_registry:2.3"
}
}
}
],
"category": "product_family",
"name": "Red Hat Integration"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-22569",
"cwe": {
"id": "CWE-696",
"name": "Incorrect Behavior Order"
},
"discovery_date": "2022-01-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2039903"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in protobuf-java. Google Protocol Buffer (protobuf-java) allows the interleaving of com.google.protobuf.UnknownFieldSet fields. By persuading a victim to open specially-crafted content, a remote attacker could cause a timeout in the ProtobufFuzzer function, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "protobuf-java: potential DoS in the parsing procedure for binary data",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Service Registry 2.3.0 GA"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-22569"
},
{
"category": "external",
"summary": "RHBZ#2039903",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039903"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-22569",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22569"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-22569",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22569"
},
{
"category": "external",
"summary": "https://github.com/protocolbuffers/protobuf/commit/b3093dce58bc9d3042f085666d83c8ef1f51fe7b",
"url": "https://github.com/protocolbuffers/protobuf/commit/b3093dce58bc9d3042f085666d83c8ef1f51fe7b"
},
{
"category": "external",
"summary": "https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-wrvw-hg22-4m67",
"url": "https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-wrvw-hg22-4m67"
}
],
"release_date": "2022-01-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-06T12:26:20+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Service Registry 2.3.0 GA"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6835"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Service Registry 2.3.0 GA"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "protobuf-java: potential DoS in the parsing procedure for binary data"
},
{
"cve": "CVE-2021-37136",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-09-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2004133"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty\u0027s netty-codec due to size restrictions for decompressed data in the Bzip2Decoder. By sending a specially-crafted input, a remote attacker could cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-codec: Bzip2Decoder doesn\u0027t allow setting size restrictions for decompressed data",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In the OpenShift Container Platform (OCP), the Hive/Presto/Hadoop components that comprise the OCP Metering stack ship the vulnerable version of netty-codec package. Since the release of OCP 4.6, the Metering product has been deprecated [1], so the affected components are marked as wontfix. This may be fixed in the future.\n\nStarting in OCP 4.7, the elasticsearch component is shipping as a part of the OpenShift Logging product (openshift-logging/elasticsearch6-rhel8). The elasticsearch component delivered in OCP 4.6 is marked as `Out of support scope` because these versions are already under Maintenance Phase of the support.\n\n[1] https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html#ocp-4-6-metering-operator-deprecated",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Service Registry 2.3.0 GA"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-37136"
},
{
"category": "external",
"summary": "RHBZ#2004133",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2004133"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-37136",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37136"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-37136",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37136"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-grg4-wf29-r9vv",
"url": "https://github.com/netty/netty/security/advisories/GHSA-grg4-wf29-r9vv"
}
],
"release_date": "2021-09-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-06T12:26:20+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Service Registry 2.3.0 GA"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6835"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Service Registry 2.3.0 GA"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "netty-codec: Bzip2Decoder doesn\u0027t allow setting size restrictions for decompressed data"
},
{
"cve": "CVE-2021-37137",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-09-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2004135"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Netty\u0027s netty-codec due to unrestricted chunk lengths in the SnappyFrameDecoder. By sending a specially-crafted input, a remote attacker could cause excessive memory usage resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-codec: SnappyFrameDecoder doesn\u0027t restrict chunk length and may buffer skippable chunks in an unnecessary way",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In OpenShift Container Platform (OCP), the Hive/Presto/Hadoop components that comprise the OCP Metering stack, ship the vulnerable version of netty-codec package.\nSince the release of OCP 4.6, the Metering product has been deprecated [1], hence the affected components are marked as wontfix.\nThis may be fixed in the future.\n\nStarting in OCP 4.7, the elasticsearch component is shipping as a part of the OpenShift Logging product (openshift-logging/elasticsearch6-rhel8). The elasticsearch component delivered in OCP 4.6 is marked as `Out of support scope` because these versions are already under Maintenance Phase of the support.\n\n[1] https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html#ocp-4-6-metering-operator-deprecated",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Service Registry 2.3.0 GA"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-37137"
},
{
"category": "external",
"summary": "RHBZ#2004135",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2004135"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-37137",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37137"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-37137",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37137"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-grg4-wf29-r9vv",
"url": "https://github.com/netty/netty/security/advisories/GHSA-grg4-wf29-r9vv"
}
],
"release_date": "2021-09-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-06T12:26:20+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Service Registry 2.3.0 GA"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6835"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Service Registry 2.3.0 GA"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "netty-codec: SnappyFrameDecoder doesn\u0027t restrict chunk length and may buffer skippable chunks in an unnecessary way"
},
{
"cve": "CVE-2021-41269",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2021-11-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2024632"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in cron-utils. This flaw allows an attacker to perform unauthenticated Remote Code Execution (RCE) via Java Expression Language (EL) injection.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cron-utils: template Injection leading to unauthenticated Remote Code Execution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Only projects using the @Cron annotation to validate untrusted Cron expressions are affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Service Registry 2.3.0 GA"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-41269"
},
{
"category": "external",
"summary": "RHBZ#2024632",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2024632"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-41269",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41269"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-41269",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41269"
}
],
"release_date": "2021-11-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-06T12:26:20+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Service Registry 2.3.0 GA"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6835"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"RHINT Service Registry 2.3.0 GA"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "cron-utils: template Injection leading to unauthenticated Remote Code Execution"
},
{
"cve": "CVE-2022-0235",
"cwe": {
"id": "CWE-601",
"name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
},
"discovery_date": "2022-01-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2044591"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in node-fetch. When following a redirect to a third-party domain, node-fetch was forwarding sensitive headers such as \"Authorization,\" \"WWW-Authenticate,\" and \"Cookie\" to potentially untrusted targets. This flaw leads to the exposure of sensitive information to an unauthorized actor.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-fetch: exposure of sensitive information to an unauthorized actor",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is out of support scope for dotnet-5.0. For more information about Dotnet product support scope, please see https://access.redhat.com/support/policy/updates/net-core",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Service Registry 2.3.0 GA"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-0235"
},
{
"category": "external",
"summary": "RHBZ#2044591",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044591"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-0235",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0235"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-0235",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0235"
},
{
"category": "external",
"summary": "https://huntr.dev/bounties/d26ab655-38d6-48b3-be15-f9ad6b6ae6f7/",
"url": "https://huntr.dev/bounties/d26ab655-38d6-48b3-be15-f9ad6b6ae6f7/"
}
],
"release_date": "2022-01-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-06T12:26:20+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Service Registry 2.3.0 GA"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6835"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"RHINT Service Registry 2.3.0 GA"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "node-fetch: exposure of sensitive information to an unauthorized actor"
},
{
"cve": "CVE-2022-0536",
"cwe": {
"id": "CWE-319",
"name": "Cleartext Transmission of Sensitive Information"
},
"discovery_date": "2022-02-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2053259"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the follow-redirects package. This flaw allows the exposure of sensitive information to an unauthorized actor due to the usage of insecure HTTP protocol. This issue happens with an Authorization header leak from the same hostname, https-http, and requires a Man-in-the-Middle (MITM) attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "follow-redirects: Exposure of Sensitive Information via Authorization Header leak",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Service Registry 2.3.0 GA"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-0536"
},
{
"category": "external",
"summary": "RHBZ#2053259",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2053259"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-0536",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0536"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-0536",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0536"
}
],
"release_date": "2022-02-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-06T12:26:20+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Service Registry 2.3.0 GA"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6835"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"RHINT Service Registry 2.3.0 GA"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "follow-redirects: Exposure of Sensitive Information via Authorization Header leak"
},
{
"acknowledgments": [
{
"names": [
"Sanne Grinovero"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2022-0981",
"cwe": {
"id": "CWE-863",
"name": "Incorrect Authorization"
},
"discovery_date": "2022-02-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2062520"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Quarkus. The state and potentially associated permissions can leak from one web request to another in RestEasy Reactive. This flaw allows a low-privileged user to perform operations on the database with a different set of privileges than intended.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "quarkus: privilege escalation vulnerability with RestEasy Reactive scope leakage in Quarkus",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "CodeReady Studio is no longer supported and therefore this flaw will not be addressed in CodeReady Studio. Please see https://developers.redhat.com/articles/2022/04/18/announcement-red-hat-codeready-studio-reaches-end-life for more information.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Service Registry 2.3.0 GA"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-0981"
},
{
"category": "external",
"summary": "RHBZ#2062520",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2062520"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-0981",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0981"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-0981",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0981"
},
{
"category": "external",
"summary": "https://github.com/quarkusio/quarkus/issues/23269",
"url": "https://github.com/quarkusio/quarkus/issues/23269"
}
],
"release_date": "2022-02-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-06T12:26:20+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Service Registry 2.3.0 GA"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6835"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"RHINT Service Registry 2.3.0 GA"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "quarkus: privilege escalation vulnerability with RestEasy Reactive scope leakage in Quarkus"
},
{
"cve": "CVE-2022-21724",
"cwe": {
"id": "CWE-665",
"name": "Improper Initialization"
},
"discovery_date": "2022-02-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2050863"
}
],
"notes": [
{
"category": "description",
"text": "pgjdbc is the offical PostgreSQL JDBC Driver. A security hole was found in the jdbc driver for postgresql database while doing security research. The system using the postgresql library will be attacked when attacker control the jdbc url or properties. pgjdbc instantiates plugin instances based on class names provided via `authenticationPluginClassName`, `sslhostnameverifier`, `socketFactory`, `sslfactory`, `sslpasswordcallback` connection properties. However, the driver did not verify if the class implements the expected interface before instantiating the class. This can lead to code execution loaded via arbitrary classes. Users using plugins are advised to upgrade. There are no known workarounds for this issue.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jdbc-postgresql: Unchecked Class Instantiation when providing Plugin Classes",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "According to the patch upstream the scoring of this issue has been severely reduced and is no longer considered an RCE. Therefore, the flaw has been rated as having a security impact of Moderate, and is not currently planned to be addressed in future updates of Red Hat Enterprise Linux 6, 7 and 8.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Service Registry 2.3.0 GA"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-21724"
},
{
"category": "external",
"summary": "RHBZ#2050863",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2050863"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-21724",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21724"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-21724",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21724"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-v7wg-cpwc-24m4",
"url": "https://github.com/advisories/GHSA-v7wg-cpwc-24m4"
}
],
"release_date": "2022-02-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-06T12:26:20+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Service Registry 2.3.0 GA"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6835"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"RHINT Service Registry 2.3.0 GA"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jdbc-postgresql: Unchecked Class Instantiation when providing Plugin Classes"
},
{
"cve": "CVE-2022-23647",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2022-02-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2056643"
}
],
"notes": [
{
"category": "description",
"text": "A Cross-site scripting attack was found in Prism. The command-line plugin did not properly escape its output. This issue leads to the input text being inserted into the Document Object Model (DOM) as HTML code, which can be exploited by an attacker.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "prismjs: improperly escaped output allows a XSS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects Prism as shipped with all versions of Red Hat Ceph Storage, Red Hat Migration Toolkit for Virtualization, Red Hat OpenShift Container Platform, Red Hat OpenShift Service Mesh, Red Hat Advanced Cluster Security, and Red Hat Gluster Storage. However, this flaw is not known to be exploitable under any supported scenario, as websites that do not use the Command Line plugin are also not impacted. The above products do not use the Command Line plugin, thus, are marked not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Service Registry 2.3.0 GA"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-23647"
},
{
"category": "external",
"summary": "RHBZ#2056643",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2056643"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-23647",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23647"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23647",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23647"
},
{
"category": "external",
"summary": "https://github.com/PrismJS/prism/security/advisories/GHSA-3949-f494-cm99",
"url": "https://github.com/PrismJS/prism/security/advisories/GHSA-3949-f494-cm99"
}
],
"release_date": "2022-02-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-06T12:26:20+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Service Registry 2.3.0 GA"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6835"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"RHINT Service Registry 2.3.0 GA"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "prismjs: improperly escaped output allows a XSS"
},
{
"cve": "CVE-2022-24771",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"discovery_date": "2022-03-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2067387"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the node-forge package. This signature verification leniency allows an attacker to forge a signature.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: Signature verification leniency in checking `digestAlgorithm` structure can lead to signature forgery",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw affects the DigestAlgorithm structure.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Service Registry 2.3.0 GA"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-24771"
},
{
"category": "external",
"summary": "RHBZ#2067387",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2067387"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-24771",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24771"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24771",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24771"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-cfm4-qjh2-4765",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-cfm4-qjh2-4765"
}
],
"release_date": "2022-03-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-06T12:26:20+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Service Registry 2.3.0 GA"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6835"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"RHINT Service Registry 2.3.0 GA"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "node-forge: Signature verification leniency in checking `digestAlgorithm` structure can lead to signature forgery"
},
{
"cve": "CVE-2022-24772",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"discovery_date": "2022-03-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2067458"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the node-forge package. This signature verification leniency allows an attacker to forge a signature.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: Signature verification failing to check tailing garbage bytes can lead to signature forgery",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw affects the DigestInfo ASN.1 structure.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Service Registry 2.3.0 GA"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-24772"
},
{
"category": "external",
"summary": "RHBZ#2067458",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2067458"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-24772",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24772"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24772",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24772"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-x4jg-mjrx-434g",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-x4jg-mjrx-434g"
}
],
"release_date": "2022-03-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-06T12:26:20+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Service Registry 2.3.0 GA"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6835"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"RHINT Service Registry 2.3.0 GA"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "node-forge: Signature verification failing to check tailing garbage bytes can lead to signature forgery"
},
{
"cve": "CVE-2022-24773",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"discovery_date": "2022-03-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2067461"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the node-forge library when verifying the signature on the ASN.1 structure in RSA PKCS#1 v1.5. This flaw allows an attacker to obtain successful verification for invalid DigestInfo structure, affecting the integrity of the attacked resource.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: Signature verification leniency in checking `DigestInfo` structure",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Service Registry 2.3.0 GA"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-24773"
},
{
"category": "external",
"summary": "RHBZ#2067461",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2067461"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-24773",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24773"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24773",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24773"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-2r2c-g63r-vccr",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-2r2c-g63r-vccr"
}
],
"release_date": "2022-03-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-06T12:26:20+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Service Registry 2.3.0 GA"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6835"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"RHINT Service Registry 2.3.0 GA"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "node-forge: Signature verification leniency in checking `DigestInfo` structure"
},
{
"cve": "CVE-2022-25647",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-05-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2080850"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in gson, which is vulnerable to Deserialization of Untrusted Data via the writeReplace() method in internal classes. This issue may lead to availability attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "com.google.code.gson-gson: Deserialization of Untrusted Data in com.google.code.gson-gson",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Service Registry 2.3.0 GA"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25647"
},
{
"category": "external",
"summary": "RHBZ#2080850",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2080850"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25647",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25647"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25647",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25647"
}
],
"release_date": "2022-05-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-06T12:26:20+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Service Registry 2.3.0 GA"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6835"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Service Registry 2.3.0 GA"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "com.google.code.gson-gson: Deserialization of Untrusted Data in com.google.code.gson-gson"
},
{
"cve": "CVE-2022-25857",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-09-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2126789"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Denial of Service due to missing nested depth limitation for collections",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For RHEL-8 it\u0027s downgraded to moderate because \"snakeyaml\" itself in RHEL 8 or RHEL-9 isn\u0027t shipped and \"prometheus-jmx-exporter\" is needed as build dependency. And it\u0027s not directly exploitable, hence severity marked as moderate.\nRed Hat Integration and AMQ products are not vulnerable to this flaw, so their severity has been lowered to moderate.\nRed Hat Single Sign-On uses snakeyaml from liquibase-core and is only used when performing migrations and would require administrator privileges to execute, hence severity marked as Low.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be present soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Service Registry 2.3.0 GA"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25857"
},
{
"category": "external",
"summary": "RHBZ#2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25857",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25857"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857"
},
{
"category": "external",
"summary": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525",
"url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525"
}
],
"release_date": "2022-08-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-06T12:26:20+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Service Registry 2.3.0 GA"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6835"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Service Registry 2.3.0 GA"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "snakeyaml: Denial of Service due to missing nested depth limitation for collections"
},
{
"cve": "CVE-2022-25858",
"discovery_date": "2022-09-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2126277"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the terser package. Affected versions of this package are vulnerable to Regular expression denial of service (ReDoS) attacks, affecting system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "terser: insecure use of regular expressions leads to ReDoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For OpenShift Do (odo) product terser is shipped only for using in static page generators for upstream, thus this represents no security risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Service Registry 2.3.0 GA"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25858"
},
{
"category": "external",
"summary": "RHBZ#2126277",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126277"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25858",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25858"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25858",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25858"
}
],
"release_date": "2022-07-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-06T12:26:20+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Service Registry 2.3.0 GA"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6835"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Service Registry 2.3.0 GA"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "terser: insecure use of regular expressions leads to ReDoS"
},
{
"cve": "CVE-2022-26520",
"cwe": {
"id": "CWE-552",
"name": "Files or Directories Accessible to External Parties"
},
"discovery_date": "2022-03-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2064007"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Postgres JDBC. This flaw allows an attacker to use a method to write arbitrary files through the connection properties settings. For example, an attacker can create an executable file under the server the application is running and make it a new part of the application or server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "postgresql-jdbc: Arbitrary File Write Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat informs that although there\u0027s a difference from NVD CVSSv3 score there\u0027s a especial occasion in this CVE that maintain it as a moderate. The scenario for an attacker to get a benefit in this situation requires them to have access to modify a configuration file and write a file where it\u0027s needed. This require non-default configuration and also it\u0027s not expected to allow an untrusted user to perform this kind of setting.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Service Registry 2.3.0 GA"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-26520"
},
{
"category": "external",
"summary": "RHBZ#2064007",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064007"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-26520",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26520"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-26520",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-26520"
}
],
"release_date": "2022-02-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-06T12:26:20+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Service Registry 2.3.0 GA"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6835"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"RHINT Service Registry 2.3.0 GA"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "postgresql-jdbc: Arbitrary File Write Vulnerability"
},
{
"cve": "CVE-2022-31129",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-07-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2105075"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Moment.js package. Users who pass user-provided strings without sanity length checks to the moment constructor are vulnerable to regular expression denial of service (ReDoS) attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "moment: inefficient parsing algorithm resulting in DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Fuse provides the affected software but does not use the functionality and as such its impact has been downgraded to Low.\n\nRed Hat Advanced Cluster Management for Kubernetes (RHACM) ships a vulnerable version of the moment library. However, this affected functionality is restricted behind OAuth, reducing the impact to Moderate.\n\nRed Hat Satellite ships a vulnerable version of the moment library. However, this only affects a specific component (qpid-dispatch), reducing the impact to Moderate.\n\nRed Hat Ceph Storage (RHCS) ships a vulnerable version of the moment library, however, it is not directly used and is a transitive dependency from Angular. In addition, the impact would only be to the grafana browser, and not the underlying RHCS system, which reduces the impact to Moderate. \n\nRed Hat OpenShift Service Mesh (OSSM) ships a vulnerable version of the moment library, however, it is not directly used, and as such, the impact has been lowered to Moderate.\n\nRed Hat OpenShift distributed tracing ships a vulnerable version of the moment library, however, it is not directly used, and as such, the impact has been lowered to Moderate.\n\nIn Logging Subsystem for Red Hat OpenShift the vulnerable moment nodejs package is bundled in the ose-logging-kibana6 container as a transitive dependency, hence the direct impact is reduced to Moderate.\n\nIn OpenShift Container Platform 4 the vulnerabile moment package is a third party dependency, hence the direct impact is reduced to Moderate.\n\nIn Quay IO 3.10 and above, no version of affected momentjs is present.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Service Registry 2.3.0 GA"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-31129"
},
{
"category": "external",
"summary": "RHBZ#2105075",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105075"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-31129",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31129"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-31129",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-31129"
},
{
"category": "external",
"summary": "https://github.com/moment/moment/security/advisories/GHSA-wc69-rhjr-hc9g",
"url": "https://github.com/moment/moment/security/advisories/GHSA-wc69-rhjr-hc9g"
}
],
"release_date": "2022-07-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-06T12:26:20+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Service Registry 2.3.0 GA"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6835"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Service Registry 2.3.0 GA"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "moment: inefficient parsing algorithm resulting in DoS"
},
{
"cve": "CVE-2022-37734",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2022-09-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2126809"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GraphQL Java. This flaw allows an attacker to use a malicious query in GraphQL to cause a denial of service due to inefficient lexer input validation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "graphql-java: DoS by malicious query",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Service Registry 2.3.0 GA"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-37734"
},
{
"category": "external",
"summary": "RHBZ#2126809",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126809"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-37734",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37734"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-37734",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-37734"
}
],
"release_date": "2022-09-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-06T12:26:20+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Service Registry 2.3.0 GA"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6835"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Service Registry 2.3.0 GA"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "graphql-java: DoS by malicious query"
}
]
}
RHSA-2022_8876
Vulnerability from csaf_redhat - Published: 2022-12-07 08:19 - Updated: 2024-12-16 16:05Summary
Red Hat Security Advisory: Red Hat AMQ Broker 7.10.2 release and security update
Severity
Moderate
Notes
Topic: Red Hat AMQ Broker 7.10.2 is now available from the Red Hat Customer Portal.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: AMQ Broker is a high-performance messaging implementation based on ActiveMQ Artemis. It uses an asynchronous journal for fast message persistence, and supports multiple languages, protocols, and platforms.
This release of Red Hat AMQ Broker 7.10.2 includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.
Security Fix(es):
* (CVE-2022-25857) snakeyaml: Denial of Service due to missing nested depth limitation for collections
* (CVE-2022-42003) jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS
* (CVE-2022-42004) jackson-databind: use of deeply nested arrays
* (CVE-2022-42889) apache-commons-text: variable interpolation RCE
* (CVE-2022-38749) snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode
* (CVE-2022-38750) snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject
* (CVE-2022-38751) snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.
7.5 (High)
Vendor Fix
Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings.
The References section of this erratum contains a download link (you must log in to download the update).
https://access.redhat.com/errata/RHSA-2022:8876
A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash, resulting in a denial of service.
6.5 (Medium)
Vendor Fix
Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings.
The References section of this erratum contains a download link (you must log in to download the update).
https://access.redhat.com/errata/RHSA-2022:8876
A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.
5.5 (Medium)
Vendor Fix
Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings.
The References section of this erratum contains a download link (you must log in to download the update).
https://access.redhat.com/errata/RHSA-2022:8876
A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.
6.5 (Medium)
Vendor Fix
Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings.
The References section of this erratum contains a download link (you must log in to download the update).
https://access.redhat.com/errata/RHSA-2022:8876
A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.
7.5 (High)
Vendor Fix
Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings.
The References section of this erratum contains a download link (you must log in to download the update).
https://access.redhat.com/errata/RHSA-2022:8876
A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.
7.5 (High)
Vendor Fix
Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings.
The References section of this erratum contains a download link (you must log in to download the update).
https://access.redhat.com/errata/RHSA-2022:8876
A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code execution (RCE) and unintentional contact with untrusted remote servers.
9.8 (Critical)
Vendor Fix
Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings.
The References section of this erratum contains a download link (you must log in to download the update).
https://access.redhat.com/errata/RHSA-2022:8876
Workaround
This flaw may be avoided by ensuring that any external inputs used with the Commons-Text lookup methods are sanitized properly. Untrusted input should always be thoroughly sanitized before using in any potentially risky situations.
References
| URL | Category | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat AMQ Broker 7.10.2 is now available from the Red Hat Customer Portal.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "AMQ Broker is a high-performance messaging implementation based on ActiveMQ Artemis. It uses an asynchronous journal for fast message persistence, and supports multiple languages, protocols, and platforms.\n\nThis release of Red Hat AMQ Broker 7.10.2 includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.\n\nSecurity Fix(es):\n\n* (CVE-2022-25857) snakeyaml: Denial of Service due to missing nested depth limitation for collections\n* (CVE-2022-42003) jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS\n* (CVE-2022-42004) jackson-databind: use of deeply nested arrays\n* (CVE-2022-42889) apache-commons-text: variable interpolation RCE\n* (CVE-2022-38749) snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode\n* (CVE-2022-38750) snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject\n* (CVE-2022-38751) snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:8876",
"url": "https://access.redhat.com/errata/RHSA-2022:8876"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=jboss.amq.broker\u0026version=7.10.2",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=jboss.amq.broker\u0026version=7.10.2"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_amq_broker/7.10",
"url": "https://access.redhat.com/documentation/en-us/red_hat_amq_broker/7.10"
},
{
"category": "external",
"summary": "2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "2129706",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129706"
},
{
"category": "external",
"summary": "2129707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129707"
},
{
"category": "external",
"summary": "2129709",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129709"
},
{
"category": "external",
"summary": "2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "2135435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135435"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_8876.json"
}
],
"title": "Red Hat Security Advisory: Red Hat AMQ Broker 7.10.2 release and security update",
"tracking": {
"current_release_date": "2024-12-16T16:05:38+00:00",
"generator": {
"date": "2024-12-16T16:05:38+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2022:8876",
"initial_release_date": "2022-12-07T08:19:44+00:00",
"revision_history": [
{
"date": "2022-12-07T08:19:44+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-12-07T08:19:44+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-16T16:05:38+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat AMQ Broker 7",
"product": {
"name": "Red Hat AMQ Broker 7",
"product_id": "Red Hat AMQ Broker 7",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:amq_broker:7"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss AMQ"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-25857",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-09-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2126789"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Denial of Service due to missing nested depth limitation for collections",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For RHEL-8 it\u0027s downgraded to moderate because \"snakeyaml\" itself in RHEL 8 or RHEL-9 isn\u0027t shipped and \"prometheus-jmx-exporter\" is needed as build dependency. And it\u0027s not directly exploitable, hence severity marked as moderate.\nRed Hat Integration and AMQ products are not vulnerable to this flaw, so their severity has been lowered to moderate.\nRed Hat Single Sign-On uses snakeyaml from liquibase-core and is only used when performing migrations and would require administrator privileges to execute, hence severity marked as Low.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be present soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ Broker 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25857"
},
{
"category": "external",
"summary": "RHBZ#2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25857",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25857"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857"
},
{
"category": "external",
"summary": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525",
"url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525"
}
],
"release_date": "2022-08-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-12-07T08:19:44+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ Broker 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8876"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AMQ Broker 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Denial of Service due to missing nested depth limitation for collections"
},
{
"cve": "CVE-2022-38749",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129706"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ Broker 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38749"
},
{
"category": "external",
"summary": "RHBZ#2129706",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129706"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38749",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38749"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38749",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38749"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-12-07T08:19:44+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ Broker 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8876"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AMQ Broker 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode"
},
{
"cve": "CVE-2022-38750",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129707"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ Broker 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38750"
},
{
"category": "external",
"summary": "RHBZ#2129707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129707"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38750",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38750"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38750",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38750"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-12-07T08:19:44+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ Broker 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8876"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AMQ Broker 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject"
},
{
"cve": "CVE-2022-38751",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129709"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ Broker 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38751"
},
{
"category": "external",
"summary": "RHBZ#2129709",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129709"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38751",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38751"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38751",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38751"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-12-07T08:19:44+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ Broker 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8876"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AMQ Broker 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match"
},
{
"cve": "CVE-2022-42003",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135244"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ Broker 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42003"
},
{
"category": "external",
"summary": "RHBZ#2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42003",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-12-07T08:19:44+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ Broker 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8876"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AMQ Broker 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS"
},
{
"cve": "CVE-2022-42004",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135247"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: use of deeply nested arrays",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ Broker 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42004"
},
{
"category": "external",
"summary": "RHBZ#2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42004",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-12-07T08:19:44+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ Broker 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8876"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AMQ Broker 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: use of deeply nested arrays"
},
{
"cve": "CVE-2022-42889",
"cwe": {
"id": "CWE-1188",
"name": "Initialization of a Resource with an Insecure Default"
},
"discovery_date": "2022-10-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135435"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code execution (RCE) and unintentional contact with untrusted remote servers.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-commons-text: variable interpolation RCE",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In order to carry successful exploitation of this vulnerability, the following conditions must be in place on the affected target:\n - Usage of specific methods that interpolate the variables as described in the flaw\n - Usage of external input for those methods\n - Usage of that external input has to be unsanitized/no \"allow list\"/etc.\n\nThe following products have *Low* impact because they have maven references to the affected package but do not ship it nor use the code:\n- Red Hat EAP Expansion Pack (EAP-XP)\n- Red Hat Camel-K\n- Red Hat Camel-Quarkus\n\nRed Hat Satellite ships Candlepin that embeds Apache Commons Text, however, it is not vulnerable to the flaw since the library has not been exposed in the product code. In Candlepin, the Commons Text is being pulled for the Liquibase and ActiveMQ Artemis libraries as a dependency. Red Hat Product Security has evaluated and rated the impact of the flaw as Low for Satellite since there was no harm identified to the confidentiality, integrity, or availability of systems.\n\n- The OCP has a *Moderate* impact because the affected library is a third-party library in the OCP jenkins-2-plugin component which reduces the possibilities of successful exploitation.\n- The OCP-4.8 is affected by this CVE and is in an extended life phase. For versions of products in the Extended Life Phase, Red Hat will provide limited ongoing technical support. No bug fixes, security fixes, hardware enablement or root-cause analysis will be available during this phase, and support will be provided on existing installations only.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ Broker 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42889"
},
{
"category": "external",
"summary": "RHBZ#2135435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135435"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42889",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42889"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42889",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42889"
},
{
"category": "external",
"summary": "https://blogs.apache.org/security/entry/cve-2022-42889",
"url": "https://blogs.apache.org/security/entry/cve-2022-42889"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om",
"url": "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om"
},
{
"category": "external",
"summary": "https://seclists.org/oss-sec/2022/q4/22",
"url": "https://seclists.org/oss-sec/2022/q4/22"
}
],
"release_date": "2022-10-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-12-07T08:19:44+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ Broker 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8876"
},
{
"category": "workaround",
"details": "This flaw may be avoided by ensuring that any external inputs used with the Commons-Text lookup methods are sanitized properly. Untrusted input should always be thoroughly sanitized before using in any potentially risky situations.",
"product_ids": [
"Red Hat AMQ Broker 7"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AMQ Broker 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache-commons-text: variable interpolation RCE"
}
]
}
RHSA-2024:0776
Vulnerability from csaf_redhat - Published: 2024-02-12 10:26 - Updated: 2026-04-01 19:03Summary
Red Hat Security Advisory: jenkins and jenkins-2-plugins security update
Severity
Important
Notes
Topic: An update for jenkins and jenkins-2-plugins is now available for OpenShift Developer Tools and Services for OCP 4.13.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron.
Security Fix(es):
* apache-commons-text: variable interpolation RCE (CVE-2022-42889)
* maven: Block repositories using http by default (CVE-2021-26291)
* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)
* maven-shared-utils: Command injection via Commandline class (CVE-2022-29599)
* jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin (CVE-2023-24422)
* Jenkins: Session fixation vulnerability in OpenShift Login Plugin (CVE-2023-37946)
* jenkins: Arbitrary file read vulnerability through the CLI can lead to RCE (CVE-2024-23897)
* jenkins: cross-site WebSocket hijacking (CVE-2024-23898)
* jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin (CVE-2023-25761)
* jenkins-2-plugins/pipeline-build-step: Stored XSS vulnerability in Pipeline: Build Step Plugin (CVE-2023-25762)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in maven. Repositories that are defined in a dependency’s Project Object Model (pom), which may be unknown to users, are used by default resulting in potential risk if a malicious actor takes over that repository or is able to insert themselves into a position to pretend to be that repository. The highest threat from this vulnerability is to data confidentiality and integrity.
7.4 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0776
Workaround
To avoid possible man-in-the-middle related attacks with this flaw, ensure any linked repositories in maven POMs use https and not http.
A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.
7.5 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0776
A flaw was found in the maven-shared-utils package. This issue allows a Command Injection due to improper escaping, allowing a shell injection attack.
9.8 (Critical)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0776
A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code execution (RCE) and unintentional contact with untrusted remote servers.
9.8 (Critical)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0776
Workaround
This flaw may be avoided by ensuring that any external inputs used with the Commons-Text lookup methods are sanitized properly. Untrusted input should always be thoroughly sanitized before using in any potentially risky situations.
A flaw was found in the script-security Jenkins Plugin. In affected versions of the script-security plugin, property assignments performed implicitly by the Groovy language runtime when invoking map constructors were not intercepted by the sandbox. This vulnerability allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM.
8.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0776
A flaw was found in the Jenkins JUnit plugin. The affected versions of the JUnit Plugin do not escape test case class names in JavaScript expressions, resulting in a stored cross-site scripting (XSS) vulnerability. This may allow an attacker to control test case class names in the JUnit resources processed by the plugin.
5.4 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0776
A flaw was found in the Jenkins pipeline-build-step plugin. Affected versions of the pipeline-build-step plugin do not escape job names in a JavaScript expression used in the Pipeline Snippet Generator. This can result in a stored cross-site scripting (XSS) vulnerability that may allow attackers to control job names.
5.4 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0776
A flaw was found in the Jenkins OpenShift Login Plugin. Affected versions of this plugin could allow a remote attacker to bypass security restrictions caused by not invalidating the existing session on login. By persuading a victim to visit a specially crafted Web site, an attacker can gain administrator access to Jenkins.
8.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0776
A flaw was found in Jenkins, which uses the args4j library to parse command arguments and options on the Jenkins controller when processing CLI commands. This command parser has a feature that replaces the "@" character followed by a file path in an argument with the file’s contents (expandAtFiles). This feature is enabled by default; Jenkins 2.441 and earlier as well as LTS 2.426.2 and earlier do not disable it.
9.8 (Critical)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0776
Workaround
Disabling access to the CLI is expected to prevent exploitation completely. Doing so is strongly recommended to administrators unable to immediately update to Jenkins 2.442, LTS 2.426.3 or LTS 2.440.1. Applying this workaround does not require a Jenkins restart.
A flaw was found in Jenkins where websocket access to the CLI does not perform origin validation of requests when they are made through the websocket endpoint.
8.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0776
References
| URL | Category | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for jenkins and jenkins-2-plugins is now available for OpenShift Developer Tools and Services for OCP 4.13.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron.\n\nSecurity Fix(es):\n\n* apache-commons-text: variable interpolation RCE (CVE-2022-42889)\n\n* maven: Block repositories using http by default (CVE-2021-26291)\n\n* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)\n\n* maven-shared-utils: Command injection via Commandline class (CVE-2022-29599)\n\n* jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin (CVE-2023-24422)\n\n* Jenkins: Session fixation vulnerability in OpenShift Login Plugin (CVE-2023-37946)\n\n* jenkins: Arbitrary file read vulnerability through the CLI can lead to RCE (CVE-2024-23897)\n\n* jenkins: cross-site WebSocket hijacking (CVE-2024-23898)\n\n* jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin (CVE-2023-25761)\n\n* jenkins-2-plugins/pipeline-build-step: Stored XSS vulnerability in Pipeline: Build Step Plugin (CVE-2023-25762)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:0776",
"url": "https://access.redhat.com/errata/RHSA-2024:0776"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1955739",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1955739"
},
{
"category": "external",
"summary": "2066479",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066479"
},
{
"category": "external",
"summary": "2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "2135435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135435"
},
{
"category": "external",
"summary": "2164278",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164278"
},
{
"category": "external",
"summary": "2170039",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170039"
},
{
"category": "external",
"summary": "2170041",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170041"
},
{
"category": "external",
"summary": "2222709",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222709"
},
{
"category": "external",
"summary": "2260180",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2260180"
},
{
"category": "external",
"summary": "2260182",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2260182"
},
{
"category": "external",
"summary": "JKNS-271",
"url": "https://issues.redhat.com/browse/JKNS-271"
},
{
"category": "external",
"summary": "JKNS-289",
"url": "https://issues.redhat.com/browse/JKNS-289"
},
{
"category": "external",
"summary": "OCPBUGS-10934",
"url": "https://issues.redhat.com/browse/OCPBUGS-10934"
},
{
"category": "external",
"summary": "OCPBUGS-11158",
"url": "https://issues.redhat.com/browse/OCPBUGS-11158"
},
{
"category": "external",
"summary": "OCPBUGS-11329",
"url": "https://issues.redhat.com/browse/OCPBUGS-11329"
},
{
"category": "external",
"summary": "OCPBUGS-11446",
"url": "https://issues.redhat.com/browse/OCPBUGS-11446"
},
{
"category": "external",
"summary": "OCPBUGS-11452",
"url": "https://issues.redhat.com/browse/OCPBUGS-11452"
},
{
"category": "external",
"summary": "OCPBUGS-1357",
"url": "https://issues.redhat.com/browse/OCPBUGS-1357"
},
{
"category": "external",
"summary": "OCPBUGS-13651",
"url": "https://issues.redhat.com/browse/OCPBUGS-13651"
},
{
"category": "external",
"summary": "OCPBUGS-13870",
"url": "https://issues.redhat.com/browse/OCPBUGS-13870"
},
{
"category": "external",
"summary": "OCPBUGS-14112",
"url": "https://issues.redhat.com/browse/OCPBUGS-14112"
},
{
"category": "external",
"summary": "OCPBUGS-14311",
"url": "https://issues.redhat.com/browse/OCPBUGS-14311"
},
{
"category": "external",
"summary": "OCPBUGS-14634",
"url": "https://issues.redhat.com/browse/OCPBUGS-14634"
},
{
"category": "external",
"summary": "OCPBUGS-15647",
"url": "https://issues.redhat.com/browse/OCPBUGS-15647"
},
{
"category": "external",
"summary": "OCPBUGS-15986",
"url": "https://issues.redhat.com/browse/OCPBUGS-15986"
},
{
"category": "external",
"summary": "OCPBUGS-1709",
"url": "https://issues.redhat.com/browse/OCPBUGS-1709"
},
{
"category": "external",
"summary": "OCPBUGS-1942",
"url": "https://issues.redhat.com/browse/OCPBUGS-1942"
},
{
"category": "external",
"summary": "OCPBUGS-2099",
"url": "https://issues.redhat.com/browse/OCPBUGS-2099"
},
{
"category": "external",
"summary": "OCPBUGS-2184",
"url": "https://issues.redhat.com/browse/OCPBUGS-2184"
},
{
"category": "external",
"summary": "OCPBUGS-2318",
"url": "https://issues.redhat.com/browse/OCPBUGS-2318"
},
{
"category": "external",
"summary": "OCPBUGS-27389",
"url": "https://issues.redhat.com/browse/OCPBUGS-27389"
},
{
"category": "external",
"summary": "OCPBUGS-655",
"url": "https://issues.redhat.com/browse/OCPBUGS-655"
},
{
"category": "external",
"summary": "OCPBUGS-6579",
"url": "https://issues.redhat.com/browse/OCPBUGS-6579"
},
{
"category": "external",
"summary": "OCPBUGS-6870",
"url": "https://issues.redhat.com/browse/OCPBUGS-6870"
},
{
"category": "external",
"summary": "OCPBUGS-710",
"url": "https://issues.redhat.com/browse/OCPBUGS-710"
},
{
"category": "external",
"summary": "OCPBUGS-8377",
"url": "https://issues.redhat.com/browse/OCPBUGS-8377"
},
{
"category": "external",
"summary": "OCPBUGS-8442",
"url": "https://issues.redhat.com/browse/OCPBUGS-8442"
},
{
"category": "external",
"summary": "OCPTOOLS-245",
"url": "https://issues.redhat.com/browse/OCPTOOLS-245"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_0776.json"
}
],
"title": "Red Hat Security Advisory: jenkins and jenkins-2-plugins security update",
"tracking": {
"current_release_date": "2026-04-01T19:03:41+00:00",
"generator": {
"date": "2026-04-01T19:03:41+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.4"
}
},
"id": "RHSA-2024:0776",
"initial_release_date": "2024-02-12T10:26:48+00:00",
"revision_history": [
{
"date": "2024-02-12T10:26:48+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-02-12T10:26:48+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-01T19:03:41+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenShift Developer Tools and Services for OCP 4.13",
"product": {
"name": "OpenShift Developer Tools and Services for OCP 4.13",
"product_id": "8Base-OCP-Tools-4.13",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ocp_tools:4.13::el8"
}
}
}
],
"category": "product_family",
"name": "OpenShift Jenkins"
},
{
"branches": [
{
"category": "product_version",
"name": "jenkins-0:2.426.3.1706516254-3.el8.src",
"product": {
"name": "jenkins-0:2.426.3.1706516254-3.el8.src",
"product_id": "jenkins-0:2.426.3.1706516254-3.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins@2.426.3.1706516254-3.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "jenkins-2-plugins-0:4.13.1706516346-1.el8.src",
"product": {
"name": "jenkins-2-plugins-0:4.13.1706516346-1.el8.src",
"product_id": "jenkins-2-plugins-0:4.13.1706516346-1.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins-2-plugins@4.13.1706516346-1.el8?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "jenkins-0:2.426.3.1706516254-3.el8.noarch",
"product": {
"name": "jenkins-0:2.426.3.1706516254-3.el8.noarch",
"product_id": "jenkins-0:2.426.3.1706516254-3.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins@2.426.3.1706516254-3.el8?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch",
"product": {
"name": "jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch",
"product_id": "jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins-2-plugins@4.13.1706516346-1.el8?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-0:2.426.3.1706516254-3.el8.noarch as a component of OpenShift Developer Tools and Services for OCP 4.13",
"product_id": "8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.noarch"
},
"product_reference": "jenkins-0:2.426.3.1706516254-3.el8.noarch",
"relates_to_product_reference": "8Base-OCP-Tools-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-0:2.426.3.1706516254-3.el8.src as a component of OpenShift Developer Tools and Services for OCP 4.13",
"product_id": "8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.src"
},
"product_reference": "jenkins-0:2.426.3.1706516254-3.el8.src",
"relates_to_product_reference": "8Base-OCP-Tools-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch as a component of OpenShift Developer Tools and Services for OCP 4.13",
"product_id": "8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch"
},
"product_reference": "jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch",
"relates_to_product_reference": "8Base-OCP-Tools-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-2-plugins-0:4.13.1706516346-1.el8.src as a component of OpenShift Developer Tools and Services for OCP 4.13",
"product_id": "8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.src"
},
"product_reference": "jenkins-2-plugins-0:4.13.1706516346-1.el8.src",
"relates_to_product_reference": "8Base-OCP-Tools-4.13"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-26291",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-04-23T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1955739"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in maven. Repositories that are defined in a dependency\u2019s Project Object Model (pom), which may be unknown to users, are used by default resulting in potential risk if a malicious actor takes over that repository or is able to insert themselves into a position to pretend to be that repository. The highest threat from this vulnerability is to data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "maven: Block repositories using http by default",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-26291"
},
{
"category": "external",
"summary": "RHBZ#1955739",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1955739"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-26291",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26291"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-26291",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-26291"
},
{
"category": "external",
"summary": "https://maven.apache.org/docs/3.8.1/release-notes.html#cve-2021-26291",
"url": "https://maven.apache.org/docs/3.8.1/release-notes.html#cve-2021-26291"
}
],
"release_date": "2021-04-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:26:48+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0776"
},
{
"category": "workaround",
"details": "To avoid possible man-in-the-middle related attacks with this flaw, ensure any linked repositories in maven POMs use https and not http.",
"product_ids": [
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.src",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.src",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "maven: Block repositories using http by default"
},
{
"cve": "CVE-2022-25857",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-09-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2126789"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Denial of Service due to missing nested depth limitation for collections",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For RHEL-8 it\u0027s downgraded to moderate because \"snakeyaml\" itself in RHEL 8 or RHEL-9 isn\u0027t shipped and \"prometheus-jmx-exporter\" is needed as build dependency. And it\u0027s not directly exploitable, hence severity marked as moderate.\nRed Hat Integration and AMQ products are not vulnerable to this flaw, so their severity has been lowered to moderate.\nRed Hat Single Sign-On uses snakeyaml from liquibase-core and is only used when performing migrations and would require administrator privileges to execute, hence severity marked as Low.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be present soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25857"
},
{
"category": "external",
"summary": "RHBZ#2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25857",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25857"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857"
},
{
"category": "external",
"summary": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525",
"url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525"
}
],
"release_date": "2022-08-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:26:48+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0776"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.src",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "snakeyaml: Denial of Service due to missing nested depth limitation for collections"
},
{
"cve": "CVE-2022-29599",
"cwe": {
"id": "CWE-77",
"name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
},
"discovery_date": "2022-03-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2066479"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the maven-shared-utils package. This issue allows a Command Injection due to improper escaping, allowing a shell injection attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "maven-shared-utils: Command injection via Commandline class",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite ships Candlepin component, which uses the Tomcatjss module from the RHEL AppStream repository. In turn, Tomcatjss relies on Maven, which itself depends on affected Apache Maven Shared Utils. Due to the fact that Satellite does not directly use Apache Maven Shared Utils, or expose it in its code, it is considered not affected by the flaw. Satellite customers can resolve the security warning by updating to the fixed Apache Maven Shared Utils through the updated Maven module, which is available in the RHEL 8 AppStream repository. It\u0027s worth noting that this solution applies solely to RHEL 8, which supports modules exclusively, and it is not applicable to earlier versions including RHEL 7.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-29599"
},
{
"category": "external",
"summary": "RHBZ#2066479",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066479"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-29599",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29599"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-29599",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-29599"
}
],
"release_date": "2020-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:26:48+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0776"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.src",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "maven-shared-utils: Command injection via Commandline class"
},
{
"cve": "CVE-2022-42889",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2022-10-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135435"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code execution (RCE) and unintentional contact with untrusted remote servers.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-commons-text: variable interpolation RCE",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In order to carry successful exploitation of this vulnerability, the following conditions must be in place on the affected target:\n - Usage of specific methods that interpolate the variables as described in the flaw\n - Usage of external input for those methods\n - Usage of that external input has to be unsanitized/no \"allow list\"/etc.\n\nThe following products have *Low* impact because they have maven references to the affected package but do not ship it nor use the code:\n- Red Hat EAP Expansion Pack (EAP-XP)\n- Red Hat Camel-K\n- Red Hat Camel-Quarkus\n\nRed Hat Satellite ships Candlepin that embeds Apache Commons Text, however, it is not vulnerable to the flaw since the library has not been exposed in the product code. In Candlepin, the Commons Text is being pulled for the Liquibase and ActiveMQ Artemis libraries as a dependency. Red Hat Product Security has evaluated and rated the impact of the flaw as Low for Satellite since there was no harm identified to the confidentiality, integrity, or availability of systems.\n\n- The OCP has a *Moderate* impact because the affected library is a third-party library in the OCP jenkins-2-plugin component which reduces the possibilities of successful exploitation.\n- The OCP-4.8 is affected by this CVE and is in an extended life phase. For versions of products in the Extended Life Phase, Red Hat will provide limited ongoing technical support. No bug fixes, security fixes, hardware enablement or root-cause analysis will be available during this phase, and support will be provided on existing installations only.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42889"
},
{
"category": "external",
"summary": "RHBZ#2135435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135435"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42889",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42889"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42889",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42889"
},
{
"category": "external",
"summary": "https://blogs.apache.org/security/entry/cve-2022-42889",
"url": "https://blogs.apache.org/security/entry/cve-2022-42889"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om",
"url": "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om"
},
{
"category": "external",
"summary": "https://seclists.org/oss-sec/2022/q4/22",
"url": "https://seclists.org/oss-sec/2022/q4/22"
}
],
"release_date": "2022-10-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:26:48+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0776"
},
{
"category": "workaround",
"details": "This flaw may be avoided by ensuring that any external inputs used with the Commons-Text lookup methods are sanitized properly. Untrusted input should always be thoroughly sanitized before using in any potentially risky situations.",
"product_ids": [
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.src",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.src",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache-commons-text: variable interpolation RCE"
},
{
"cve": "CVE-2023-24422",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2023-01-25T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2164278"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the script-security Jenkins Plugin. In affected versions of the script-security plugin, property assignments performed implicitly by the Groovy language runtime when invoking map constructors were not intercepted by the sandbox. This vulnerability allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift 3.11 is already in the ELS support model phase. The Jenkins components are out of scope of the ELS support; hence OpenShift 3.11 Jenkins component is marked in this CVE as out of support scope.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-24422"
},
{
"category": "external",
"summary": "RHBZ#2164278",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164278"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-24422",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24422"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-24422",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24422"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-01-24/#SECURITY-3016",
"url": "https://www.jenkins.io/security/advisory/2023-01-24/#SECURITY-3016"
}
],
"release_date": "2023-01-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:26:48+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0776"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.src",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin"
},
{
"cve": "CVE-2023-25761",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2023-02-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2170039"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Jenkins JUnit plugin. The affected versions of the JUnit Plugin do not escape test case class names in JavaScript expressions, resulting in a stored cross-site scripting (XSS) vulnerability. This may allow an attacker to control test case class names in the JUnit resources processed by the plugin.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift 3.11 is already in the ELS support model phase. The Jenkins components are out of scope of the ELS support, therefore, the OpenShift 3.11 Jenkins component is marked as out of support scope in this CVE.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-25761"
},
{
"category": "external",
"summary": "RHBZ#2170039",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170039"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-25761",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25761"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-25761",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25761"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-3032",
"url": "https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-3032"
}
],
"release_date": "2023-02-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:26:48+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0776"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.src",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin"
},
{
"cve": "CVE-2023-25762",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2023-02-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2170041"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Jenkins pipeline-build-step plugin. Affected versions of the pipeline-build-step plugin do not escape job names in a JavaScript expression used in the Pipeline Snippet Generator. This can result in a stored cross-site scripting (XSS) vulnerability that may allow attackers to control job names.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-2-plugins/pipeline-build-step: Stored XSS vulnerability in Pipeline: Build Step Plugin",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift 3.11 is already in the ELS support model phase. The Jenkins components are out of scope of the ELS support, therefore, the OpenShift 3.11 Jenkins component is marked as out of support scope in this CVE.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-25762"
},
{
"category": "external",
"summary": "RHBZ#2170041",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170041"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-25762",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25762"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-25762",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25762"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-3019",
"url": "https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-3019"
}
],
"release_date": "2023-02-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:26:48+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0776"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.src",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins-2-plugins/pipeline-build-step: Stored XSS vulnerability in Pipeline: Build Step Plugin"
},
{
"cve": "CVE-2023-37946",
"cwe": {
"id": "CWE-384",
"name": "Session Fixation"
},
"discovery_date": "2023-07-12T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2222709"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Jenkins OpenShift Login Plugin. Affected versions of this plugin could allow a remote attacker to bypass security restrictions caused by not invalidating the existing session on login. By persuading a victim to visit a specially crafted Web site, an attacker can gain administrator access to Jenkins.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Jenkins: Session fixation vulnerability in OpenShift Login Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-37946"
},
{
"category": "external",
"summary": "RHBZ#2222709",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222709"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-37946",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-37946"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-37946",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-37946"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-07-12/#SECURITY-2998",
"url": "https://www.jenkins.io/security/advisory/2023-07-12/#SECURITY-2998"
}
],
"release_date": "2023-07-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:26:48+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0776"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.src",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Jenkins: Session fixation vulnerability in OpenShift Login Plugin"
},
{
"cve": "CVE-2024-23897",
"cwe": {
"id": "CWE-88",
"name": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)"
},
"discovery_date": "2024-01-24T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2260180"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jenkins, which uses the args4j library to parse command arguments and options on the Jenkins controller when processing CLI commands. This command parser has a feature that replaces the \"@\" character followed by a file path in an argument with the file\u2019s contents (expandAtFiles). This feature is enabled by default; Jenkins 2.441 and earlier as well as LTS 2.426.2 and earlier do not disable it.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins: Arbitrary file read vulnerability through the CLI can lead to RCE",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-23897"
},
{
"category": "external",
"summary": "RHBZ#2260180",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2260180"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-23897",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23897"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-23897",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23897"
},
{
"category": "external",
"summary": "http://www.openwall.com/lists/oss-security/2024/01/24/6",
"url": "http://www.openwall.com/lists/oss-security/2024/01/24/6"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2024-01-24/#SECURITY-3314",
"url": "https://www.jenkins.io/security/advisory/2024-01-24/#SECURITY-3314"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2024-01-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:26:48+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0776"
},
{
"category": "workaround",
"details": "Disabling access to the CLI is expected to prevent exploitation completely. Doing so is strongly recommended to administrators unable to immediately update to Jenkins 2.442, LTS 2.426.3 or LTS 2.440.1. Applying this workaround does not require a Jenkins restart.",
"product_ids": [
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.src",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.src",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.src"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2024-08-19T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Critical"
}
],
"title": "jenkins: Arbitrary file read vulnerability through the CLI can lead to RCE"
},
{
"cve": "CVE-2024-23898",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-01-24T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2260182"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jenkins where websocket access to the CLI does not perform origin validation of requests when they are made through the websocket endpoint.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins: cross-site WebSocket hijacking",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-23898"
},
{
"category": "external",
"summary": "RHBZ#2260182",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2260182"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-23898",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23898"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-23898",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23898"
},
{
"category": "external",
"summary": "http://www.openwall.com/lists/oss-security/2024/01/24/6",
"url": "http://www.openwall.com/lists/oss-security/2024/01/24/6"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2024-01-24/#SECURITY-3315",
"url": "https://www.jenkins.io/security/advisory/2024-01-24/#SECURITY-3315"
}
],
"release_date": "2024-01-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:26:48+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0776"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.src",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jenkins: cross-site WebSocket hijacking"
}
]
}
RHSA-2024:0778
Vulnerability from csaf_redhat - Published: 2024-02-12 10:38 - Updated: 2026-04-01 18:42Summary
Red Hat Security Advisory: Jenkins and Jenkins-2-plugins security update
Severity
Important
Notes
Topic: An update for Jenkins and Jenkins-2-plugins is now available for OpenShift Developer Tools and Services for OCP 4.12.
Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron.
Security Fix(es):
* apache-commons-text: variable interpolation RCE (CVE-2022-42889)
* google-oauth-client: missing PKCE support in accordance with the RFC for OAuth 2.0 for Native Apps can lead to improper authorization (CVE-2020-7692)
* maven: Block repositories using http by default (CVE-2021-26291)
* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)
* maven-shared-utils: Command injection via Commandline class (CVE-2022-29599)
* jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin (CVE-2023-24422)
* jenkins: Arbitrary file read vulnerability through the CLI can lead to RCE (CVE-2024-23897)
* jenkins: cross-site WebSocket hijacking (CVE-2024-23898)
* golang: go/parser: stack exhaustion in all Parse* functions (CVE-2022-1962)
* guava: insecure temporary directory creation (CVE-2023-2976)
* springframework: Spring Expression DoS Vulnerability (CVE-2023-20861)
* spring-security: Empty SecurityContext Is Not Properly Saved Upon Logout (CVE-2023-20862)
* jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin (CVE-2023-25761)
* jenkins-2-plugins/pipeline-build-step: Stored XSS vulnerability in Pipeline: Build Step Plugin (CVE-2023-25762)
* jetty-server: OutOfMemoryError for large multipart without filename read via request.getParameter() (CVE-2023-26048)
* jetty-server: Cookie parsing of quoted values can exfiltrate values from other cookies (CVE-2023-26049)
* Jenkins: Open redirect vulnerability in OpenShift Login Plugin (CVE-2023-37947)
* jetty: Improper validation of HTTP/1 content-length (CVE-2023-40167)
* jenkins-plugins: cloudbees-folder: CSRF vulnerability in Folders Plugin (CVE-2023-40337)
* jenkins-plugins: cloudbees-folder: Information disclosure in Folders Plugin (CVE-2023-40338)
* jenkins-plugins: config-file-provider: Improper masking of credentials in Config File Provider Plugin (CVE-2023-40339)
* jenkins-plugins: blueocean: CSRF vulnerability in Blue Ocean Plugin allows capturing credentials (CVE-2023-40341)
* Jenkins: Temporary file parameter created with insecure permissions (CVE-2023-27903)
* Jenkins: Information disclosure through error stack traces related to agents (CVE-2023-27904)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
PKCE support is not implemented in accordance with the RFC for OAuth 2.0 for Native Apps. Without the use of PKCE, the authorization code returned by an authorization server is not enough to guarantee that the client that issued the initial authorization request is the one that will be authorized. An attacker is able to obtain the authorization code using a malicious app on the client-side and use it to gain authorization to the protected resource. This affects the package com.google.oauth-client:google-oauth-client before 1.31.0.
7.4 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0778
A flaw was found in maven. Repositories that are defined in a dependency’s Project Object Model (pom), which may be unknown to users, are used by default resulting in potential risk if a malicious actor takes over that repository or is able to insert themselves into a position to pretend to be that repository. The highest threat from this vulnerability is to data confidentiality and integrity.
7.4 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0778
Workaround
To avoid possible man-in-the-middle related attacks with this flaw, ensure any linked repositories in maven POMs use https and not http.
A flaw was found in the golang standard library, go/parser. When calling any Parse functions on the Go source code, which contains deeply nested types or declarations, a panic can occur due to stack exhaustion. This issue allows an attacker to impact system availability.
5.5 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0778
A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.
7.5 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0778
A flaw was found in the maven-shared-utils package. This issue allows a Command Injection due to improper escaping, allowing a shell injection attack.
9.8 (Critical)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0778
A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code execution (RCE) and unintentional contact with untrusted remote servers.
9.8 (Critical)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0778
Workaround
This flaw may be avoided by ensuring that any external inputs used with the Commons-Text lookup methods are sanitized properly. Untrusted input should always be thoroughly sanitized before using in any potentially risky situations.
A flaw was found in Guava. The methodology for temporary directories and files can allow other local users or apps with accordant permissions to access the temp files, possibly leading to information exposure or tampering in the files created in the directory.
4.4 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0778
Workaround
Temp files should be created with sufficiently non-predictable names and in a secure-permissioned, dedicated temp folder.
A flaw found was found in Spring Framework. This flaw allows a malicious user to use a specially crafted SpEL expression that causes a denial of service (DoS).
5.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0778
A flaw was found in Spring Security. In affected versions of Spring Security, the logout support does not properly clean the security context if using serialized versions. Additionally, it is not possible to explicitly save an empty security context to the HttpSessionSecurityContextRepository. This vulnerability can keep users authenticated even after they performed logout.
6.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0778
A flaw was found in the script-security Jenkins Plugin. In affected versions of the script-security plugin, property assignments performed implicitly by the Groovy language runtime when invoking map constructors were not intercepted by the sandbox. This vulnerability allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM.
8.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0778
A flaw was found in the Jenkins JUnit plugin. The affected versions of the JUnit Plugin do not escape test case class names in JavaScript expressions, resulting in a stored cross-site scripting (XSS) vulnerability. This may allow an attacker to control test case class names in the JUnit resources processed by the plugin.
5.4 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0778
A flaw was found in the Jenkins pipeline-build-step plugin. Affected versions of the pipeline-build-step plugin do not escape job names in a JavaScript expression used in the Pipeline Snippet Generator. This can result in a stored cross-site scripting (XSS) vulnerability that may allow attackers to control job names.
5.4 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0778
A flaw was found in the jetty-server package. A servlet with multipart support could get an OutOfMemorryError when the client sends a part that has a name but no filename and substantial content. This flaw allows a malicious user to jeopardize the environment by leaving the JVM in an unreliable state.
5.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0778
A flaw was found in the jetty-server package. Nonstandard cookie parsing in Jetty may allow an attacker to smuggle cookies within other cookies or otherwise perform unintended behavior by tampering with the cookie parsing mechanism.
5.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0778
A flaw was found in Jenkins. When triggering a build from the Jenkins CLI, Jenkins creates a temporary file on the controller if a file parameter is provided through the CLI’s standard input. Affected versions of Jenkins create this temporary file in the default temporary directory with the default permissions for newly created files. If these permissions are overly permissive, they may allow attackers with access to the Jenkins controller file system to read and write the file before it is used in the build.
4.4 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0778
A flaw was found in Jenkins. The affected version of Jenkins prints an error stack trace on agent-related pages when agent connections are broken. This stack trace may contain information about Jenkins configuration that is otherwise inaccessible to attackers.
5.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0778
A flaw was found in the Jenkins OpenShift Login Plugin. Affected versions of this plugin could allow a remote attacker to conduct phishing attacks caused by an open redirect vulnerability. An attacker can use a specially crafted URL to redirect a victim to arbitrary web sites.
4.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0778
A flaw was found in Jetty that permits a plus sign (+) preceding the content-length value in a HTTP/1 header field, which is non-standard and more permissive than RFC. This issue could allow an attacker to request smuggling in conjunction with a server that does not close connections after 400 responses.
5.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0778
A flaw was found in the Jenkins Folders plugin. Affected versions of this plugin allow attackers to copy a view inside a folder.
4.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0778
A flaw was found in the Jenkins Folders plugin. Affected versions of this plugin display an error message that includes an absolute path of a log file when attempting to access the Scan Organization Folder Log if no logs are available. This flaw exposes information about the Jenkins controller file system.
4.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0778
A flaw was found in the Config File Provider Jenkins Plugin. Affected versions of this plugin do not mask (replace with asterisks) credentials specified in configuration files when they're written to the build log.
7.5 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0778
A flaw was found in the blueocean Jenkins plugin. Affected versions of this plugin allow attackers to connect to an attacker-specified URL, capturing GitHub credentials associated with an attacker-specified job.
5.4 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0778
A flaw was found in Jenkins, which uses the args4j library to parse command arguments and options on the Jenkins controller when processing CLI commands. This command parser has a feature that replaces the "@" character followed by a file path in an argument with the file’s contents (expandAtFiles). This feature is enabled by default; Jenkins 2.441 and earlier as well as LTS 2.426.2 and earlier do not disable it.
9.8 (Critical)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0778
Workaround
Disabling access to the CLI is expected to prevent exploitation completely. Doing so is strongly recommended to administrators unable to immediately update to Jenkins 2.442, LTS 2.426.3 or LTS 2.440.1. Applying this workaround does not require a Jenkins restart.
A flaw was found in Jenkins where websocket access to the CLI does not perform origin validation of requests when they are made through the websocket endpoint.
8.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0778
References
| URL | Category | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for Jenkins and Jenkins-2-plugins is now available for OpenShift Developer Tools and Services for OCP 4.12.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron.\n\nSecurity Fix(es):\n\n* apache-commons-text: variable interpolation RCE (CVE-2022-42889)\n\n* google-oauth-client: missing PKCE support in accordance with the RFC for OAuth 2.0 for Native Apps can lead to improper authorization (CVE-2020-7692)\n\n* maven: Block repositories using http by default (CVE-2021-26291)\n\n* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)\n\n* maven-shared-utils: Command injection via Commandline class (CVE-2022-29599)\n\n* jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin (CVE-2023-24422)\n\n* jenkins: Arbitrary file read vulnerability through the CLI can lead to RCE (CVE-2024-23897)\n\n* jenkins: cross-site WebSocket hijacking (CVE-2024-23898)\n\n* golang: go/parser: stack exhaustion in all Parse* functions (CVE-2022-1962)\n\n* guava: insecure temporary directory creation (CVE-2023-2976)\n\n* springframework: Spring Expression DoS Vulnerability (CVE-2023-20861)\n\n* spring-security: Empty SecurityContext Is Not Properly Saved Upon Logout (CVE-2023-20862)\n\n* jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin (CVE-2023-25761)\n\n* jenkins-2-plugins/pipeline-build-step: Stored XSS vulnerability in Pipeline: Build Step Plugin (CVE-2023-25762)\n\n* jetty-server: OutOfMemoryError for large multipart without filename read via request.getParameter() (CVE-2023-26048)\n\n* jetty-server: Cookie parsing of quoted values can exfiltrate values from other cookies (CVE-2023-26049)\n\n* Jenkins: Open redirect vulnerability in OpenShift Login Plugin (CVE-2023-37947)\n\n* jetty: Improper validation of HTTP/1 content-length (CVE-2023-40167)\n\n* jenkins-plugins: cloudbees-folder: CSRF vulnerability in Folders Plugin (CVE-2023-40337)\n\n* jenkins-plugins: cloudbees-folder: Information disclosure in Folders Plugin (CVE-2023-40338)\n\n* jenkins-plugins: config-file-provider: Improper masking of credentials in Config File Provider Plugin (CVE-2023-40339)\n\n* jenkins-plugins: blueocean: CSRF vulnerability in Blue Ocean Plugin allows capturing credentials (CVE-2023-40341)\n\n* Jenkins: Temporary file parameter created with insecure permissions (CVE-2023-27903)\n\n* Jenkins: Information disclosure through error stack traces related to agents (CVE-2023-27904)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:0778",
"url": "https://access.redhat.com/errata/RHSA-2024:0778"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1856376",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1856376"
},
{
"category": "external",
"summary": "1955739",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1955739"
},
{
"category": "external",
"summary": "2066479",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066479"
},
{
"category": "external",
"summary": "2107376",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107376"
},
{
"category": "external",
"summary": "2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "2135435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135435"
},
{
"category": "external",
"summary": "2164278",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164278"
},
{
"category": "external",
"summary": "2170039",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170039"
},
{
"category": "external",
"summary": "2170041",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170041"
},
{
"category": "external",
"summary": "2177632",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177632"
},
{
"category": "external",
"summary": "2177634",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177634"
},
{
"category": "external",
"summary": "2180530",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2180530"
},
{
"category": "external",
"summary": "2215229",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215229"
},
{
"category": "external",
"summary": "2222710",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222710"
},
{
"category": "external",
"summary": "2227788",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2227788"
},
{
"category": "external",
"summary": "2232422",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2232422"
},
{
"category": "external",
"summary": "2232423",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2232423"
},
{
"category": "external",
"summary": "2232425",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2232425"
},
{
"category": "external",
"summary": "2232426",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2232426"
},
{
"category": "external",
"summary": "2236340",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236340"
},
{
"category": "external",
"summary": "2236341",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236341"
},
{
"category": "external",
"summary": "2239634",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239634"
},
{
"category": "external",
"summary": "2260180",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2260180"
},
{
"category": "external",
"summary": "2260182",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2260182"
},
{
"category": "external",
"summary": "JKNS-271",
"url": "https://issues.redhat.com/browse/JKNS-271"
},
{
"category": "external",
"summary": "JKNS-289",
"url": "https://issues.redhat.com/browse/JKNS-289"
},
{
"category": "external",
"summary": "OCPBUGS-10976",
"url": "https://issues.redhat.com/browse/OCPBUGS-10976"
},
{
"category": "external",
"summary": "OCPBUGS-11158",
"url": "https://issues.redhat.com/browse/OCPBUGS-11158"
},
{
"category": "external",
"summary": "OCPBUGS-11348",
"url": "https://issues.redhat.com/browse/OCPBUGS-11348"
},
{
"category": "external",
"summary": "OCPBUGS-1357",
"url": "https://issues.redhat.com/browse/OCPBUGS-1357"
},
{
"category": "external",
"summary": "OCPBUGS-13652",
"url": "https://issues.redhat.com/browse/OCPBUGS-13652"
},
{
"category": "external",
"summary": "OCPBUGS-13901",
"url": "https://issues.redhat.com/browse/OCPBUGS-13901"
},
{
"category": "external",
"summary": "OCPBUGS-14113",
"url": "https://issues.redhat.com/browse/OCPBUGS-14113"
},
{
"category": "external",
"summary": "OCPBUGS-14393",
"url": "https://issues.redhat.com/browse/OCPBUGS-14393"
},
{
"category": "external",
"summary": "OCPBUGS-14642",
"url": "https://issues.redhat.com/browse/OCPBUGS-14642"
},
{
"category": "external",
"summary": "OCPBUGS-15648",
"url": "https://issues.redhat.com/browse/OCPBUGS-15648"
},
{
"category": "external",
"summary": "OCPBUGS-1709",
"url": "https://issues.redhat.com/browse/OCPBUGS-1709"
},
{
"category": "external",
"summary": "OCPBUGS-1942",
"url": "https://issues.redhat.com/browse/OCPBUGS-1942"
},
{
"category": "external",
"summary": "OCPBUGS-2099",
"url": "https://issues.redhat.com/browse/OCPBUGS-2099"
},
{
"category": "external",
"summary": "OCPBUGS-2184",
"url": "https://issues.redhat.com/browse/OCPBUGS-2184"
},
{
"category": "external",
"summary": "OCPBUGS-2318",
"url": "https://issues.redhat.com/browse/OCPBUGS-2318"
},
{
"category": "external",
"summary": "OCPBUGS-27391",
"url": "https://issues.redhat.com/browse/OCPBUGS-27391"
},
{
"category": "external",
"summary": "OCPBUGS-3692",
"url": "https://issues.redhat.com/browse/OCPBUGS-3692"
},
{
"category": "external",
"summary": "OCPBUGS-4819",
"url": "https://issues.redhat.com/browse/OCPBUGS-4819"
},
{
"category": "external",
"summary": "OCPBUGS-4833",
"url": "https://issues.redhat.com/browse/OCPBUGS-4833"
},
{
"category": "external",
"summary": "OCPBUGS-655",
"url": "https://issues.redhat.com/browse/OCPBUGS-655"
},
{
"category": "external",
"summary": "OCPBUGS-6632",
"url": "https://issues.redhat.com/browse/OCPBUGS-6632"
},
{
"category": "external",
"summary": "OCPBUGS-6982",
"url": "https://issues.redhat.com/browse/OCPBUGS-6982"
},
{
"category": "external",
"summary": "OCPBUGS-7016",
"url": "https://issues.redhat.com/browse/OCPBUGS-7016"
},
{
"category": "external",
"summary": "OCPBUGS-7050",
"url": "https://issues.redhat.com/browse/OCPBUGS-7050"
},
{
"category": "external",
"summary": "OCPBUGS-710",
"url": "https://issues.redhat.com/browse/OCPBUGS-710"
},
{
"category": "external",
"summary": "OCPBUGS-8420",
"url": "https://issues.redhat.com/browse/OCPBUGS-8420"
},
{
"category": "external",
"summary": "OCPBUGS-8497",
"url": "https://issues.redhat.com/browse/OCPBUGS-8497"
},
{
"category": "external",
"summary": "OCPTOOLS-246",
"url": "https://issues.redhat.com/browse/OCPTOOLS-246"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_0778.json"
}
],
"title": "Red Hat Security Advisory: Jenkins and Jenkins-2-plugins security update",
"tracking": {
"current_release_date": "2026-04-01T18:42:06+00:00",
"generator": {
"date": "2026-04-01T18:42:06+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.4"
}
},
"id": "RHSA-2024:0778",
"initial_release_date": "2024-02-12T10:38:58+00:00",
"revision_history": [
{
"date": "2024-02-12T10:38:58+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-02-12T10:38:58+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-01T18:42:06+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenShift Developer Tools and Services for OCP 4.12",
"product": {
"name": "OpenShift Developer Tools and Services for OCP 4.12",
"product_id": "8Base-OCP-Tools-4.12",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ocp_tools:4.12::el8"
}
}
}
],
"category": "product_family",
"name": "OpenShift Jenkins"
},
{
"branches": [
{
"category": "product_version",
"name": "jenkins-0:2.426.3.1706515686-3.el8.src",
"product": {
"name": "jenkins-0:2.426.3.1706515686-3.el8.src",
"product_id": "jenkins-0:2.426.3.1706515686-3.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins@2.426.3.1706515686-3.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "jenkins-2-plugins-0:4.12.1706515741-1.el8.src",
"product": {
"name": "jenkins-2-plugins-0:4.12.1706515741-1.el8.src",
"product_id": "jenkins-2-plugins-0:4.12.1706515741-1.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins-2-plugins@4.12.1706515741-1.el8?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "jenkins-0:2.426.3.1706515686-3.el8.noarch",
"product": {
"name": "jenkins-0:2.426.3.1706515686-3.el8.noarch",
"product_id": "jenkins-0:2.426.3.1706515686-3.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins@2.426.3.1706515686-3.el8?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"product": {
"name": "jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"product_id": "jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins-2-plugins@4.12.1706515741-1.el8?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-0:2.426.3.1706515686-3.el8.noarch as a component of OpenShift Developer Tools and Services for OCP 4.12",
"product_id": "8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch"
},
"product_reference": "jenkins-0:2.426.3.1706515686-3.el8.noarch",
"relates_to_product_reference": "8Base-OCP-Tools-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-0:2.426.3.1706515686-3.el8.src as a component of OpenShift Developer Tools and Services for OCP 4.12",
"product_id": "8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
},
"product_reference": "jenkins-0:2.426.3.1706515686-3.el8.src",
"relates_to_product_reference": "8Base-OCP-Tools-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch as a component of OpenShift Developer Tools and Services for OCP 4.12",
"product_id": "8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch"
},
"product_reference": "jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"relates_to_product_reference": "8Base-OCP-Tools-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-2-plugins-0:4.12.1706515741-1.el8.src as a component of OpenShift Developer Tools and Services for OCP 4.12",
"product_id": "8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
},
"product_reference": "jenkins-2-plugins-0:4.12.1706515741-1.el8.src",
"relates_to_product_reference": "8Base-OCP-Tools-4.12"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-7692",
"cwe": {
"id": "CWE-306",
"name": "Missing Authentication for Critical Function"
},
"discovery_date": "2020-07-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1856376"
}
],
"notes": [
{
"category": "description",
"text": "PKCE support is not implemented in accordance with the RFC for OAuth 2.0 for Native Apps. Without the use of PKCE, the authorization code returned by an authorization server is not enough to guarantee that the client that issued the initial authorization request is the one that will be authorized. An attacker is able to obtain the authorization code using a malicious app on the client-side and use it to gain authorization to the protected resource. This affects the package com.google.oauth-client:google-oauth-client before 1.31.0.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "google-oauth-client: missing PKCE support in accordance with the RFC for OAuth 2.0 for Native Apps can lead to improper authorization",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-7692"
},
{
"category": "external",
"summary": "RHBZ#1856376",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1856376"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-7692",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7692"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-7692",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7692"
}
],
"release_date": "2020-07-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:38:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0778"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "google-oauth-client: missing PKCE support in accordance with the RFC for OAuth 2.0 for Native Apps can lead to improper authorization"
},
{
"cve": "CVE-2021-26291",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-04-23T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1955739"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in maven. Repositories that are defined in a dependency\u2019s Project Object Model (pom), which may be unknown to users, are used by default resulting in potential risk if a malicious actor takes over that repository or is able to insert themselves into a position to pretend to be that repository. The highest threat from this vulnerability is to data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "maven: Block repositories using http by default",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-26291"
},
{
"category": "external",
"summary": "RHBZ#1955739",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1955739"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-26291",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26291"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-26291",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-26291"
},
{
"category": "external",
"summary": "https://maven.apache.org/docs/3.8.1/release-notes.html#cve-2021-26291",
"url": "https://maven.apache.org/docs/3.8.1/release-notes.html#cve-2021-26291"
}
],
"release_date": "2021-04-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:38:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0778"
},
{
"category": "workaround",
"details": "To avoid possible man-in-the-middle related attacks with this flaw, ensure any linked repositories in maven POMs use https and not http.",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "maven: Block repositories using http by default"
},
{
"cve": "CVE-2022-1962",
"cwe": {
"id": "CWE-1325",
"name": "Improperly Controlled Sequential Memory Allocation"
},
"discovery_date": "2022-07-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2107376"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang standard library, go/parser. When calling any Parse functions on the Go source code, which contains deeply nested types or declarations, a panic can occur due to stack exhaustion. This issue allows an attacker to impact system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: go/parser: stack exhaustion in all Parse* functions",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-1962"
},
{
"category": "external",
"summary": "RHBZ#2107376",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107376"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-1962",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1962"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1962",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1962"
},
{
"category": "external",
"summary": "https://go.dev/issue/53616",
"url": "https://go.dev/issue/53616"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE",
"url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE"
}
],
"release_date": "2022-07-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:38:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0778"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: go/parser: stack exhaustion in all Parse* functions"
},
{
"cve": "CVE-2022-25857",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-09-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2126789"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Denial of Service due to missing nested depth limitation for collections",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For RHEL-8 it\u0027s downgraded to moderate because \"snakeyaml\" itself in RHEL 8 or RHEL-9 isn\u0027t shipped and \"prometheus-jmx-exporter\" is needed as build dependency. And it\u0027s not directly exploitable, hence severity marked as moderate.\nRed Hat Integration and AMQ products are not vulnerable to this flaw, so their severity has been lowered to moderate.\nRed Hat Single Sign-On uses snakeyaml from liquibase-core and is only used when performing migrations and would require administrator privileges to execute, hence severity marked as Low.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be present soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25857"
},
{
"category": "external",
"summary": "RHBZ#2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25857",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25857"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857"
},
{
"category": "external",
"summary": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525",
"url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525"
}
],
"release_date": "2022-08-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:38:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0778"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "snakeyaml: Denial of Service due to missing nested depth limitation for collections"
},
{
"cve": "CVE-2022-29599",
"cwe": {
"id": "CWE-77",
"name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
},
"discovery_date": "2022-03-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2066479"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the maven-shared-utils package. This issue allows a Command Injection due to improper escaping, allowing a shell injection attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "maven-shared-utils: Command injection via Commandline class",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite ships Candlepin component, which uses the Tomcatjss module from the RHEL AppStream repository. In turn, Tomcatjss relies on Maven, which itself depends on affected Apache Maven Shared Utils. Due to the fact that Satellite does not directly use Apache Maven Shared Utils, or expose it in its code, it is considered not affected by the flaw. Satellite customers can resolve the security warning by updating to the fixed Apache Maven Shared Utils through the updated Maven module, which is available in the RHEL 8 AppStream repository. It\u0027s worth noting that this solution applies solely to RHEL 8, which supports modules exclusively, and it is not applicable to earlier versions including RHEL 7.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-29599"
},
{
"category": "external",
"summary": "RHBZ#2066479",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066479"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-29599",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29599"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-29599",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-29599"
}
],
"release_date": "2020-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:38:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0778"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "maven-shared-utils: Command injection via Commandline class"
},
{
"cve": "CVE-2022-42889",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2022-10-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135435"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code execution (RCE) and unintentional contact with untrusted remote servers.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-commons-text: variable interpolation RCE",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In order to carry successful exploitation of this vulnerability, the following conditions must be in place on the affected target:\n - Usage of specific methods that interpolate the variables as described in the flaw\n - Usage of external input for those methods\n - Usage of that external input has to be unsanitized/no \"allow list\"/etc.\n\nThe following products have *Low* impact because they have maven references to the affected package but do not ship it nor use the code:\n- Red Hat EAP Expansion Pack (EAP-XP)\n- Red Hat Camel-K\n- Red Hat Camel-Quarkus\n\nRed Hat Satellite ships Candlepin that embeds Apache Commons Text, however, it is not vulnerable to the flaw since the library has not been exposed in the product code. In Candlepin, the Commons Text is being pulled for the Liquibase and ActiveMQ Artemis libraries as a dependency. Red Hat Product Security has evaluated and rated the impact of the flaw as Low for Satellite since there was no harm identified to the confidentiality, integrity, or availability of systems.\n\n- The OCP has a *Moderate* impact because the affected library is a third-party library in the OCP jenkins-2-plugin component which reduces the possibilities of successful exploitation.\n- The OCP-4.8 is affected by this CVE and is in an extended life phase. For versions of products in the Extended Life Phase, Red Hat will provide limited ongoing technical support. No bug fixes, security fixes, hardware enablement or root-cause analysis will be available during this phase, and support will be provided on existing installations only.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42889"
},
{
"category": "external",
"summary": "RHBZ#2135435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135435"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42889",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42889"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42889",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42889"
},
{
"category": "external",
"summary": "https://blogs.apache.org/security/entry/cve-2022-42889",
"url": "https://blogs.apache.org/security/entry/cve-2022-42889"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om",
"url": "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om"
},
{
"category": "external",
"summary": "https://seclists.org/oss-sec/2022/q4/22",
"url": "https://seclists.org/oss-sec/2022/q4/22"
}
],
"release_date": "2022-10-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:38:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0778"
},
{
"category": "workaround",
"details": "This flaw may be avoided by ensuring that any external inputs used with the Commons-Text lookup methods are sanitized properly. Untrusted input should always be thoroughly sanitized before using in any potentially risky situations.",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache-commons-text: variable interpolation RCE"
},
{
"cve": "CVE-2023-2976",
"cwe": {
"id": "CWE-552",
"name": "Files or Directories Accessible to External Parties"
},
"discovery_date": "2023-06-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2215229"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Guava. The methodology for temporary directories and files can allow other local users or apps with accordant permissions to access the temp files, possibly leading to information exposure or tampering in the files created in the directory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "guava: insecure temporary directory creation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Single Sign-On 7 ships the affected component as a layered product of Red Hat JBoss Enterprise Application 7, and as such is affected by this flaw. However, Single Sign-On 7 does not use the affected code and is not vulnerable to exploit.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-2976"
},
{
"category": "external",
"summary": "RHBZ#2215229",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215229"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-2976",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2976"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-2976",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-2976"
}
],
"release_date": "2023-06-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:38:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0778"
},
{
"category": "workaround",
"details": "Temp files should be created with sufficiently non-predictable names and in a secure-permissioned, dedicated temp folder.",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "guava: insecure temporary directory creation"
},
{
"cve": "CVE-2023-20861",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2023-03-21T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2180530"
}
],
"notes": [
{
"category": "description",
"text": "A flaw found was found in Spring Framework. This flaw allows a malicious user to use a specially crafted SpEL expression that causes a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "springframework: Spring Expression DoS Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-20861"
},
{
"category": "external",
"summary": "RHBZ#2180530",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2180530"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-20861",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20861"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-20861",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-20861"
},
{
"category": "external",
"summary": "https://spring.io/blog/2023/03/20/spring-framework-6-0-7-and-5-3-26-fix-cve-2023-20860-and-cve-2023-20861",
"url": "https://spring.io/blog/2023/03/20/spring-framework-6-0-7-and-5-3-26-fix-cve-2023-20860-and-cve-2023-20861"
}
],
"release_date": "2023-03-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:38:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0778"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "springframework: Spring Expression DoS Vulnerability"
},
{
"cve": "CVE-2023-20862",
"cwe": {
"id": "CWE-459",
"name": "Incomplete Cleanup"
},
"discovery_date": "2023-07-31T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2227788"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Spring Security. In affected versions of Spring Security, the logout support does not properly clean the security context if using serialized versions. Additionally, it is not possible to explicitly save an empty security context to the HttpSessionSecurityContextRepository. This vulnerability can keep users authenticated even after they performed logout.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "spring-security: Empty SecurityContext Is Not Properly Saved Upon Logout",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-20862"
},
{
"category": "external",
"summary": "RHBZ#2227788",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2227788"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-20862",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20862"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-20862",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-20862"
},
{
"category": "external",
"summary": "https://spring.io/security/cve-2023-20862",
"url": "https://spring.io/security/cve-2023-20862"
}
],
"release_date": "2023-04-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:38:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0778"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "spring-security: Empty SecurityContext Is Not Properly Saved Upon Logout"
},
{
"cve": "CVE-2023-24422",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2023-01-25T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2164278"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the script-security Jenkins Plugin. In affected versions of the script-security plugin, property assignments performed implicitly by the Groovy language runtime when invoking map constructors were not intercepted by the sandbox. This vulnerability allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift 3.11 is already in the ELS support model phase. The Jenkins components are out of scope of the ELS support; hence OpenShift 3.11 Jenkins component is marked in this CVE as out of support scope.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-24422"
},
{
"category": "external",
"summary": "RHBZ#2164278",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164278"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-24422",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24422"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-24422",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24422"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-01-24/#SECURITY-3016",
"url": "https://www.jenkins.io/security/advisory/2023-01-24/#SECURITY-3016"
}
],
"release_date": "2023-01-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:38:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0778"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin"
},
{
"cve": "CVE-2023-25761",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2023-02-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2170039"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Jenkins JUnit plugin. The affected versions of the JUnit Plugin do not escape test case class names in JavaScript expressions, resulting in a stored cross-site scripting (XSS) vulnerability. This may allow an attacker to control test case class names in the JUnit resources processed by the plugin.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift 3.11 is already in the ELS support model phase. The Jenkins components are out of scope of the ELS support, therefore, the OpenShift 3.11 Jenkins component is marked as out of support scope in this CVE.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-25761"
},
{
"category": "external",
"summary": "RHBZ#2170039",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170039"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-25761",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25761"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-25761",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25761"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-3032",
"url": "https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-3032"
}
],
"release_date": "2023-02-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:38:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0778"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin"
},
{
"cve": "CVE-2023-25762",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2023-02-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2170041"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Jenkins pipeline-build-step plugin. Affected versions of the pipeline-build-step plugin do not escape job names in a JavaScript expression used in the Pipeline Snippet Generator. This can result in a stored cross-site scripting (XSS) vulnerability that may allow attackers to control job names.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-2-plugins/pipeline-build-step: Stored XSS vulnerability in Pipeline: Build Step Plugin",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift 3.11 is already in the ELS support model phase. The Jenkins components are out of scope of the ELS support, therefore, the OpenShift 3.11 Jenkins component is marked as out of support scope in this CVE.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-25762"
},
{
"category": "external",
"summary": "RHBZ#2170041",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170041"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-25762",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25762"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-25762",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25762"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-3019",
"url": "https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-3019"
}
],
"release_date": "2023-02-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:38:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0778"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins-2-plugins/pipeline-build-step: Stored XSS vulnerability in Pipeline: Build Step Plugin"
},
{
"cve": "CVE-2023-26048",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2023-08-30T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2236340"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the jetty-server package. A servlet with multipart support could get an OutOfMemorryError when the client sends a part that has a name but no filename and substantial content. This flaw allows a malicious user to jeopardize the environment by leaving the JVM in an unreliable state.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jetty-server: OutOfMemoryError for large multipart without filename read via request.getParameter()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-26048"
},
{
"category": "external",
"summary": "RHBZ#2236340",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236340"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-26048",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26048"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-26048",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-26048"
},
{
"category": "external",
"summary": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-qw69-rqj8-6qw8",
"url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-qw69-rqj8-6qw8"
}
],
"release_date": "2023-04-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:38:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0778"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jetty-server: OutOfMemoryError for large multipart without filename read via request.getParameter()"
},
{
"cve": "CVE-2023-26049",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2023-08-30T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2236341"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the jetty-server package. Nonstandard cookie parsing in Jetty may allow an attacker to smuggle cookies within other cookies or otherwise perform unintended behavior by tampering with the cookie parsing mechanism.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jetty-server: Cookie parsing of quoted values can exfiltrate values from other cookies",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-26049"
},
{
"category": "external",
"summary": "RHBZ#2236341",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236341"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-26049",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26049"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-26049",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-26049"
},
{
"category": "external",
"summary": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-p26g-97m4-6q7c",
"url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-p26g-97m4-6q7c"
}
],
"release_date": "2023-04-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:38:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0778"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jetty-server: Cookie parsing of quoted values can exfiltrate values from other cookies"
},
{
"cve": "CVE-2023-27903",
"cwe": {
"id": "CWE-266",
"name": "Incorrect Privilege Assignment"
},
"discovery_date": "2023-03-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2177632"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jenkins. When triggering a build from the Jenkins CLI, Jenkins creates a temporary file on the controller if a file parameter is provided through the CLI\u2019s standard input. Affected versions of Jenkins create this temporary file in the default temporary directory with the default permissions for newly created files. If these permissions are overly permissive, they may allow attackers with access to the Jenkins controller file system to read and write the file before it is used in the build.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Jenkins: Temporary file parameter created with insecure permissions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift 3.11 is already in the ELS support model phase. The Jenkins components are out of the scope of the ELS support; hence OpenShift 3.11 Jenkins component is marked in this CVE as Out of Support Scope.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-27903"
},
{
"category": "external",
"summary": "RHBZ#2177632",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177632"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-27903",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27903"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-27903",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27903"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-03-08/#SECURITY-3058",
"url": "https://www.jenkins.io/security/advisory/2023-03-08/#SECURITY-3058"
}
],
"release_date": "2023-03-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:38:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0778"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "Jenkins: Temporary file parameter created with insecure permissions"
},
{
"cve": "CVE-2023-27904",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2023-03-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2177634"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jenkins. The affected version of Jenkins prints an error stack trace on agent-related pages when agent connections are broken. This stack trace may contain information about Jenkins configuration that is otherwise inaccessible to attackers.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Jenkins: Information disclosure through error stack traces related to agents",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift 3.11 is already in the ELS support model phase. The Jenkins components are out of the scope of the ELS support; hence OpenShift 3.11 Jenkins component is marked in this CVE as Out of Support Scope.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-27904"
},
{
"category": "external",
"summary": "RHBZ#2177634",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177634"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-27904",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27904"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-27904",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27904"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-03-08/#SECURITY-2120",
"url": "https://www.jenkins.io/security/advisory/2023-03-08/#SECURITY-2120"
}
],
"release_date": "2023-03-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:38:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0778"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "Jenkins: Information disclosure through error stack traces related to agents"
},
{
"cve": "CVE-2023-37947",
"cwe": {
"id": "CWE-601",
"name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
},
"discovery_date": "2023-07-12T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2222710"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Jenkins OpenShift Login Plugin. Affected versions of this plugin could allow a remote attacker to conduct phishing attacks caused by an open redirect vulnerability. An attacker can use a specially crafted URL to redirect a victim to arbitrary web sites.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Jenkins: Open redirect vulnerability in OpenShift Login Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-37947"
},
{
"category": "external",
"summary": "RHBZ#2222710",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222710"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-37947",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-37947"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-37947",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-37947"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-07-12/#SECURITY-2999",
"url": "https://www.jenkins.io/security/advisory/2023-07-12/#SECURITY-2999"
}
],
"release_date": "2023-07-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:38:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0778"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Jenkins: Open redirect vulnerability in OpenShift Login Plugin"
},
{
"cve": "CVE-2023-40167",
"cwe": {
"id": "CWE-130",
"name": "Improper Handling of Length Parameter Inconsistency"
},
"discovery_date": "2023-09-19T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2239634"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jetty that permits a plus sign (+) preceding the content-length value in a HTTP/1 header field, which is non-standard and more permissive than RFC. This issue could allow an attacker to request smuggling in conjunction with a server that does not close connections after 400 responses.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jetty: Improper validation of HTTP/1 content-length",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-40167"
},
{
"category": "external",
"summary": "RHBZ#2239634",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239634"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-40167",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40167"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-40167",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-40167"
},
{
"category": "external",
"summary": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-hmr7-m48g-48f6",
"url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-hmr7-m48g-48f6"
},
{
"category": "external",
"summary": "https://www.rfc-editor.org/rfc/rfc9110#section-8.6",
"url": "https://www.rfc-editor.org/rfc/rfc9110#section-8.6"
}
],
"release_date": "2023-09-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:38:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0778"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jetty: Improper validation of HTTP/1 content-length"
},
{
"cve": "CVE-2023-40337",
"cwe": {
"id": "CWE-352",
"name": "Cross-Site Request Forgery (CSRF)"
},
"discovery_date": "2023-08-16T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2232425"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Jenkins Folders plugin. Affected versions of this plugin allow attackers to copy a view inside a folder.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugins: cloudbees-folder: CSRF vulnerability in Folders Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-40337"
},
{
"category": "external",
"summary": "RHBZ#2232425",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2232425"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-40337",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40337"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-40337",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-40337"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3105",
"url": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3105"
}
],
"release_date": "2023-08-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:38:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0778"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins-plugins: cloudbees-folder: CSRF vulnerability in Folders Plugin"
},
{
"cve": "CVE-2023-40338",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2023-08-16T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2232426"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Jenkins Folders plugin. Affected versions of this plugin display an error message that includes an absolute path of a log file when attempting to access the Scan Organization Folder Log if no logs are available. This flaw exposes information about the Jenkins controller file system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugins: cloudbees-folder: Information disclosure in Folders Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-40338"
},
{
"category": "external",
"summary": "RHBZ#2232426",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2232426"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-40338",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40338"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-40338",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-40338"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3109",
"url": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3109"
}
],
"release_date": "2023-08-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:38:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0778"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins-plugins: cloudbees-folder: Information disclosure in Folders Plugin"
},
{
"cve": "CVE-2023-40339",
"discovery_date": "2023-08-16T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2232423"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Config File Provider Jenkins Plugin. Affected versions of this plugin do not mask (replace with asterisks) credentials specified in configuration files when they\u0027re written to the build log.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugins: config-file-provider: Improper masking of credentials in Config File Provider Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-40339"
},
{
"category": "external",
"summary": "RHBZ#2232423",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2232423"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-40339",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40339"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-40339",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-40339"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3090",
"url": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3090"
}
],
"release_date": "2023-08-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:38:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0778"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins-plugins: config-file-provider: Improper masking of credentials in Config File Provider Plugin"
},
{
"cve": "CVE-2023-40341",
"cwe": {
"id": "CWE-352",
"name": "Cross-Site Request Forgery (CSRF)"
},
"discovery_date": "2023-08-16T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2232422"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the blueocean Jenkins plugin. Affected versions of this plugin allow attackers to connect to an attacker-specified URL, capturing GitHub credentials associated with an attacker-specified job.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugins: blueocean: CSRF vulnerability in Blue Ocean Plugin allows capturing credentials",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-40341"
},
{
"category": "external",
"summary": "RHBZ#2232422",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2232422"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-40341",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40341"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-40341",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-40341"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3116",
"url": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3116"
}
],
"release_date": "2023-08-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:38:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0778"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins-plugins: blueocean: CSRF vulnerability in Blue Ocean Plugin allows capturing credentials"
},
{
"cve": "CVE-2024-23897",
"cwe": {
"id": "CWE-88",
"name": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)"
},
"discovery_date": "2024-01-24T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2260180"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jenkins, which uses the args4j library to parse command arguments and options on the Jenkins controller when processing CLI commands. This command parser has a feature that replaces the \"@\" character followed by a file path in an argument with the file\u2019s contents (expandAtFiles). This feature is enabled by default; Jenkins 2.441 and earlier as well as LTS 2.426.2 and earlier do not disable it.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins: Arbitrary file read vulnerability through the CLI can lead to RCE",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-23897"
},
{
"category": "external",
"summary": "RHBZ#2260180",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2260180"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-23897",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23897"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-23897",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23897"
},
{
"category": "external",
"summary": "http://www.openwall.com/lists/oss-security/2024/01/24/6",
"url": "http://www.openwall.com/lists/oss-security/2024/01/24/6"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2024-01-24/#SECURITY-3314",
"url": "https://www.jenkins.io/security/advisory/2024-01-24/#SECURITY-3314"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2024-01-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:38:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0778"
},
{
"category": "workaround",
"details": "Disabling access to the CLI is expected to prevent exploitation completely. Doing so is strongly recommended to administrators unable to immediately update to Jenkins 2.442, LTS 2.426.3 or LTS 2.440.1. Applying this workaround does not require a Jenkins restart.",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2024-08-19T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Critical"
}
],
"title": "jenkins: Arbitrary file read vulnerability through the CLI can lead to RCE"
},
{
"cve": "CVE-2024-23898",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-01-24T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2260182"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jenkins where websocket access to the CLI does not perform origin validation of requests when they are made through the websocket endpoint.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins: cross-site WebSocket hijacking",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-23898"
},
{
"category": "external",
"summary": "RHBZ#2260182",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2260182"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-23898",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23898"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-23898",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23898"
},
{
"category": "external",
"summary": "http://www.openwall.com/lists/oss-security/2024/01/24/6",
"url": "http://www.openwall.com/lists/oss-security/2024/01/24/6"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2024-01-24/#SECURITY-3315",
"url": "https://www.jenkins.io/security/advisory/2024-01-24/#SECURITY-3315"
}
],
"release_date": "2024-01-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:38:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0778"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jenkins: cross-site WebSocket hijacking"
}
]
}
RHSA-2023:1044
Vulnerability from csaf_redhat - Published: 2023-03-01 21:45 - Updated: 2026-04-01 18:42Summary
Red Hat Security Advisory: Red Hat Single Sign-On 7.6.2 security update on RHEL 8
Severity
Important
Notes
Topic: New Red Hat Single Sign-On 7.6.2 packages are now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.
This release of Red Hat Single Sign-On 7.6.2 on RHEL 8 serves as a replacement for Red Hat Single Sign-On 7.6.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* keycloak: XSS on impersonation under specific circumstances (CVE-2022-1438)
* Moment.js: Path traversal in moment.locale (CVE-2022-24785)
* keycloak: missing email notification template allowlist (CVE-2022-1274)
* keycloak: minimist: prototype pollution (CVE-2021-44906)
* moment: inefficient parsing algorithm resulting in DoS (CVE-2022-31129)
* undertow: DoS can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations (CVE-2022-2764)
* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)
* loader-utils: loader-utils:Regular expression denial of service (CVE-2022-37603)
* keycloak: Session takeover with OIDC offline refreshtokens (CVE-2022-3916)
* keycloak: path traversal via double URL encoding (CVE-2022-3782)
* snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode (CVE-2022-38749)
* snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match (CVE-2022-38751)
* snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject (CVE-2022-38750)
* keycloak: Client Registration endpoint does not check token revocation (CVE-2023-0091)
* keycloak: glob-parent: Regular Expression Denial of Service (CVE-2021-35065)
* json5: Prototype Pollution in JSON5 via Parse Method (CVE-2022-46175)
* keycloak: keycloak: user impersonation via stolen uuid code (CVE-2023-0264)
* snakeyaml: Constructor Deserialization Remote Code Execution (CVE-2022-1471)
* CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364)
* rcue-bootstrap: bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip (CVE-2018-14042)
* jettison: If the value in map is the map's self, the new new JSONObject(map) cause StackOverflowError which may lead to dos (CVE-2022-45693)
* sshd-common: mina-sshd: Java unsafe deserialization vulnerability (CVE-2022-45047)
* jettison: memory exhaustion via user-supplied XML or JSON data (CVE-2022-40150)
* jettison: parser crash by stackoverflow (CVE-2022-40149)
* jackson-databind: use of deeply nested arrays (CVE-2022-42004)
* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)
* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)
* jquery: Passing HTML containing <option> elements to manipulation methods could result in untrusted code execution (CVE-2020-11023)
* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)
* jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358)
* CXF: Apache CXF: directory listing / code exfiltration (CVE-2022-46363)
* keycloak: reflected XSS attack (CVE-2022-4137)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.
6.1 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1044
In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.
6.1 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1044
A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.
5.6 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1044
A Cross-site scripting (XSS) vulnerability exists in JQuery. This flaw allows an attacker with the ability to supply input to the ‘HTML’ function to inject Javascript into the page where that input is rendered, and have it delivered by the browser.
6.1 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1044
A flaw was found in jQuery. HTML containing \<option\> elements from untrusted sources are passed, even after sanitizing, to one of jQuery's DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.
6.1 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1044
Workaround
Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.
A vulnerability was found in the glob-parent package. Affected versions of this package are vulnerable to Regular expression Denial of Service (ReDoS) attacks, affecting system availability.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1044
An Uncontrolled Resource Consumption flaw was found in minimist. The original fix for CVE-2020-7598 was incomplete as it was still possible to bypass in some cases. This flaw (CVE-2021-44906) allows an attacker to trick the library into adding or modifying the properties of Object.prototype, using a constructor or __proto__ payload, resulting in prototype pollution and loss of confidentiality, availability, and integrity.
CWE-1321 - Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1044
A flaw was found in Keycloak in the execute-actions-email endpoint. This issue allows arbitrary HTML to be injected into emails sent to Keycloak users and can be misused to perform phishing or other attacks against users.
7.6 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1044
A flaw was found in Keycloak. Under specific circumstances, HTML entities are not sanitized during user impersonation, resulting in a Cross-site scripting (XSS) vulnerability.
6.4 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1044
A flaw was found in the SnakeYaml package. This flaw allows an attacker to benefit from remote code execution by sending malicious YAML content and this content being deserialized by the constructor. Deserialization is unsafe and leads to Remote Code Execution (RCE).
9.8 (Critical)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1044
A flaw was found in Undertow with EJB invocations. This flaw allows an attacker to generate a valid HTTP request and send it to the server on an established connection after removing the LAST_CHUNK from the bytes, causing a denial of service.
4.2 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1044
A flaw was found in the offline_access scope in Keycloak. This issue would affect users of shared computers more (especially if cookies are not cleared), due to a lack of root session validation, and the reuse of session ids across root and user authentication sessions. This enables an attacker to resolve a user session attached to a previously authenticated user; when utilizing the refresh token, they will be issued a token for the original user.
6.8 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1044
A reflected cross-site scripting (XSS) vulnerability was found in the 'oob' OAuth endpoint due to incorrect null-byte handling. This issue allows a malicious link to insert an arbitrary URI into a Keycloak error page. This flaw requires a user or administrator to interact with a link in order to be vulnerable. This may compromise user details, allowing it to be changed or collected by an attacker.
8.1 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1044
A path traversal vulnerability was found in Moment.js that impacts npm (server) users. This issue occurs if a user-provided locale string is directly used to switch moment locale, which an attacker can exploit to change the correct path to one of their choice. This can result in a loss of integrity.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1044
Workaround
Sanitize the user-provided locale name before passing it to Moment.js.
A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1044
A flaw was found in the Moment.js package. Users who pass user-provided strings without sanity length checks to the moment constructor are vulnerable to regular expression denial of service (ReDoS) attacks.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1044
A flaw was found in loader-utils webpack library. When the url variable from interpolateName is set, the prototype can be polluted. This issue could lead to a regular expression Denial of Service (ReDoS), affecting the availability of the affected component.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1044
A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash, resulting in a denial of service.
6.5 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1044
A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.
5.5 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1044
A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.
6.5 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1044
A stack-based buffer overflow vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. This flaw allows an attacker to supply content that causes the parser to crash by writing outside the memory bounds if the parser is running on user-supplied input, resulting in a denial of service attack.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1044
A vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. If the parser is running on user-supplied input, an attacker may supply content that causes the parser to crash, causing memory exhaustion. This effect may support a denial of service attack.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1044
A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1044
A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1044
A flaw was found in Apache MINA SSHD, when using Java deserialization to load a serialized java.security.PrivateKey. An attacker could benefit from unsafe deserialization by inserting unsecured data that may affect the application or server.
9.8 (Critical)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1044
Workaround
From the maintainer:
For Apache MINA SSHD <= 2.9.1, do not use org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to generate and later load your server's host key. Use separately generated host key files, for instance in OpenSSH format, and load them via a org.apache.sshd.common.keyprovider.FileKeyPairProvider instead. Or use a custom implementation instead of
SimpleGeneratorHostKeyProvider that uses the OpenSSH format for storing and loading the host key (via classes OpenSSHKeyPairResourceWriter and OpenSSHKeyPairResourceParser).
A flaw was found in Jettison, where it is vulnerable to a denial of service caused by a stack-based buffer overflow. By sending a specially-crafted request using the map parameter, a remote attacker can cause a denial of service.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1044
A flaw was found in the json5 package. The affected version of the json5 package could allow an attacker to set arbitrary and unexpected keys on the object returned from JSON5.parse.
8.8 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1044
A vulnerability was found in Apache CXF that could allow an attacker to perform a remote directory listing or code exfiltration. This issue only applies when the CXFServlet is configured with both the static-resources-list and redirect-query-check attributes. These attributes are not supposed to be used together, so the issue can only occur if the CXF service is misconfigured.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1044
A SSRF vulnerability was found in Apache CXF. This issue occurs when parsing the href attribute of XOP:Include in MTOM requests, allowing an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type.
9.8 (Critical)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1044
A flaw was found in Keycloak, where it did not properly check client tokens for possible revocation in its client credential flow. This flaw allows an attacker to access or modify potentially sensitive information.
CWE-20 - Improper Input Validation
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1044
A flaw was found in Keycloak's OpenID Connect user authentication, which may incorrectly authenticate requests. An authenticated attacker who could obtain information from a user request within the same realm could use that data to impersonate the victim and generate new session tokens. This issue could impact confidentiality, Integrity, and availability.
4.6 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1044
References
| URL | Category | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Acknowledgments
usd AG
Marcus Nilsson
SISOFT s.c.
Grzegorz Tworek
Trifork
Peter Flintholm
https://github.com/souravs17031999
Sourav Kumar
A1 Digital
Jordi Zayuelas i Muñoz
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "New Red Hat Single Sign-On 7.6.2 packages are now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.\n\nThis release of Red Hat Single Sign-On 7.6.2 on RHEL 8 serves as a replacement for Red Hat Single Sign-On 7.6.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n* keycloak: XSS on impersonation under specific circumstances (CVE-2022-1438)\n* Moment.js: Path traversal in moment.locale (CVE-2022-24785)\n* keycloak: missing email notification template allowlist (CVE-2022-1274)\n* keycloak: minimist: prototype pollution (CVE-2021-44906)\n* moment: inefficient parsing algorithm resulting in DoS (CVE-2022-31129)\n* undertow: DoS can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations (CVE-2022-2764)\n* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)\n* loader-utils: loader-utils:Regular expression denial of service (CVE-2022-37603)\n* keycloak: Session takeover with OIDC offline refreshtokens (CVE-2022-3916)\n* keycloak: path traversal via double URL encoding (CVE-2022-3782)\n* snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode (CVE-2022-38749)\n* snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match (CVE-2022-38751)\n* snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject (CVE-2022-38750)\n* keycloak: Client Registration endpoint does not check token revocation (CVE-2023-0091)\n* keycloak: glob-parent: Regular Expression Denial of Service (CVE-2021-35065)\n* json5: Prototype Pollution in JSON5 via Parse Method (CVE-2022-46175)\n* keycloak: keycloak: user impersonation via stolen uuid code (CVE-2023-0264)\n* snakeyaml: Constructor Deserialization Remote Code Execution (CVE-2022-1471)\n* CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364)\n* rcue-bootstrap: bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip (CVE-2018-14042)\n* jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos (CVE-2022-45693)\n* sshd-common: mina-sshd: Java unsafe deserialization vulnerability (CVE-2022-45047)\n* jettison: memory exhaustion via user-supplied XML or JSON data (CVE-2022-40150)\n* jettison: parser crash by stackoverflow (CVE-2022-40149)\n* jackson-databind: use of deeply nested arrays (CVE-2022-42004)\n* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)\n* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)\n* jquery: Passing HTML containing \u003coption\u003e elements to manipulation methods could result in untrusted code execution (CVE-2020-11023)\n* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)\n* jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358)\n* CXF: Apache CXF: directory listing / code exfiltration (CVE-2022-46363)\n* keycloak: reflected XSS attack (CVE-2022-4137)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:1044",
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "2031904",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031904"
},
{
"category": "external",
"summary": "2066009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066009"
},
{
"category": "external",
"summary": "2072009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072009"
},
{
"category": "external",
"summary": "2073157",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073157"
},
{
"category": "external",
"summary": "2105075",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105075"
},
{
"category": "external",
"summary": "2117506",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2117506"
},
{
"category": "external",
"summary": "2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "2129706",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129706"
},
{
"category": "external",
"summary": "2129707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129707"
},
{
"category": "external",
"summary": "2129709",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129709"
},
{
"category": "external",
"summary": "2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "2135770",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770"
},
{
"category": "external",
"summary": "2135771",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771"
},
{
"category": "external",
"summary": "2138971",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2138971"
},
{
"category": "external",
"summary": "2140597",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140597"
},
{
"category": "external",
"summary": "2141404",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2141404"
},
{
"category": "external",
"summary": "2145194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
},
{
"category": "external",
"summary": "2148496",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2148496"
},
{
"category": "external",
"summary": "2150009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150009"
},
{
"category": "external",
"summary": "2155681",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155681"
},
{
"category": "external",
"summary": "2155682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155682"
},
{
"category": "external",
"summary": "2155970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155970"
},
{
"category": "external",
"summary": "2156263",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156263"
},
{
"category": "external",
"summary": "2156324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156324"
},
{
"category": "external",
"summary": "2158585",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2158585"
},
{
"category": "external",
"summary": "2160585",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2160585"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_1044.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Single Sign-On 7.6.2 security update on RHEL 8",
"tracking": {
"current_release_date": "2026-04-01T18:42:57+00:00",
"generator": {
"date": "2026-04-01T18:42:57+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.4"
}
},
"id": "RHSA-2023:1044",
"initial_release_date": "2023-03-01T21:45:12+00:00",
"revision_history": [
{
"date": "2023-03-01T21:45:12+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-03-01T21:45:12+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-01T18:42:57+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Single Sign-On 7.6 for RHEL 8",
"product": {
"name": "Red Hat Single Sign-On 7.6 for RHEL 8",
"product_id": "8Base-RHSSO-7.6",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:red_hat_single_sign_on:7.6::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Single Sign-On"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"product": {
"name": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"product_id": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7-keycloak@18.0.6-1.redhat_00001.1.el8sso?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"product": {
"name": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"product_id": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7-keycloak@18.0.6-1.redhat_00001.1.el8sso?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"product": {
"name": "rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"product_id": "rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7-keycloak-server@18.0.6-1.redhat_00001.1.el8sso?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch as a component of Red Hat Single Sign-On 7.6 for RHEL 8",
"product_id": "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
},
"product_reference": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"relates_to_product_reference": "8Base-RHSSO-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src as a component of Red Hat Single Sign-On 7.6 for RHEL 8",
"product_id": "8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src"
},
"product_reference": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"relates_to_product_reference": "8Base-RHSSO-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch as a component of Red Hat Single Sign-On 7.6 for RHEL 8",
"product_id": "8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
},
"product_reference": "rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"relates_to_product_reference": "8Base-RHSSO-7.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-14040",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601614"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14040"
},
{
"category": "external",
"summary": "RHBZ#1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14040",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14040"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute"
},
{
"cve": "CVE-2018-14042",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601617"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14042"
},
{
"category": "external",
"summary": "RHBZ#1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14042",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14042"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip"
},
{
"cve": "CVE-2019-11358",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-03-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1701972"
}
],
"notes": [
{
"category": "description",
"text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-11358"
},
{
"category": "external",
"summary": "RHBZ#1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/",
"url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"
},
{
"category": "external",
"summary": "https://www.drupal.org/sa-core-2019-006",
"url": "https://www.drupal.org/sa-core-2019-006"
}
],
"release_date": "2019-03-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection"
},
{
"cve": "CVE-2020-11022",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-04-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1828406"
}
],
"notes": [
{
"category": "description",
"text": "A Cross-site scripting (XSS) vulnerability exists in JQuery. This flaw allows an attacker with the ability to supply input to the \u2018HTML\u2019 function to inject Javascript into the page where that input is rendered, and have it delivered by the browser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "No supported release of Red Hat OpenStack Platform is affected by this vulnerability as no shipped packages contain the vulnerable code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11022"
},
{
"category": "external",
"summary": "RHBZ#1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11022",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2",
"url": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2"
}
],
"release_date": "2020-04-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method"
},
{
"cve": "CVE-2020-11023",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-06-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1850004"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jQuery. HTML containing \\\u003coption\\\u003e elements from untrusted sources are passed, even after sanitizing, to one of jQuery\u0027s DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux versions 6, 7, and 8 ship a vulnerable version of JQuery in the `pcs` component. As PCS does not accept untrusted input, the vulnerable code cannot be controlled by an attacker.\n\nMultiple Red Hat offerings use doxygen to build documentation. During this process an affected jquery.js file can be included in the resulting package. The \u0027gcc\u0027 and \u0027tbb\u0027 packages were potentially vulnerable via this method.\n\nOpenShift Container Platform 4 is not affected because even though it uses the \u0027gcc\u0027 component, vulnerable code is limited within the libstdc++-docs rpm package, which is not shipped.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11023"
},
{
"category": "external",
"summary": "RHBZ#1850004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/",
"url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2020-04-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2025-01-23T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods"
},
{
"cve": "CVE-2021-35065",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-12-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2156324"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the glob-parent package. Affected versions of this package are vulnerable to Regular expression Denial of Service (ReDoS) attacks, affecting system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "glob-parent: Regular Expression Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The glob-parent package is a transitive dependency and this is not used directly in any of the Red Hat products. Hence, the impact is reduced to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-35065"
},
{
"category": "external",
"summary": "RHBZ#2156324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156324"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-35065",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35065"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-35065",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-35065"
},
{
"category": "external",
"summary": "https://security.snyk.io/vuln/SNYK-JS-GLOBPARENT-1314294",
"url": "https://security.snyk.io/vuln/SNYK-JS-GLOBPARENT-1314294"
}
],
"release_date": "2022-12-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "glob-parent: Regular Expression Denial of Service"
},
{
"cve": "CVE-2021-44906",
"cwe": {
"id": "CWE-1321",
"name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
},
"discovery_date": "2022-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2066009"
}
],
"notes": [
{
"category": "description",
"text": "An Uncontrolled Resource Consumption flaw was found in minimist. The original fix for CVE-2020-7598 was incomplete as it was still possible to bypass in some cases. This flaw (CVE-2021-44906) allows an attacker to trick the library into adding or modifying the properties of Object.prototype, using a constructor or __proto__ payload, resulting in prototype pollution and loss of confidentiality, availability, and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "minimist: prototype pollution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "As minimist is an argument parsing module for nodejs, exploitation of this vulnerability requires an attacker to influence which arguments are passed to nodejs when running a script. Red Hat products and services are designed in such a way that gaining this ability is not trivial. Additionally, the impact is limited by only enabling the pollution of functions, and not all generic objects.\n\nWithin Red Hat Satellite 6 this flaw has been rated as having a security impact of Low. It is not currently planned to be addressed there, as the minimist library is only included in the -doc subpackage and is part of test fixtures that are not in the execution path used by the rabl gem.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44906"
},
{
"category": "external",
"summary": "RHBZ#2066009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44906",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44906"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44906",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44906"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-xvch-5gv4-984h",
"url": "https://github.com/advisories/GHSA-xvch-5gv4-984h"
}
],
"release_date": "2022-03-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "minimist: prototype pollution"
},
{
"acknowledgments": [
{
"names": [
"Marcus Nilsson"
],
"organization": "usd AG"
}
],
"cve": "CVE-2022-1274",
"cwe": {
"id": "CWE-80",
"name": "Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)"
},
"discovery_date": "2022-04-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2073157"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Keycloak in the execute-actions-email endpoint. This issue allows arbitrary HTML to be injected into emails sent to Keycloak users and can be misused to perform phishing or other attacks against users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: HTML injection in execute-actions-email Admin REST API",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-1274"
},
{
"category": "external",
"summary": "RHBZ#2073157",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073157"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-1274",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1274"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1274",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1274"
},
{
"category": "external",
"summary": "https://github.com/keycloak/keycloak/security/advisories/GHSA-m4fv-gm5m-4725",
"url": "https://github.com/keycloak/keycloak/security/advisories/GHSA-m4fv-gm5m-4725"
}
],
"release_date": "2023-02-28T18:57:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "keycloak: HTML injection in execute-actions-email Admin REST API"
},
{
"acknowledgments": [
{
"names": [
"Grzegorz Tworek"
],
"organization": "SISOFT s.c."
}
],
"cve": "CVE-2022-1438",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2021-12-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2031904"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Keycloak. Under specific circumstances, HTML entities are not sanitized during user impersonation, resulting in a Cross-site scripting (XSS) vulnerability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: XSS on impersonation under specific circumstances",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-1438"
},
{
"category": "external",
"summary": "RHBZ#2031904",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031904"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-1438",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1438"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1438",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1438"
}
],
"release_date": "2023-02-28T18:56:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "keycloak: XSS on impersonation under specific circumstances"
},
{
"cve": "CVE-2022-1471",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-12-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2150009"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the SnakeYaml package. This flaw allows an attacker to benefit from remote code execution by sending malicious YAML content and this content being deserialized by the constructor. Deserialization is unsafe and leads to Remote Code Execution (RCE).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "SnakeYaml: Constructor Deserialization Remote Code Execution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In the Red Hat Process Automation 7 (RHPAM) the untrusted, malicious YAML file for deserialization by the vulnerable Snakeyaml\u0027s SafeConstructor class must be provided intentionally by the RHPAM user which requires high privileges. The potential attack complexity is also high because it depends on conditions that are beyond the attacker\u0027s control. Due to that the impact for RHPAM is reduced to Low.\n\nRed Hat Fuse 7 does not expose by default any endpoint that passes incoming data/request into vulnerable Snakeyaml\u0027s Constructor class nor pass untrusted data to this class. When this class is used, it\u2019s still only used to parse internal configuration, hence the impact by this vulnerability to Red Hat Fuse 7 is reduced to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-1471"
},
{
"category": "external",
"summary": "RHBZ#2150009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-1471",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1471"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1471",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1471"
},
{
"category": "external",
"summary": "https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2",
"url": "https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2"
}
],
"release_date": "2022-10-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "SnakeYaml: Constructor Deserialization Remote Code Execution"
},
{
"cve": "CVE-2022-2764",
"discovery_date": "2022-08-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2117506"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Undertow with EJB invocations. This flaw allows an attacker to generate a valid HTTP request and send it to the server on an established connection after removing the LAST_CHUNK from the bytes, causing a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Undertow: DoS can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-2764"
},
{
"category": "external",
"summary": "RHBZ#2117506",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2117506"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-2764",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2764"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-2764",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2764"
}
],
"release_date": "2022-08-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "Undertow: DoS can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations"
},
{
"acknowledgments": [
{
"names": [
"Peter Flintholm"
],
"organization": "Trifork"
}
],
"cve": "CVE-2022-3916",
"cwe": {
"id": "CWE-384",
"name": "Session Fixation"
},
"discovery_date": "2022-11-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2141404"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the offline_access scope in Keycloak. This issue would affect users of shared computers more (especially if cookies are not cleared), due to a lack of root session validation, and the reuse of session ids across root and user authentication sessions. This enables an attacker to resolve a user session attached to a previously authenticated user; when utilizing the refresh token, they will be issued a token for the original user.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: Session takeover with OIDC offline refreshtokens",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3916"
},
{
"category": "external",
"summary": "RHBZ#2141404",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2141404"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3916",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3916"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3916",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3916"
}
],
"release_date": "2022-11-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "keycloak: Session takeover with OIDC offline refreshtokens"
},
{
"cve": "CVE-2022-4137",
"cwe": {
"id": "CWE-81",
"name": "Improper Neutralization of Script in an Error Message Web Page"
},
"discovery_date": "2022-11-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2148496"
}
],
"notes": [
{
"category": "description",
"text": "A reflected cross-site scripting (XSS) vulnerability was found in the \u0027oob\u0027 OAuth endpoint due to incorrect null-byte handling. This issue allows a malicious link to insert an arbitrary URI into a Keycloak error page. This flaw requires a user or administrator to interact with a link in order to be vulnerable. This may compromise user details, allowing it to be changed or collected by an attacker.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: reflected XSS attack",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-4137"
},
{
"category": "external",
"summary": "RHBZ#2148496",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2148496"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-4137",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4137"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-4137",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4137"
}
],
"release_date": "2023-03-01T13:56:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "keycloak: reflected XSS attack"
},
{
"cve": "CVE-2022-24785",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2022-04-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2072009"
}
],
"notes": [
{
"category": "description",
"text": "A path traversal vulnerability was found in Moment.js that impacts npm (server) users. This issue occurs if a user-provided locale string is directly used to switch moment locale, which an attacker can exploit to change the correct path to one of their choice. This can result in a loss of integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Moment.js: Path traversal in moment.locale",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In Quay 3.10 and above, no version of affected momentjs is present.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-24785"
},
{
"category": "external",
"summary": "RHBZ#2072009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-24785",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24785"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24785",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24785"
},
{
"category": "external",
"summary": "https://github.com/moment/moment/security/advisories/GHSA-8hfj-j24r-96c4",
"url": "https://github.com/moment/moment/security/advisories/GHSA-8hfj-j24r-96c4"
}
],
"release_date": "2022-04-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
},
{
"category": "workaround",
"details": "Sanitize the user-provided locale name before passing it to Moment.js.",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Moment.js: Path traversal in moment.locale"
},
{
"cve": "CVE-2022-25857",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-09-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2126789"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Denial of Service due to missing nested depth limitation for collections",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For RHEL-8 it\u0027s downgraded to moderate because \"snakeyaml\" itself in RHEL 8 or RHEL-9 isn\u0027t shipped and \"prometheus-jmx-exporter\" is needed as build dependency. And it\u0027s not directly exploitable, hence severity marked as moderate.\nRed Hat Integration and AMQ products are not vulnerable to this flaw, so their severity has been lowered to moderate.\nRed Hat Single Sign-On uses snakeyaml from liquibase-core and is only used when performing migrations and would require administrator privileges to execute, hence severity marked as Low.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be present soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25857"
},
{
"category": "external",
"summary": "RHBZ#2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25857",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25857"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857"
},
{
"category": "external",
"summary": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525",
"url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525"
}
],
"release_date": "2022-08-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "snakeyaml: Denial of Service due to missing nested depth limitation for collections"
},
{
"cve": "CVE-2022-31129",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-07-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2105075"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Moment.js package. Users who pass user-provided strings without sanity length checks to the moment constructor are vulnerable to regular expression denial of service (ReDoS) attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "moment: inefficient parsing algorithm resulting in DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Fuse provides the affected software but does not use the functionality and as such its impact has been downgraded to Low.\n\nRed Hat Advanced Cluster Management for Kubernetes (RHACM) ships a vulnerable version of the moment library. However, this affected functionality is restricted behind OAuth, reducing the impact to Moderate.\n\nRed Hat Satellite ships a vulnerable version of the moment library. However, this only affects a specific component (qpid-dispatch), reducing the impact to Moderate.\n\nRed Hat Ceph Storage (RHCS) ships a vulnerable version of the moment library, however, it is not directly used and is a transitive dependency from Angular. In addition, the impact would only be to the grafana browser, and not the underlying RHCS system, which reduces the impact to Moderate. \n\nRed Hat OpenShift Service Mesh (OSSM) ships a vulnerable version of the moment library, however, it is not directly used, and as such, the impact has been lowered to Moderate.\n\nRed Hat OpenShift distributed tracing ships a vulnerable version of the moment library, however, it is not directly used, and as such, the impact has been lowered to Moderate.\n\nIn Logging Subsystem for Red Hat OpenShift the vulnerable moment nodejs package is bundled in the ose-logging-kibana6 container as a transitive dependency, hence the direct impact is reduced to Moderate.\n\nIn OpenShift Container Platform 4 the vulnerabile moment package is a third party dependency, hence the direct impact is reduced to Moderate.\n\nIn Quay IO 3.10 and above, no version of affected momentjs is present.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-31129"
},
{
"category": "external",
"summary": "RHBZ#2105075",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105075"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-31129",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31129"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-31129",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-31129"
},
{
"category": "external",
"summary": "https://github.com/moment/moment/security/advisories/GHSA-wc69-rhjr-hc9g",
"url": "https://github.com/moment/moment/security/advisories/GHSA-wc69-rhjr-hc9g"
}
],
"release_date": "2022-07-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "moment: inefficient parsing algorithm resulting in DoS"
},
{
"cve": "CVE-2022-37603",
"cwe": {
"id": "CWE-185",
"name": "Incorrect Regular Expression"
},
"discovery_date": "2022-11-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2140597"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in loader-utils webpack library. When the url variable from interpolateName is set, the prototype can be polluted. This issue could lead to a regular expression Denial of Service (ReDoS), affecting the availability of the affected component.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "loader-utils: Regular expression denial of service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-37603"
},
{
"category": "external",
"summary": "RHBZ#2140597",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140597"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-37603",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37603"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-37603",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-37603"
}
],
"release_date": "2022-10-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "loader-utils: Regular expression denial of service"
},
{
"cve": "CVE-2022-38749",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129706"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38749"
},
{
"category": "external",
"summary": "RHBZ#2129706",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129706"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38749",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38749"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38749",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38749"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode"
},
{
"cve": "CVE-2022-38750",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129707"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38750"
},
{
"category": "external",
"summary": "RHBZ#2129707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129707"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38750",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38750"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38750",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38750"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject"
},
{
"cve": "CVE-2022-38751",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129709"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38751"
},
{
"category": "external",
"summary": "RHBZ#2129709",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129709"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38751",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38751"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38751",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38751"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match"
},
{
"cve": "CVE-2022-40149",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-10-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135771"
}
],
"notes": [
{
"category": "description",
"text": "A stack-based buffer overflow vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. This flaw allows an attacker to supply content that causes the parser to crash by writing outside the memory bounds if the parser is running on user-supplied input, resulting in a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: parser crash by stackoverflow",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40149"
},
{
"category": "external",
"summary": "RHBZ#2135771",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40149",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40149"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149"
},
{
"category": "external",
"summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1",
"url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1"
}
],
"release_date": "2022-09-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jettison: parser crash by stackoverflow"
},
{
"cve": "CVE-2022-40150",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-10-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135770"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. If the parser is running on user-supplied input, an attacker may supply content that causes the parser to crash, causing memory exhaustion. This effect may support a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: memory exhaustion via user-supplied XML or JSON data",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40150"
},
{
"category": "external",
"summary": "RHBZ#2135770",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40150",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40150"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150"
},
{
"category": "external",
"summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1",
"url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1"
}
],
"release_date": "2022-09-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jettison: memory exhaustion via user-supplied XML or JSON data"
},
{
"cve": "CVE-2022-42003",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135244"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42003"
},
{
"category": "external",
"summary": "RHBZ#2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42003",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS"
},
{
"cve": "CVE-2022-42004",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135247"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: use of deeply nested arrays",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42004"
},
{
"category": "external",
"summary": "RHBZ#2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42004",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: use of deeply nested arrays"
},
{
"cve": "CVE-2022-45047",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-11-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2145194"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache MINA SSHD, when using Java deserialization to load a serialized java.security.PrivateKey. An attacker could benefit from unsafe deserialization by inserting unsecured data that may affect the application or server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mina-sshd: Java unsafe deserialization vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Impact as High as there\u0027s a mitigation for minimizing the impact which the flaw requires org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to be impacted, which would require an external/public API for an attacker to benefit from it. \n\nRed Hat Fuse 7 and Red Hat JBoss Enterprise Application Platform 7 have a lower rate (moderate) as it\u0027s very unlikely to be exploited since those are for internal usage or use a custom implementation in their case.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45047"
},
{
"category": "external",
"summary": "RHBZ#2145194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45047",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45047"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047"
},
{
"category": "external",
"summary": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html",
"url": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html"
}
],
"release_date": "2022-11-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
},
{
"category": "workaround",
"details": "From the maintainer:\n\nFor Apache MINA SSHD \u003c= 2.9.1, do not use org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to generate and later load your server\u0027s host key. Use separately generated host key files, for instance in OpenSSH format, and load them via a org.apache.sshd.common.keyprovider.FileKeyPairProvider instead. Or use a custom implementation instead of \nSimpleGeneratorHostKeyProvider that uses the OpenSSH format for storing and loading the host key (via classes OpenSSHKeyPairResourceWriter and OpenSSHKeyPairResourceParser).",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "mina-sshd: Java unsafe deserialization vulnerability"
},
{
"cve": "CVE-2022-45693",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-12-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155970"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jettison, where it is vulnerable to a denial of service caused by a stack-based buffer overflow. By sending a specially-crafted request using the map parameter, a remote attacker can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat has determined the impact of this flaw to be Moderate; a successful attack using this flaw would require the processing of untrusted, unsanitized, or unrestricted user inputs, which runs counter to established Red Hat security practices.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45693"
},
{
"category": "external",
"summary": "RHBZ#2155970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155970"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45693",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45693"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45693",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45693"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos"
},
{
"cve": "CVE-2022-46175",
"cwe": {
"id": "CWE-1321",
"name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
},
"discovery_date": "2022-12-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2156263"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the json5 package. The affected version of the json5 package could allow an attacker to set arbitrary and unexpected keys on the object returned from JSON5.parse.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "json5: Prototype Pollution in JSON5 via Parse Method",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The json5 package is a build-time dependency in Red Hat products and is not used in production runtime. Hence, the impact is set to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-46175"
},
{
"category": "external",
"summary": "RHBZ#2156263",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156263"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-46175",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46175"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46175",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46175"
},
{
"category": "external",
"summary": "https://github.com/json5/json5/security/advisories/GHSA-9c47-m6qq-7p4h",
"url": "https://github.com/json5/json5/security/advisories/GHSA-9c47-m6qq-7p4h"
}
],
"release_date": "2022-12-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "json5: Prototype Pollution in JSON5 via Parse Method"
},
{
"cve": "CVE-2022-46363",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2022-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155681"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Apache CXF that could allow an attacker to perform a remote directory listing or code exfiltration. This issue only applies when the CXFServlet is configured with both the static-resources-list and redirect-query-check attributes. These attributes are not supposed to be used together, so the issue can only occur if the CXF service is misconfigured.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "CXF: directory listing / code exfiltration",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-46363"
},
{
"category": "external",
"summary": "RHBZ#2155681",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155681"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-46363",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46363"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46363",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46363"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/pdzo1qgyplf4y523tnnzrcm7hoco3l8c",
"url": "https://lists.apache.org/thread/pdzo1qgyplf4y523tnnzrcm7hoco3l8c"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "CXF: directory listing / code exfiltration"
},
{
"cve": "CVE-2022-46364",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2022-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155682"
}
],
"notes": [
{
"category": "description",
"text": "A SSRF vulnerability was found in Apache CXF. This issue occurs when parsing the href attribute of XOP:Include in MTOM requests, allowing an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "CXF: SSRF Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Integration Camel Quarkus does not support CXF extensions and so is affected at a reduced impact of Moderate.\nThe RHSSO server does not ship Apache CXF. The component mentioned in CVE-2022-46364 is a transitive dependency coming from Fuse adapters and the test suite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-46364"
},
{
"category": "external",
"summary": "RHBZ#2155682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155682"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-46364",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46364"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46364",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46364"
},
{
"category": "external",
"summary": "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1\u0026modificationDate=1670944472739\u0026api=v2",
"url": "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1\u0026modificationDate=1670944472739\u0026api=v2"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "CXF: SSRF Vulnerability"
},
{
"acknowledgments": [
{
"names": [
"Sourav Kumar"
],
"organization": "https://github.com/souravs17031999",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2023-0091",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2022-10-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2158585"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Keycloak, where it did not properly check client tokens for possible revocation in its client credential flow. This flaw allows an attacker to access or modify potentially sensitive information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: Client Registration endpoint does not check token revocation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-0091"
},
{
"category": "external",
"summary": "RHBZ#2158585",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2158585"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-0091",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0091"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0091",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0091"
},
{
"category": "external",
"summary": "https://github.com/keycloak/keycloak/security/advisories/GHSA-v436-q368-hvgg",
"url": "https://github.com/keycloak/keycloak/security/advisories/GHSA-v436-q368-hvgg"
},
{
"category": "external",
"summary": "https://github.com/keycloak/security/issues/27",
"url": "https://github.com/keycloak/security/issues/27"
}
],
"release_date": "2022-10-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "keycloak: Client Registration endpoint does not check token revocation"
},
{
"acknowledgments": [
{
"names": [
"Jordi Zayuelas i Mu\u00f1oz"
],
"organization": "A1 Digital",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2023-0264",
"cwe": {
"id": "CWE-303",
"name": "Incorrect Implementation of Authentication Algorithm"
},
"discovery_date": "2023-01-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2160585"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Keycloak\u0027s OpenID Connect user authentication, which may incorrectly authenticate requests. An authenticated attacker who could obtain information from a user request within the same realm could use that data to impersonate the victim and generate new session tokens. This issue could impact confidentiality, Integrity, and availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: user impersonation via stolen uuid code",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-0264"
},
{
"category": "external",
"summary": "RHBZ#2160585",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2160585"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-0264",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0264"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0264",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0264"
}
],
"release_date": "2023-02-28T18:58:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:12+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.noarch",
"8Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso.src",
"8Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el8sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "keycloak: user impersonation via stolen uuid code"
}
]
}
RHSA-2023:4983
Vulnerability from csaf_redhat - Published: 2023-09-05 18:37 - Updated: 2026-04-01 18:53Summary
Red Hat Security Advisory: Red Hat Process Automation Manager 7.13.4 security update
Severity
Important
Notes
Topic: An update is now available for Red Hat Process Automation Manager.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which provides a detailed severity rating, is available for each vulnerability from the CVE links in the References section.
Details: Red Hat Process Automation Manager is an open source business process management suite that combines process management and decision service management and enables business and IT users to create, manage, validate, and deploy process applications and decision services.
This asynchronous security patch is an update to Red Hat Process Automation Manager 7.
Security Fixes:
* apache-bcel: Apache-Commons-BCEL: arbitrary bytecode produced via out-of-bounds writing (CVE-2022-42920)
* decode-uri-component: improper input validation resulting in DoS (CVE-2022-38900)
* mina-sshd: Java unsafe deserialization vulnerability (CVE-2022-45047)
* spring-boot: Spring Boot Welcome Page DoS Vulnerability (CVE-2023-20883)
* springframework: Security Bypass With Un-Prefixed Double Wildcard Pattern (CVE-2023-20860)
* loader-utils: regular expression denial of service in interpolateName.js (CVE-2022-37599)
* protobuf-java: timeout in parser leads to DoS (CVE-2022-3171)
* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)
* woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks (CVE-2022-40152)
* RESTEasy: creation of insecure temp files (CVE-2023-0482)
* sshd-core: mina-sshd-core: Memory leak denial of service in Apache Mina SSHD Server (CVE-2021-30129)
For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE pages listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A vulnerability in sshd-core of Apache Mina SSHD allows an attacker to overflow the server causing an OutOfMemory error. This issue affects the SFTP and port forwarding features of Apache Mina SSHD version 2.0.0 and later versions. It was addressed in Apache Mina SSHD 2.7.0
6.5 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:4983
A flaw was found in Wildfly-elytron. Wildfly-elytron uses java.util.Arrays.equals in several places, which is unsafe and vulnerable to timing attacks. To compare values securely, use java.security.MessageDigest.isEqual instead. This flaw allows an attacker to access secure information or impersonate an authed user.
7.4 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:4983
A parsing issue with binary data in protobuf-java core and lite versions prior to 3.21.7, 3.20.3, 3.19.6 and 3.16.3 can lead to a denial of service attack. Inputs containing multiple instances of non-repeated embedded messages with repeated or unknown fields causes objects to be converted back-n-forth between mutable and immutable forms, resulting in potentially long garbage collection pauses. We recommend updating to the versions mentioned above.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:4983
A flaw was found in Textformat in protobuf-java core that can lead to a denial of service. Inputs containing multiple instances of non-repeated embedded messages with repeated or unknown fields can cause objects to convert between mutable and immutable forms, resulting in long garbage collection pauses.
5.3 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:4983
A flaw was found in Message-Type Extensions in protobuf-java core that can lead to a denial of service. Inputs containing multiple instances of non-repeated embedded messages with repeated or unknown fields can cause objects to convert between mutable and immutable forms, resulting in long garbage collection pauses.
5.3 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:4983
A flaw was found in undertow. The undertow client is not checking the server identity the server certificate presents in HTTPS connections. This is a compulsory step ( that should at least be performed by default) in HTTPS and in http/2.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:4983
A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.
5.9 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:4983
A flaw was found in the interpolateName function in interpolateName.js in the webpack loader-utils 2.0.0 via the resourcePath variable in interpolateName.js. This flaw can lead to a regular expression denial of service (ReDoS).
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:4983
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
A flaw was found in decode-uri-component. This issue occurs due to a specially crafted input, resulting in a denial of service.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:4983
A flaw was found in the FasterXML/woodstox package. This flaw allows an attacker to cause a denial of service (DoS) in its target via XML serialization. An attacker may benefit from the parser sending a malicious input that may cause a crash. This vulnerability is only relevant for users using the DTD parsing functionality.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:4983
Those using Snakeyaml to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack overflow. This effect may support a denial of service attack.
6.5 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:4983
An out-of-bounds (OOB) write flaw was found in Apache Commons BCEL API. This flaw can be used to produce arbitrary bytecode and may abuse applications that pass attacker-controlled data to those APIs, giving the attacker more control over the resulting bytecode than otherwise expected.
8.1 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:4983
A flaw was found in Apache MINA SSHD, when using Java deserialization to load a serialized java.security.PrivateKey. An attacker could benefit from unsafe deserialization by inserting unsecured data that may affect the application or server.
9.8 (Critical)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:4983
Workaround
From the maintainer:
For Apache MINA SSHD <= 2.9.1, do not use org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to generate and later load your server's host key. Use separately generated host key files, for instance in OpenSSH format, and load them via a org.apache.sshd.common.keyprovider.FileKeyPairProvider instead. Or use a custom implementation instead of
SimpleGeneratorHostKeyProvider that uses the OpenSSH format for storing and loading the host key (via classes OpenSSHKeyPairResourceWriter and OpenSSHKeyPairResourceParser).
In RESTEasy the insecure File.createTempFile() is used in the DataSourceProvider, FileProvider and Mime4JWorkaround classes which creates temp files with insecure permissions that could be read by a local user.
5.3 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:4983
A flaw was found in Spring Framework. In this vulnerability, a security bypass is possible due to the behavior of the wildcard pattern.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:4983
A flaw found was found in Spring Framework. This flaw allows a malicious user to use a specially crafted SpEL expression that causes a denial of service (DoS).
5.3 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:4983
A flaw was found in Spring Boot, occurring prominently in Spring MVC with a reverse proxy cache. This issue requires Spring MVC to have auto-configuration enabled and the application to use Spring Boot's welcome page support, either static or templated, resulting in the application being deployed behind a proxy that caches 404 responses. This issue may cause a denial of service (DoS) attack.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:4983
A flaw was found in Apache Commons FileUpload, where it does not limit the number of parts being processed in a request. This issue may allow an attacker to use a malicious upload or series of uploads to trigger a denial of service. While Red Hat Satellite relies upon Apache Tomcat, it does not directly ship it. Tomcat is shipped with Red Hat Enterprise Linux and consumed by the Candlepin component of Satellite. Red Hat Satellite users are therefore advised to check the impact state of Red Hat Enterprise Linux, since any necessary fixes will be distributed through the platform.
6.5 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:4983
References
| URL | Category | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat Process Automation Manager.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which provides a detailed severity rating, is available for each vulnerability from the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Process Automation Manager is an open source business process management suite that combines process management and decision service management and enables business and IT users to create, manage, validate, and deploy process applications and decision services.\n\nThis asynchronous security patch is an update to Red Hat Process Automation Manager 7.\n\nSecurity Fixes:\n\n* apache-bcel: Apache-Commons-BCEL: arbitrary bytecode produced via out-of-bounds writing (CVE-2022-42920)\n\n* decode-uri-component: improper input validation resulting in DoS (CVE-2022-38900)\n\n* mina-sshd: Java unsafe deserialization vulnerability (CVE-2022-45047)\n\n* spring-boot: Spring Boot Welcome Page DoS Vulnerability (CVE-2023-20883)\n\n* springframework: Security Bypass With Un-Prefixed Double Wildcard Pattern (CVE-2023-20860)\n\n* loader-utils: regular expression denial of service in interpolateName.js (CVE-2022-37599)\n\n* protobuf-java: timeout in parser leads to DoS (CVE-2022-3171)\n\n* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)\n\n* woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks (CVE-2022-40152)\n\n* RESTEasy: creation of insecure temp files (CVE-2023-0482)\n\n* sshd-core: mina-sshd-core: Memory leak denial of service in Apache Mina SSHD Server (CVE-2021-30129)\n\nFor more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE pages listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:4983",
"url": "https://access.redhat.com/errata/RHSA-2023:4983"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1981527",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1981527"
},
{
"category": "external",
"summary": "2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "2134291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134291"
},
{
"category": "external",
"summary": "2134872",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134872"
},
{
"category": "external",
"summary": "2137645",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2137645"
},
{
"category": "external",
"summary": "2142707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2142707"
},
{
"category": "external",
"summary": "2145194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
},
{
"category": "external",
"summary": "2166004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2166004"
},
{
"category": "external",
"summary": "2170644",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170644"
},
{
"category": "external",
"summary": "2180528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2180528"
},
{
"category": "external",
"summary": "2209342",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2209342"
},
{
"category": "external",
"summary": "RHPAM-4639",
"url": "https://issues.redhat.com/browse/RHPAM-4639"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_4983.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Process Automation Manager 7.13.4 security update",
"tracking": {
"current_release_date": "2026-04-01T18:53:29+00:00",
"generator": {
"date": "2026-04-01T18:53:29+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.4"
}
},
"id": "RHSA-2023:4983",
"initial_release_date": "2023-09-05T18:37:03+00:00",
"revision_history": [
{
"date": "2023-09-05T18:37:03+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-09-05T18:37:03+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-01T18:53:29+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHPAM 7.13.4 async",
"product": {
"name": "RHPAM 7.13.4 async",
"product_id": "RHPAM 7.13.4 async",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_bpms_platform:7.13"
}
}
}
],
"category": "product_family",
"name": "Red Hat Process Automation Manager"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-30129",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-07-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1981527"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability in sshd-core of Apache Mina SSHD allows an attacker to overflow the server causing an OutOfMemory error. This issue affects the SFTP and port forwarding features of Apache Mina SSHD version 2.0.0 and later versions. It was addressed in Apache Mina SSHD 2.7.0",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mina-sshd-core: Memory leak denial of service in Apache Mina SSHD Server",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform\u0027s OpenDaylight will not be updated for this flaw because it was deprecated as of OpenStack Platform 14 and is only receiving security fixes for Critical flaws.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHPAM 7.13.4 async"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-30129"
},
{
"category": "external",
"summary": "RHBZ#1981527",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1981527"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-30129",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30129"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-30129",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-30129"
}
],
"release_date": "2021-07-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-09-05T18:37:03+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHPAM 7.13.4 async"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4983"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHPAM 7.13.4 async"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "mina-sshd-core: Memory leak denial of service in Apache Mina SSHD Server"
},
{
"cve": "CVE-2022-3143",
"cwe": {
"id": "CWE-208",
"name": "Observable Timing Discrepancy"
},
"discovery_date": "2022-09-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2124682"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly-elytron. Wildfly-elytron uses java.util.Arrays.equals in several places, which is unsafe and vulnerable to timing attacks. To compare values securely, use java.security.MessageDigest.isEqual instead. This flaw allows an attacker to access secure information or impersonate an authed user.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly-elytron: possible timing attacks via use of unsafe comparator",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHPAM 7.13.4 async"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3143"
},
{
"category": "external",
"summary": "RHBZ#2124682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124682"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3143",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3143"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3143",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3143"
}
],
"release_date": "2022-09-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-09-05T18:37:03+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHPAM 7.13.4 async"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4983"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"RHPAM 7.13.4 async"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly-elytron: possible timing attacks via use of unsafe comparator"
},
{
"cve": "CVE-2022-3171",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2022-10-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2137645"
}
],
"notes": [
{
"category": "description",
"text": "A parsing issue with binary data in protobuf-java core and lite versions prior to 3.21.7, 3.20.3, 3.19.6 and 3.16.3 can lead to a denial of service attack. Inputs containing multiple instances of non-repeated embedded messages with repeated or unknown fields causes objects to be converted back-n-forth between mutable and immutable forms, resulting in potentially long garbage collection pauses. We recommend updating to the versions mentioned above.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "protobuf-java: timeout in parser leads to DoS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHPAM 7.13.4 async"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3171"
},
{
"category": "external",
"summary": "RHBZ#2137645",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2137645"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3171",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3171"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3171",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3171"
},
{
"category": "external",
"summary": "https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-h4h5-3hr4-j3g2",
"url": "https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-h4h5-3hr4-j3g2"
}
],
"release_date": "2022-10-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-09-05T18:37:03+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHPAM 7.13.4 async"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4983"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHPAM 7.13.4 async"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "protobuf-java: timeout in parser leads to DoS"
},
{
"cve": "CVE-2022-3509",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2022-12-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2184161"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Textformat in protobuf-java core that can lead to a denial of service. Inputs containing multiple instances of non-repeated embedded messages with repeated or unknown fields can cause objects to convert between mutable and immutable forms, resulting in long garbage collection pauses.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "protobuf-java: Textformat parsing issue leads to DoS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHPAM 7.13.4 async"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3509"
},
{
"category": "external",
"summary": "RHBZ#2184161",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184161"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3509",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3509"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3509",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3509"
}
],
"release_date": "2022-12-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-09-05T18:37:03+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHPAM 7.13.4 async"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4983"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHPAM 7.13.4 async"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "protobuf-java: Textformat parsing issue leads to DoS"
},
{
"cve": "CVE-2022-3510",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2022-12-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2184176"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Message-Type Extensions in protobuf-java core that can lead to a denial of service. Inputs containing multiple instances of non-repeated embedded messages with repeated or unknown fields can cause objects to convert between mutable and immutable forms, resulting in long garbage collection pauses.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "protobuf-java: Message-Type Extensions parsing issue leads to DoS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHPAM 7.13.4 async"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3510"
},
{
"category": "external",
"summary": "RHBZ#2184176",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184176"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3510",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3510"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3510",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3510"
}
],
"release_date": "2022-12-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-09-05T18:37:03+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHPAM 7.13.4 async"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4983"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHPAM 7.13.4 async"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "protobuf-java: Message-Type Extensions parsing issue leads to DoS"
},
{
"cve": "CVE-2022-4492",
"cwe": {
"id": "CWE-550",
"name": "Server-generated Error Message Containing Sensitive Information"
},
"discovery_date": "2022-12-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2153260"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in undertow. The undertow client is not checking the server identity the server certificate presents in HTTPS connections. This is a compulsory step ( that should at least be performed by default) in HTTPS and in http/2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: Server identity in https connection is not checked by the undertow client",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHPAM 7.13.4 async"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-4492"
},
{
"category": "external",
"summary": "RHBZ#2153260",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153260"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-4492",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4492"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-4492",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4492"
}
],
"release_date": "2022-12-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-09-05T18:37:03+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHPAM 7.13.4 async"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4983"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"RHPAM 7.13.4 async"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undertow: Server identity in https connection is not checked by the undertow client"
},
{
"cve": "CVE-2022-25857",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-09-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2126789"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Denial of Service due to missing nested depth limitation for collections",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For RHEL-8 it\u0027s downgraded to moderate because \"snakeyaml\" itself in RHEL 8 or RHEL-9 isn\u0027t shipped and \"prometheus-jmx-exporter\" is needed as build dependency. And it\u0027s not directly exploitable, hence severity marked as moderate.\nRed Hat Integration and AMQ products are not vulnerable to this flaw, so their severity has been lowered to moderate.\nRed Hat Single Sign-On uses snakeyaml from liquibase-core and is only used when performing migrations and would require administrator privileges to execute, hence severity marked as Low.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be present soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHPAM 7.13.4 async"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25857"
},
{
"category": "external",
"summary": "RHBZ#2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25857",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25857"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857"
},
{
"category": "external",
"summary": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525",
"url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525"
}
],
"release_date": "2022-08-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-09-05T18:37:03+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHPAM 7.13.4 async"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4983"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHPAM 7.13.4 async"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Denial of Service due to missing nested depth limitation for collections"
},
{
"cve": "CVE-2022-37599",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-10-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2134872"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the interpolateName function in interpolateName.js in the webpack loader-utils 2.0.0 via the resourcePath variable in interpolateName.js. This flaw can lead to a regular expression denial of service (ReDoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "loader-utils: regular expression denial of service in interpolateName.js",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In Red Hat OpenShift Logging the openshift-logging/kibana6-rhel8 container and openshift-logging/logging-view-plugin-rhel8 bundles many nodejs packages as a build time dependencies, including loader-utils package. The vulnerable code is not used hence the impact to OpenShift Logging by this vulnerability is Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHPAM 7.13.4 async"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-37599"
},
{
"category": "external",
"summary": "RHBZ#2134872",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134872"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-37599",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37599"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-37599",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-37599"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-hhq3-ff78-jv3g",
"url": "https://github.com/advisories/GHSA-hhq3-ff78-jv3g"
},
{
"category": "external",
"summary": "https://github.com/webpack/loader-utils/issues/211",
"url": "https://github.com/webpack/loader-utils/issues/211"
}
],
"release_date": "2022-10-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-09-05T18:37:03+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHPAM 7.13.4 async"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4983"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"RHPAM 7.13.4 async"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHPAM 7.13.4 async"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "loader-utils: regular expression denial of service in interpolateName.js"
},
{
"cve": "CVE-2022-38900",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2023-02-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2170644"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in decode-uri-component. This issue occurs due to a specially crafted input, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "decode-uri-component: improper input validation resulting in DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For OpenShift Container Platform (OCP), Advanced Clusters Management for Kubernetes (ACM) and Advanced Cluster Security (ACS), the NPM decode-uri-component package is only present in source repositories as a development dependency, it is not used in production. Therefore this vulnerability is rated Low for OCP and ACS.\n\nIn Red Hat OpenShift Logging the openshift-logging/kibana6-rhel8 container bundles many nodejs packages as a build time dependencies, including the decode-uri-component package. \nThe vulnerable code is not used, hence the impact to OpenShift Logging by this vulnerability is Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHPAM 7.13.4 async"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38900"
},
{
"category": "external",
"summary": "RHBZ#2170644",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170644"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38900",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38900"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38900",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38900"
},
{
"category": "external",
"summary": "https://github.com/SamVerschueren/decode-uri-component/issues/5",
"url": "https://github.com/SamVerschueren/decode-uri-component/issues/5"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-w573-4hg7-7wgq",
"url": "https://github.com/advisories/GHSA-w573-4hg7-7wgq"
}
],
"release_date": "2022-11-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-09-05T18:37:03+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHPAM 7.13.4 async"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4983"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHPAM 7.13.4 async"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "decode-uri-component: improper input validation resulting in DoS"
},
{
"cve": "CVE-2022-40152",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-10-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2134291"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the FasterXML/woodstox package. This flaw allows an attacker to cause a denial of service (DoS) in its target via XML serialization. An attacker may benefit from the parser sending a malicious input that may cause a crash. This vulnerability is only relevant for users using the DTD parsing functionality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHPAM 7.13.4 async"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40152"
},
{
"category": "external",
"summary": "RHBZ#2134291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134291"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40152",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40152"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40152",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40152"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-3f7h-mf4q-vrm4",
"url": "https://github.com/advisories/GHSA-3f7h-mf4q-vrm4"
}
],
"release_date": "2022-09-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-09-05T18:37:03+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHPAM 7.13.4 async"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4983"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHPAM 7.13.4 async"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks"
},
{
"cve": "CVE-2022-41854",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-12-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2151988"
}
],
"notes": [
{
"category": "description",
"text": "Those using Snakeyaml to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack overflow. This effect may support a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "dev-java/snakeyaml: DoS via stack overflow",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHPAM 7.13.4 async"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41854"
},
{
"category": "external",
"summary": "RHBZ#2151988",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2151988"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41854",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41854"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41854",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41854"
},
{
"category": "external",
"summary": "https://bitbucket.org/snakeyaml/snakeyaml/issues/543/stackoverflow-oss-fuzz-50355",
"url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/543/stackoverflow-oss-fuzz-50355"
},
{
"category": "external",
"summary": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50355",
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50355"
}
],
"release_date": "2022-11-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-09-05T18:37:03+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHPAM 7.13.4 async"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4983"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHPAM 7.13.4 async"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "dev-java/snakeyaml: DoS via stack overflow"
},
{
"cve": "CVE-2022-42920",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-11-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2142707"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds (OOB) write flaw was found in Apache Commons BCEL API. This flaw can be used to produce arbitrary bytecode and may abuse applications that pass attacker-controlled data to those APIs, giving the attacker more control over the resulting bytecode than otherwise expected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Apache-Commons-BCEL: arbitrary bytecode produced via out-of-bounds writing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Fuse 7 ships the code in question but does not utilize it in the product, so it is affected at a reduced impact of Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHPAM 7.13.4 async"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42920"
},
{
"category": "external",
"summary": "RHBZ#2142707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2142707"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42920",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42920"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42920",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42920"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/lfxk7q8qmnh5bt9jm6nmjlv5hsxjhrz4",
"url": "https://lists.apache.org/thread/lfxk7q8qmnh5bt9jm6nmjlv5hsxjhrz4"
}
],
"release_date": "2022-11-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-09-05T18:37:03+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHPAM 7.13.4 async"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4983"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"RHPAM 7.13.4 async"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Apache-Commons-BCEL: arbitrary bytecode produced via out-of-bounds writing"
},
{
"cve": "CVE-2022-45047",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-11-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2145194"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache MINA SSHD, when using Java deserialization to load a serialized java.security.PrivateKey. An attacker could benefit from unsafe deserialization by inserting unsecured data that may affect the application or server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mina-sshd: Java unsafe deserialization vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Impact as High as there\u0027s a mitigation for minimizing the impact which the flaw requires org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to be impacted, which would require an external/public API for an attacker to benefit from it. \n\nRed Hat Fuse 7 and Red Hat JBoss Enterprise Application Platform 7 have a lower rate (moderate) as it\u0027s very unlikely to be exploited since those are for internal usage or use a custom implementation in their case.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHPAM 7.13.4 async"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45047"
},
{
"category": "external",
"summary": "RHBZ#2145194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45047",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45047"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047"
},
{
"category": "external",
"summary": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html",
"url": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html"
}
],
"release_date": "2022-11-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-09-05T18:37:03+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHPAM 7.13.4 async"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4983"
},
{
"category": "workaround",
"details": "From the maintainer:\n\nFor Apache MINA SSHD \u003c= 2.9.1, do not use org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to generate and later load your server\u0027s host key. Use separately generated host key files, for instance in OpenSSH format, and load them via a org.apache.sshd.common.keyprovider.FileKeyPairProvider instead. Or use a custom implementation instead of \nSimpleGeneratorHostKeyProvider that uses the OpenSSH format for storing and loading the host key (via classes OpenSSHKeyPairResourceWriter and OpenSSHKeyPairResourceParser).",
"product_ids": [
"RHPAM 7.13.4 async"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"RHPAM 7.13.4 async"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "mina-sshd: Java unsafe deserialization vulnerability"
},
{
"cve": "CVE-2023-0482",
"cwe": {
"id": "CWE-378",
"name": "Creation of Temporary File With Insecure Permissions"
},
"discovery_date": "2023-01-31T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2166004"
}
],
"notes": [
{
"category": "description",
"text": "In RESTEasy the insecure File.createTempFile() is used in the DataSourceProvider, FileProvider and Mime4JWorkaround classes which creates temp files with insecure permissions that could be read by a local user.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "RESTEasy: creation of insecure temp files",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHPAM 7.13.4 async"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-0482"
},
{
"category": "external",
"summary": "RHBZ#2166004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2166004"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-0482",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0482"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0482",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0482"
}
],
"release_date": "2023-01-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-09-05T18:37:03+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHPAM 7.13.4 async"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4983"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"RHPAM 7.13.4 async"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "RESTEasy: creation of insecure temp files"
},
{
"cve": "CVE-2023-20860",
"cwe": {
"id": "CWE-155",
"name": "Improper Neutralization of Wildcards or Matching Symbols"
},
"discovery_date": "2023-03-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2180528"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Spring Framework. In this vulnerability, a security bypass is possible due to the behavior of the wildcard pattern.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "springframework: Security Bypass With Un-Prefixed Double Wildcard Pattern",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHPAM 7.13.4 async"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-20860"
},
{
"category": "external",
"summary": "RHBZ#2180528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2180528"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-20860",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20860"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-20860",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-20860"
},
{
"category": "external",
"summary": "https://spring.io/blog/2023/03/20/spring-framework-6-0-7-and-5-3-26-fix-cve-2023-20860-and-cve-2023-20861",
"url": "https://spring.io/blog/2023/03/20/spring-framework-6-0-7-and-5-3-26-fix-cve-2023-20860-and-cve-2023-20861"
}
],
"release_date": "2023-03-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-09-05T18:37:03+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHPAM 7.13.4 async"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4983"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"RHPAM 7.13.4 async"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "springframework: Security Bypass With Un-Prefixed Double Wildcard Pattern"
},
{
"cve": "CVE-2023-20861",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2023-03-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2180530"
}
],
"notes": [
{
"category": "description",
"text": "A flaw found was found in Spring Framework. This flaw allows a malicious user to use a specially crafted SpEL expression that causes a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "springframework: Spring Expression DoS Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHPAM 7.13.4 async"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-20861"
},
{
"category": "external",
"summary": "RHBZ#2180530",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2180530"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-20861",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20861"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-20861",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-20861"
},
{
"category": "external",
"summary": "https://spring.io/blog/2023/03/20/spring-framework-6-0-7-and-5-3-26-fix-cve-2023-20860-and-cve-2023-20861",
"url": "https://spring.io/blog/2023/03/20/spring-framework-6-0-7-and-5-3-26-fix-cve-2023-20860-and-cve-2023-20861"
}
],
"release_date": "2023-03-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-09-05T18:37:03+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHPAM 7.13.4 async"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4983"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"RHPAM 7.13.4 async"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "springframework: Spring Expression DoS Vulnerability"
},
{
"cve": "CVE-2023-20883",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-05-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2209342"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Spring Boot, occurring prominently in Spring MVC with a reverse proxy cache. This issue requires Spring MVC to have auto-configuration enabled and the application to use Spring Boot\u0027s welcome page support, either static or templated, resulting in the application being deployed behind a proxy that caches 404 responses. This issue may cause a denial of service (DoS) attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "spring-boot: Spring Boot Welcome Page DoS Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHPAM 7.13.4 async"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-20883"
},
{
"category": "external",
"summary": "RHBZ#2209342",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2209342"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-20883",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20883"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-20883",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-20883"
}
],
"release_date": "2023-05-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-09-05T18:37:03+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHPAM 7.13.4 async"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4983"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHPAM 7.13.4 async"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "spring-boot: Spring Boot Welcome Page DoS Vulnerability"
},
{
"cve": "CVE-2023-24998",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2023-02-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2172298"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Commons FileUpload, where it does not limit the number of parts being processed in a request. This issue may allow an attacker to use a malicious upload or series of uploads to trigger a denial of service.\r\n\r\nWhile Red Hat Satellite relies upon Apache Tomcat, it does not directly ship it. Tomcat is shipped with Red Hat Enterprise Linux and consumed by the Candlepin component of Satellite. Red Hat Satellite users are therefore advised to check the impact state of Red Hat Enterprise Linux, since any necessary fixes will be distributed through the platform.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "FileUpload: FileUpload DoS with excessive parts",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHPAM 7.13.4 async"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-24998"
},
{
"category": "external",
"summary": "RHBZ#2172298",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2172298"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-24998",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24998"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-24998",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24998"
},
{
"category": "external",
"summary": "https://commons.apache.org/proper/commons-fileupload/security-reports.html#Fixed_in_Apache_Commons_FileUpload_1.5",
"url": "https://commons.apache.org/proper/commons-fileupload/security-reports.html#Fixed_in_Apache_Commons_FileUpload_1.5"
}
],
"release_date": "2023-02-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-09-05T18:37:03+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHPAM 7.13.4 async"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4983"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHPAM 7.13.4 async"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "FileUpload: FileUpload DoS with excessive parts"
}
]
}
RHSA-2022_6823
Vulnerability from csaf_redhat - Published: 2022-10-05 16:35 - Updated: 2024-12-16 16:05Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.7 Security update
Severity
Important
Notes
Topic: A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.7 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.6, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.7 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* undertow: Large AJP request may cause DoS (CVE-2022-2053)
* undertow: potential security issue in flow control over HTTP/2 may lead to DOS. Incomplete fix for CVE-2021-3629 (CVE-2022-1259)
* snakeyaml: Denial of Service due missing to nested depth limitation for collections. (CVE-2022-25857)
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in Undertow. A potential security issue in flow control handling by the browser over HTTP/2 may cause overhead or a denial of service in the server.
7.5 (High)
Vendor Fix
Before applying this update, ensure all previously released errata relevant to your system have been applied. For details about how to apply this update, see: https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2022:6823
A flaw was found in Undertow. AJP requests to the server may allow an attacker to send a malicious request and trigger server errors, resulting in a denial of service.
7.5 (High)
Vendor Fix
Before applying this update, ensure all previously released errata relevant to your system have been applied. For details about how to apply this update, see: https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2022:6823
A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.
7.5 (High)
Vendor Fix
Before applying this update, ensure all previously released errata relevant to your system have been applied. For details about how to apply this update, see: https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2022:6823
References
| URL | Category | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.7 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.6, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.7 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* undertow: Large AJP request may cause DoS (CVE-2022-2053)\n\n* undertow: potential security issue in flow control over HTTP/2 may lead to DOS. Incomplete fix for CVE-2021-3629 (CVE-2022-1259)\n\n* snakeyaml: Denial of Service due missing to nested depth limitation for collections. (CVE-2022-25857)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:6823",
"url": "https://access.redhat.com/errata/RHSA-2022:6823"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/"
},
{
"category": "external",
"summary": "2072339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072339"
},
{
"category": "external",
"summary": "2095862",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095862"
},
{
"category": "external",
"summary": "2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "JBEAP-23620",
"url": "https://issues.redhat.com/browse/JBEAP-23620"
},
{
"category": "external",
"summary": "JBEAP-23687",
"url": "https://issues.redhat.com/browse/JBEAP-23687"
},
{
"category": "external",
"summary": "JBEAP-23738",
"url": "https://issues.redhat.com/browse/JBEAP-23738"
},
{
"category": "external",
"summary": "JBEAP-23741",
"url": "https://issues.redhat.com/browse/JBEAP-23741"
},
{
"category": "external",
"summary": "JBEAP-23753",
"url": "https://issues.redhat.com/browse/JBEAP-23753"
},
{
"category": "external",
"summary": "JBEAP-23772",
"url": "https://issues.redhat.com/browse/JBEAP-23772"
},
{
"category": "external",
"summary": "JBEAP-23794",
"url": "https://issues.redhat.com/browse/JBEAP-23794"
},
{
"category": "external",
"summary": "JBEAP-23802",
"url": "https://issues.redhat.com/browse/JBEAP-23802"
},
{
"category": "external",
"summary": "JBEAP-23803",
"url": "https://issues.redhat.com/browse/JBEAP-23803"
},
{
"category": "external",
"summary": "JBEAP-23805",
"url": "https://issues.redhat.com/browse/JBEAP-23805"
},
{
"category": "external",
"summary": "JBEAP-23816",
"url": "https://issues.redhat.com/browse/JBEAP-23816"
},
{
"category": "external",
"summary": "JBEAP-23818",
"url": "https://issues.redhat.com/browse/JBEAP-23818"
},
{
"category": "external",
"summary": "JBEAP-23869",
"url": "https://issues.redhat.com/browse/JBEAP-23869"
},
{
"category": "external",
"summary": "JBEAP-23881",
"url": "https://issues.redhat.com/browse/JBEAP-23881"
},
{
"category": "external",
"summary": "JBEAP-23912",
"url": "https://issues.redhat.com/browse/JBEAP-23912"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_6823.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.7 Security update",
"tracking": {
"current_release_date": "2024-12-16T16:05:43+00:00",
"generator": {
"date": "2024-12-16T16:05:43+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2022:6823",
"initial_release_date": "2022-10-05T16:35:58+00:00",
"revision_history": [
{
"date": "2022-10-05T16:35:58+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-10-05T16:35:58+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-16T16:05:43+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 7.4 for RHEL 9",
"product": {
"name": "Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el9eap.src",
"product_id": "eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-glassfish-jsf@2.3.14-5.SP06_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-wildfly-http-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.src",
"product_id": "eap7-wildfly-http-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-client@1.1.13-1.SP1_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy@3.15.4-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.14-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-vfs@3.2.17-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate@5.3.28-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.3.14-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el9eap.src",
"product_id": "eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.2.19-1.SP2_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el9eap.src",
"product_id": "eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.5.3-3.SP2_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el9eap.src",
"product": {
"name": "eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el9eap.src",
"product_id": "eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis@2.16.0-10.redhat_00045.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.45-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow-jastow@2.0.11-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-tcnative@2.0.52-3.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport-native-epoll@4.1.77-3.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty@4.1.77-3.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el9eap.src",
"product": {
"name": "eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el9eap.src",
"product_id": "eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.7-3.GA_redhat_00003.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el9eap.src",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el9eap.src",
"product_id": "eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-20.Final_redhat_00019.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el9eap.src",
"product_id": "eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-snakeyaml@1.31.0-1.redhat_00001.1.el9eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-glassfish-jsf@2.3.14-5.SP06_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-client-common-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-http-client-common-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-wildfly-http-client-common-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-client-common@1.1.13-1.SP1_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-ejb-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-http-ejb-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-wildfly-http-ejb-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-ejb-client@1.1.13-1.SP1_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-naming-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-http-naming-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-wildfly-http-naming-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-naming-client@1.1.13-1.SP1_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-transaction-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-http-transaction-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-wildfly-http-transaction-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-transaction-client@1.1.13-1.SP1_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy@3.15.4-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-atom-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-resteasy-atom-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-resteasy-atom-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-atom-provider@3.15.4-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-cdi-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-resteasy-cdi-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-resteasy-cdi-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-cdi@3.15.4-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-client-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-resteasy-client-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-resteasy-client-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-client@3.15.4-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-crypto-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-resteasy-crypto-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-resteasy-crypto-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-crypto@3.15.4-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jackson-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-resteasy-jackson-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-resteasy-jackson-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jackson-provider@3.15.4-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jackson2-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-resteasy-jackson2-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-resteasy-jackson2-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jackson2-provider@3.15.4-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jaxb-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-resteasy-jaxb-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-resteasy-jaxb-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jaxb-provider@3.15.4-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jaxrs-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-resteasy-jaxrs-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-resteasy-jaxrs-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jaxrs@3.15.4-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jettison-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-resteasy-jettison-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-resteasy-jettison-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jettison-provider@3.15.4-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jose-jwt-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-resteasy-jose-jwt-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-resteasy-jose-jwt-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jose-jwt@3.15.4-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jsapi-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-resteasy-jsapi-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-resteasy-jsapi-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jsapi@3.15.4-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-json-binding-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-resteasy-json-binding-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-resteasy-json-binding-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-json-binding-provider@3.15.4-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-json-p-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-resteasy-json-p-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-resteasy-json-p-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-json-p-provider@3.15.4-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-multipart-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-resteasy-multipart-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-resteasy-multipart-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-multipart-provider@3.15.4-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-rxjava2-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-resteasy-rxjava2-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-resteasy-rxjava2-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-rxjava2@3.15.4-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-spring-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-resteasy-spring-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-resteasy-spring-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-spring@3.15.4-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-validator-provider-11-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-resteasy-validator-provider-11-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-resteasy-validator-provider-11-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-validator-provider-11@3.15.4-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-yaml-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-resteasy-yaml-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-resteasy-yaml-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-yaml-provider@3.15.4-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.14-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-tool-0:1.15.14-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-tool-0:1.15.14-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-wildfly-elytron-tool-0:1.15.14-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron-tool@1.15.14-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-vfs@3.2.17-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate@5.3.28-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-core-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-hibernate-core-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-hibernate-core-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-core@5.3.28-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-envers-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-hibernate-envers-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-hibernate-envers-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-envers@5.3.28-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.3.14-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.2.19-1.SP2_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.5.3-3.SP2_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-api-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-api-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-common-api-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-api@1.5.3-3.SP2_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-impl-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-impl-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-common-impl-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-impl@1.5.3-3.SP2_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-spi-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-spi-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-common-spi-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-spi@1.5.3-3.SP2_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-api-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-api-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-core-api-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-api@1.5.3-3.SP2_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-impl-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-impl-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-core-impl-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-impl@1.5.3-3.SP2_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-deployers-common-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-deployers-common-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-deployers-common-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-deployers-common@1.5.3-3.SP2_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-jdbc-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-jdbc-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-jdbc-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-jdbc@1.5.3-3.SP2_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-validator-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-validator-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-validator-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-validator@1.5.3-3.SP2_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis@2.16.0-10.redhat_00045.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-cli-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-cli-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-cli-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-cli@2.16.0-10.redhat_00045.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-commons-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-commons-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-commons-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-commons@2.16.0-10.redhat_00045.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-core-client-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-core-client-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-core-client-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-core-client@2.16.0-10.redhat_00045.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-dto-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-dto-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-dto-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-dto@2.16.0-10.redhat_00045.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-hornetq-protocol@2.16.0-10.redhat_00045.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-hqclient-protocol@2.16.0-10.redhat_00045.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jdbc-store-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jdbc-store-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-jdbc-store-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jdbc-store@2.16.0-10.redhat_00045.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jms-client-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jms-client-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-jms-client-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-client@2.16.0-10.redhat_00045.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jms-server-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jms-server-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-jms-server-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-server@2.16.0-10.redhat_00045.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-journal-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-journal-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-journal-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-journal@2.16.0-10.redhat_00045.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-ra-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-ra-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-ra-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-ra@2.16.0-10.redhat_00045.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-selector-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-selector-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-selector-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-selector@2.16.0-10.redhat_00045.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-server-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-server-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-server-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-server@2.16.0-10.redhat_00045.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-service-extensions-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-service-extensions-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-service-extensions-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-service-extensions@2.16.0-10.redhat_00045.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-tools-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-tools-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-tools-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-tools@2.16.0-10.redhat_00045.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.45-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow-jastow@2.0.11-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-tcnative@2.0.52-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty@4.1.77-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-buffer-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-buffer-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-buffer-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-buffer@4.1.77-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-codec-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-codec-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec@4.1.77-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-dns-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-codec-dns-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-codec-dns-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-dns@4.1.77-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-haproxy-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-codec-haproxy-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-codec-haproxy-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-haproxy@4.1.77-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-http-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-codec-http-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-codec-http-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-http@4.1.77-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-http2-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-codec-http2-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-codec-http2-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-http2@4.1.77-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-memcache-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-codec-memcache-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-codec-memcache-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-memcache@4.1.77-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-mqtt-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-codec-mqtt-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-codec-mqtt-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-mqtt@4.1.77-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-redis-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-codec-redis-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-codec-redis-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-redis@4.1.77-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-smtp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-codec-smtp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-codec-smtp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-smtp@4.1.77-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-socks-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-codec-socks-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-codec-socks-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-socks@4.1.77-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-stomp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-codec-stomp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-codec-stomp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-stomp@4.1.77-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-xml-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-codec-xml-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-codec-xml-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-xml@4.1.77-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-common-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-common-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-common-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-common@4.1.77-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-handler-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-handler-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-handler-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-handler@4.1.77-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-handler-proxy-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-handler-proxy-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-handler-proxy-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-handler-proxy@4.1.77-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-resolver-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-resolver-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-resolver-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-resolver@4.1.77-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-resolver-dns-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-resolver-dns-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-resolver-dns-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-resolver-dns@4.1.77-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-resolver-dns-classes-macos-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-resolver-dns-classes-macos-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-resolver-dns-classes-macos-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-resolver-dns-classes-macos@4.1.77-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-transport-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-transport-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-transport-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport@4.1.77-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-transport-classes-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-transport-classes-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-transport-classes-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport-classes-epoll@4.1.77-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-transport-classes-kqueue-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-transport-classes-kqueue-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-transport-classes-kqueue-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport-classes-kqueue@4.1.77-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-transport-native-unix-common-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-transport-native-unix-common-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-transport-native-unix-common-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport-native-unix-common@4.1.77-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-transport-rxtx-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-transport-rxtx-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-transport-rxtx-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport-rxtx@4.1.77-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-transport-sctp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-transport-sctp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-transport-sctp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport-sctp@4.1.77-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-transport-udt-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-transport-udt-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-transport-udt-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport-udt@4.1.77-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch",
"product_id": "eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.7-3.GA_redhat_00003.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-javadocs-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch",
"product_id": "eap7-wildfly-javadocs-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.4.7-3.GA_redhat_00003.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-modules-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-modules-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch",
"product_id": "eap7-wildfly-modules-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.4.7-3.GA_redhat_00003.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"product_id": "eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-20.Final_redhat_00019.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-cli-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"product_id": "eap7-jboss-server-migration-cli-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.10.0-20.Final_redhat_00019.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-core-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"product_id": "eap7-jboss-server-migration-core-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.10.0-20.Final_redhat_00019.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-snakeyaml@1.31.0-1.redhat_00001.1.el9eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.x86_64",
"product": {
"name": "eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.x86_64",
"product_id": "eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport-native-epoll@4.1.77-3.Final_redhat_00001.1.el9eap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-transport-native-epoll-debuginfo-0:4.1.77-3.Final_redhat_00001.1.el9eap.x86_64",
"product": {
"name": "eap7-netty-transport-native-epoll-debuginfo-0:4.1.77-3.Final_redhat_00001.1.el9eap.x86_64",
"product_id": "eap7-netty-transport-native-epoll-debuginfo-0:4.1.77-3.Final_redhat_00001.1.el9eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport-native-epoll-debuginfo@4.1.77-3.Final_redhat_00001.1.el9eap?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el9eap.src"
},
"product_reference": "eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-cli-0:2.16.0-10.redhat_00045.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-10.redhat_00045.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-cli-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-commons-0:2.16.0-10.redhat_00045.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-10.redhat_00045.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-commons-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-core-client-0:2.16.0-10.redhat_00045.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-10.redhat_00045.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-core-client-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-dto-0:2.16.0-10.redhat_00045.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-10.redhat_00045.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-dto-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-10.redhat_00045.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-10.redhat_00045.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-10.redhat_00045.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-10.redhat_00045.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jdbc-store-0:2.16.0-10.redhat_00045.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-10.redhat_00045.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jdbc-store-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jms-client-0:2.16.0-10.redhat_00045.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-10.redhat_00045.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jms-client-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jms-server-0:2.16.0-10.redhat_00045.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-10.redhat_00045.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jms-server-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-journal-0:2.16.0-10.redhat_00045.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-10.redhat_00045.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-journal-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-ra-0:2.16.0-10.redhat_00045.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-10.redhat_00045.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-ra-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-selector-0:2.16.0-10.redhat_00045.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-10.redhat_00045.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-selector-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-server-0:2.16.0-10.redhat_00045.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-10.redhat_00045.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-server-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-service-extensions-0:2.16.0-10.redhat_00045.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-10.redhat_00045.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-service-extensions-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-tools-0:2.16.0-10.redhat_00045.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-10.redhat_00045.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-tools-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-core-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-hibernate-core-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-envers-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-hibernate-envers-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-api-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-api-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-impl-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-impl-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-spi-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-spi-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-api-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-api-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-impl-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-impl-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-deployers-common-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-deployers-common-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-jdbc-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-jdbc-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-validator-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-validator-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el9eap.src"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-cli-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-core-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-buffer-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-buffer-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-codec-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-dns-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-codec-dns-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-haproxy-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-codec-haproxy-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-http-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-codec-http-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-http2-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-codec-http2-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-memcache-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-codec-memcache-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-mqtt-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-codec-mqtt-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-redis-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-codec-redis-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-smtp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-codec-smtp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-socks-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-codec-socks-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-stomp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-codec-stomp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-xml-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-codec-xml-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-common-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-common-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-handler-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-handler-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-handler-proxy-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-handler-proxy-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-resolver-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-resolver-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-resolver-dns-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-resolver-dns-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-resolver-dns-classes-macos-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-resolver-dns-classes-macos-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-transport-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-classes-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-transport-classes-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-classes-kqueue-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-transport-classes-kqueue-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.x86_64"
},
"product_reference": "eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.x86_64",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-native-epoll-debuginfo-0:4.1.77-3.Final_redhat_00001.1.el9eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.77-3.Final_redhat_00001.1.el9eap.x86_64"
},
"product_reference": "eap7-netty-transport-native-epoll-debuginfo-0:4.1.77-3.Final_redhat_00001.1.el9eap.x86_64",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-native-unix-common-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-transport-native-unix-common-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-rxtx-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-transport-rxtx-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-sctp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-transport-sctp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-udt-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-transport-udt-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-atom-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-resteasy-atom-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-cdi-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-resteasy-cdi-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-client-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-resteasy-client-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-crypto-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-resteasy-crypto-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jackson-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-resteasy-jackson-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jackson2-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-resteasy-jackson2-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jaxb-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-resteasy-jaxb-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jaxrs-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-resteasy-jaxrs-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jettison-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-resteasy-jettison-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jose-jwt-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-resteasy-jose-jwt-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jsapi-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-resteasy-jsapi-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-json-binding-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-resteasy-json-binding-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-json-p-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-resteasy-json-p-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-multipart-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-resteasy-multipart-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-rxjava2-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-resteasy-rxjava2-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-spring-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-resteasy-spring-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-validator-provider-11-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-resteasy-validator-provider-11-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-yaml-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-resteasy-yaml-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el9eap.src"
},
"product_reference": "eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-tool-0:1.15.14-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.14-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-tool-0:1.15.14-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-wildfly-http-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-client-common-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-http-client-common-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-ejb-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-http-ejb-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-naming-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-http-naming-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-transaction-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-http-transaction-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-javadocs-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-modules-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-modules-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-1259",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2022-04-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-common-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.77-3.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2072339"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Undertow. A potential security issue in flow control handling by the browser over HTTP/2 may cause overhead or a denial of service in the server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: potential security issue in flow control over HTTP/2 may lead to DOS(incomplete fix for CVE-2021-3629)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw occurs because of an incomplete fix for CVE-2021-3629.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-common-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.77-3.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-1259"
},
{
"category": "external",
"summary": "RHBZ#2072339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072339"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-1259",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1259"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1259",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1259"
}
],
"release_date": "2022-04-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-05T16:35:58+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied. For details about how to apply this update, see: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6823"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-common-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.77-3.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undertow: potential security issue in flow control over HTTP/2 may lead to DOS(incomplete fix for CVE-2021-3629)"
},
{
"cve": "CVE-2022-2053",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2022-06-10T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-common-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.77-3.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2095862"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Undertow. AJP requests to the server may allow an attacker to send a malicious request and trigger server errors, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: Large AJP request may cause DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Fuse 7 is now in Maintenance Support Phase and is marked Fixed. However, Red Hat Fuse Online does not contain the fix for this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-common-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.77-3.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-2053"
},
{
"category": "external",
"summary": "RHBZ#2095862",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095862"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-2053",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2053"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-2053",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2053"
}
],
"release_date": "2022-06-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-05T16:35:58+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied. For details about how to apply this update, see: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6823"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-common-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.77-3.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undertow: Large AJP request may cause DoS"
},
{
"cve": "CVE-2022-25857",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-09-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-common-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.77-3.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2126789"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Denial of Service due to missing nested depth limitation for collections",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For RHEL-8 it\u0027s downgraded to moderate because \"snakeyaml\" itself in RHEL 8 or RHEL-9 isn\u0027t shipped and \"prometheus-jmx-exporter\" is needed as build dependency. And it\u0027s not directly exploitable, hence severity marked as moderate.\nRed Hat Integration and AMQ products are not vulnerable to this flaw, so their severity has been lowered to moderate.\nRed Hat Single Sign-On uses snakeyaml from liquibase-core and is only used when performing migrations and would require administrator privileges to execute, hence severity marked as Low.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be present soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-common-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.77-3.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25857"
},
{
"category": "external",
"summary": "RHBZ#2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25857",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25857"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857"
},
{
"category": "external",
"summary": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525",
"url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525"
}
],
"release_date": "2022-08-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-05T16:35:58+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied. For details about how to apply this update, see: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6823"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-10.redhat_00045.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.28-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.3-3.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-20.Final_redhat_00019.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-common-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.77-3.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.77-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.4-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.13-1.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.7-3.GA_redhat_00003.1.el9eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "snakeyaml: Denial of Service due to missing nested depth limitation for collections"
}
]
}
RHSA-2023_1043
Vulnerability from csaf_redhat - Published: 2023-03-01 22:02 - Updated: 2024-12-18 00:37Summary
Red Hat Security Advisory: Red Hat Single Sign-On 7.6.2 security update on RHEL 7
Severity
Important
Notes
Topic: New Red Hat Single Sign-On 7.6.2 packages are now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.
This release of Red Hat Single Sign-On 7.6.2 on RHEL 7 serves as a replacement for Red Hat Single Sign-On 7.6.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* keycloak: XSS on impersonation under specific circumstances (CVE-2022-1438)
* Moment.js: Path traversal in moment.locale (CVE-2022-24785)
* keycloak: missing email notification template allowlist (CVE-2022-1274)
* keycloak: minimist: prototype pollution (CVE-2021-44906)
* moment: inefficient parsing algorithm resulting in DoS (CVE-2022-31129)
* undertow: DoS can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations (CVE-2022-2764)
* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)
* loader-utils: loader-utils:Regular expression denial of service (CVE-2022-37603)
* keycloak: Session takeover with OIDC offline refreshtokens (CVE-2022-3916)
* keycloak: path traversal via double URL encoding (CVE-2022-3782)
* snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode (CVE-2022-38749)
* snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match (CVE-2022-38751)
* snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject (CVE-2022-38750)
* keycloak: Client Registration endpoint does not check token revocation (CVE-2023-0091)
* keycloak: glob-parent: Regular Expression Denial of Service (CVE-2021-35065)
* json5: Prototype Pollution in JSON5 via Parse Method (CVE-2022-46175)
* keycloak: keycloak: user impersonation via stolen uuid code (CVE-2023-0264)
* snakeyaml: Constructor Deserialization Remote Code Execution (CVE-2022-1471)
* CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364)
* rcue-bootstrap: bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip (CVE-2018-14042)
* jettison: If the value in map is the map's self, the new new JSONObject(map) cause StackOverflowError which may lead to dos (CVE-2022-45693)
* sshd-common: mina-sshd: Java unsafe deserialization vulnerability (CVE-2022-45047)
* jettison: memory exhaustion via user-supplied XML or JSON data (CVE-2022-40150)
* jettison: parser crash by stackoverflow (CVE-2022-40149)
* jackson-databind: use of deeply nested arrays (CVE-2022-42004)
* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)
* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)
* jquery: Passing HTML containing <option> elements to manipulation methods could result in untrusted code execution (CVE-2020-11023)
* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)
* jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358)
* CXF: Apache CXF: directory listing / code exfiltration (CVE-2022-46363)
* keycloak: reflected XSS attack (CVE-2022-4137)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.
6.1 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1043
In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.
6.1 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1043
A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.
5.6 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1043
A Cross-site scripting (XSS) vulnerability exists in JQuery. This flaw allows an attacker with the ability to supply input to the ‘HTML’ function to inject Javascript into the page where that input is rendered, and have it delivered by the browser.
6.1 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1043
A flaw was found in jQuery. HTML containing \<option\> elements from untrusted sources are passed, even after sanitizing, to one of jQuery's DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.
6.1 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1043
A vulnerability was found in the glob-parent package. Affected versions of this package are vulnerable to Regular expression Denial of Service (ReDoS) attacks, affecting system availability.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1043
An Uncontrolled Resource Consumption flaw was found in minimist. This flaw allows an attacker to trick the library into adding or modifying the properties of Object.prototype, using a constructor or __proto__ payload, resulting in prototype pollution and loss of confidentiality, availability, and integrity.
9.8 (Critical)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1043
A flaw was found in Keycloak in the execute-actions-email endpoint. This issue allows arbitrary HTML to be injected into emails sent to Keycloak users and can be misused to perform phishing or other attacks against users.
7.6 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1043
A flaw was found in Keycloak. Under specific circumstances, HTML entities are not sanitized during user impersonation, resulting in a Cross-site scripting (XSS) vulnerability.
6.4 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1043
A flaw was found in the SnakeYaml package. This flaw allows an attacker to benefit from remote code execution by sending malicious YAML content and this content being deserialized by the constructor. Deserialization is unsafe and leads to Remote Code Execution (RCE).
9.8 (Critical)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1043
A flaw was found in Undertow with EJB invocations. This flaw allows an attacker to generate a valid HTTP request and send it to the server on an established connection after removing the LAST_CHUNK from the bytes, causing a denial of service.
4.2 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1043
A flaw was found in the offline_access scope in Keycloak. This issue would affect users of shared computers more (especially if cookies are not cleared), due to a lack of root session validation, and the reuse of session ids across root and user authentication sessions. This enables an attacker to resolve a user session attached to a previously authenticated user; when utilizing the refresh token, they will be issued a token for the original user.
6.8 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1043
A reflected cross-site scripting (XSS) vulnerability was found in the 'oob' OAuth endpoint due to incorrect null-byte handling. This issue allows a malicious link to insert an arbitrary URI into a Keycloak error page. This flaw requires a user or administrator to interact with a link in order to be vulnerable. This may compromise user details, allowing it to be changed or collected by an attacker.
8.1 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1043
A path traversal vulnerability was found in Moment.js that impacts npm (server) users. This issue occurs if a user-provided locale string is directly used to switch moment locale, which an attacker can exploit to change the correct path to one of their choice. This can result in a loss of integrity.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1043
Workaround
Sanitize the user-provided locale name before passing it to Moment.js.
A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1043
A flaw was found in the Moment.js package. Users who pass user-provided strings without sanity length checks to the moment constructor are vulnerable to regular expression denial of service (ReDoS) attacks.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1043
A flaw was found in loader-utils webpack library. When the url variable from interpolateName is set, the prototype can be polluted. This issue could lead to a regular expression Denial of Service (ReDoS), affecting the availability of the affected component.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1043
A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash, resulting in a denial of service.
6.5 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1043
A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.
5.5 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1043
A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.
6.5 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1043
A stack-based buffer overflow vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. This flaw allows an attacker to supply content that causes the parser to crash by writing outside the memory bounds if the parser is running on user-supplied input, resulting in a denial of service attack.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1043
A vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. If the parser is running on user-supplied input, an attacker may supply content that causes the parser to crash, causing memory exhaustion. This effect may support a denial of service attack.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1043
A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1043
A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1043
A flaw was found in Apache MINA SSHD, when using Java deserialization to load a serialized java.security.PrivateKey. An attacker could benefit from unsafe deserialization by inserting unsecured data that may affect the application or server.
9.8 (Critical)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1043
Workaround
From the maintainer:
For Apache MINA SSHD <= 2.9.1, do not use org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to generate and later load your server's host key. Use separately generated host key files, for instance in OpenSSH format, and load them via a org.apache.sshd.common.keyprovider.FileKeyPairProvider instead. Or use a custom implementation instead of
SimpleGeneratorHostKeyProvider that uses the OpenSSH format for storing and loading the host key (via classes OpenSSHKeyPairResourceWriter and OpenSSHKeyPairResourceParser).
A flaw was found in Jettison, where it is vulnerable to a denial of service caused by a stack-based buffer overflow. By sending a specially-crafted request using the map parameter, a remote attacker can cause a denial of service.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1043
A flaw was found in the json5 package. The affected version of the json5 package could allow an attacker to set arbitrary and unexpected keys on the object returned from JSON5.parse.
8.8 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1043
A vulnerability was found in Apache CXF that could allow an attacker to perform a remote directory listing or code exfiltration. This issue only applies when the CXFServlet is configured with both the static-resources-list and redirect-query-check attributes. These attributes are not supposed to be used together, so the issue can only occur if the CXF service is misconfigured.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1043
A SSRF vulnerability was found in Apache CXF. This issue occurs when parsing the href attribute of XOP:Include in MTOM requests, allowing an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type.
9.8 (Critical)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1043
A flaw was found in Keycloak, where it did not properly check client tokens for possible revocation in its client credential flow. This flaw allows an attacker to access or modify potentially sensitive information.
CWE-20 - Improper Input Validation
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1043
A flaw was found in Keycloak's OpenID Connect user authentication, which may incorrectly authenticate requests. An authenticated attacker who could obtain information from a user request within the same realm could use that data to impersonate the victim and generate new session tokens. This issue could impact confidentiality, Integrity, and availability.
4.6 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1043
References
| URL | Category | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Acknowledgments
usd AG
Marcus Nilsson
SISOFT s.c.
Grzegorz Tworek
Trifork
Peter Flintholm
https://github.com/souravs17031999
Sourav Kumar
A1 Digital
Jordi Zayuelas i Muñoz
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "New Red Hat Single Sign-On 7.6.2 packages are now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.\n\nThis release of Red Hat Single Sign-On 7.6.2 on RHEL 7 serves as a replacement for Red Hat Single Sign-On 7.6.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* keycloak: XSS on impersonation under specific circumstances (CVE-2022-1438)\n* Moment.js: Path traversal in moment.locale (CVE-2022-24785)\n* keycloak: missing email notification template allowlist (CVE-2022-1274)\n* keycloak: minimist: prototype pollution (CVE-2021-44906)\n* moment: inefficient parsing algorithm resulting in DoS (CVE-2022-31129)\n* undertow: DoS can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations (CVE-2022-2764)\n* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)\n* loader-utils: loader-utils:Regular expression denial of service (CVE-2022-37603)\n* keycloak: Session takeover with OIDC offline refreshtokens (CVE-2022-3916)\n* keycloak: path traversal via double URL encoding (CVE-2022-3782)\n* snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode (CVE-2022-38749)\n* snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match (CVE-2022-38751)\n* snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject (CVE-2022-38750)\n* keycloak: Client Registration endpoint does not check token revocation (CVE-2023-0091)\n* keycloak: glob-parent: Regular Expression Denial of Service (CVE-2021-35065)\n* json5: Prototype Pollution in JSON5 via Parse Method (CVE-2022-46175)\n* keycloak: keycloak: user impersonation via stolen uuid code (CVE-2023-0264)\n* snakeyaml: Constructor Deserialization Remote Code Execution (CVE-2022-1471)\n* CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364)\n* rcue-bootstrap: bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip (CVE-2018-14042)\n* jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos (CVE-2022-45693)\n* sshd-common: mina-sshd: Java unsafe deserialization vulnerability (CVE-2022-45047)\n* jettison: memory exhaustion via user-supplied XML or JSON data (CVE-2022-40150)\n* jettison: parser crash by stackoverflow (CVE-2022-40149)\n* jackson-databind: use of deeply nested arrays (CVE-2022-42004)\n* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)\n* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)\n* jquery: Passing HTML containing \u003coption\u003e elements to manipulation methods could result in untrusted code execution (CVE-2020-11023)\n* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)\n* jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358)\n* CXF: Apache CXF: directory listing / code exfiltration (CVE-2022-46363)\n* keycloak: reflected XSS attack (CVE-2022-4137)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:1043",
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "2031904",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031904"
},
{
"category": "external",
"summary": "2066009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066009"
},
{
"category": "external",
"summary": "2072009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072009"
},
{
"category": "external",
"summary": "2073157",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073157"
},
{
"category": "external",
"summary": "2105075",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105075"
},
{
"category": "external",
"summary": "2117506",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2117506"
},
{
"category": "external",
"summary": "2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "2129706",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129706"
},
{
"category": "external",
"summary": "2129707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129707"
},
{
"category": "external",
"summary": "2129709",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129709"
},
{
"category": "external",
"summary": "2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "2135770",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770"
},
{
"category": "external",
"summary": "2135771",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771"
},
{
"category": "external",
"summary": "2138971",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2138971"
},
{
"category": "external",
"summary": "2140597",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140597"
},
{
"category": "external",
"summary": "2141404",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2141404"
},
{
"category": "external",
"summary": "2145194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
},
{
"category": "external",
"summary": "2148496",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2148496"
},
{
"category": "external",
"summary": "2150009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150009"
},
{
"category": "external",
"summary": "2155681",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155681"
},
{
"category": "external",
"summary": "2155682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155682"
},
{
"category": "external",
"summary": "2155970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155970"
},
{
"category": "external",
"summary": "2156263",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156263"
},
{
"category": "external",
"summary": "2156324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156324"
},
{
"category": "external",
"summary": "2158585",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2158585"
},
{
"category": "external",
"summary": "2160585",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2160585"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_1043.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Single Sign-On 7.6.2 security update on RHEL 7",
"tracking": {
"current_release_date": "2024-12-18T00:37:43+00:00",
"generator": {
"date": "2024-12-18T00:37:43+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2023:1043",
"initial_release_date": "2023-03-01T22:02:40+00:00",
"revision_history": [
{
"date": "2023-03-01T22:02:40+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-03-01T22:02:40+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-18T00:37:43+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Single Sign-On 7.6 for RHEL 7 Server",
"product": {
"name": "Red Hat Single Sign-On 7.6 for RHEL 7 Server",
"product_id": "7Server-RHSSO-7.6",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:red_hat_single_sign_on:7.6::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat Single Sign-On"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"product": {
"name": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"product_id": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7-keycloak@18.0.6-1.redhat_00001.1.el7sso?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"product": {
"name": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"product_id": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7-keycloak@18.0.6-1.redhat_00001.1.el7sso?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"product": {
"name": "rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"product_id": "rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7-keycloak-server@18.0.6-1.redhat_00001.1.el7sso?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch as a component of Red Hat Single Sign-On 7.6 for RHEL 7 Server",
"product_id": "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
},
"product_reference": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"relates_to_product_reference": "7Server-RHSSO-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src as a component of Red Hat Single Sign-On 7.6 for RHEL 7 Server",
"product_id": "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src"
},
"product_reference": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"relates_to_product_reference": "7Server-RHSSO-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch as a component of Red Hat Single Sign-On 7.6 for RHEL 7 Server",
"product_id": "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
},
"product_reference": "rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"relates_to_product_reference": "7Server-RHSSO-7.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-14040",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601614"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14040"
},
{
"category": "external",
"summary": "RHBZ#1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14040",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14040"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute"
},
{
"cve": "CVE-2018-14042",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601617"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14042"
},
{
"category": "external",
"summary": "RHBZ#1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14042",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14042"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip"
},
{
"cve": "CVE-2019-11358",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-03-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1701972"
}
],
"notes": [
{
"category": "description",
"text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-11358"
},
{
"category": "external",
"summary": "RHBZ#1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/",
"url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"
},
{
"category": "external",
"summary": "https://www.drupal.org/sa-core-2019-006",
"url": "https://www.drupal.org/sa-core-2019-006"
}
],
"release_date": "2019-03-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection"
},
{
"cve": "CVE-2020-11022",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-04-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1828406"
}
],
"notes": [
{
"category": "description",
"text": "A Cross-site scripting (XSS) vulnerability exists in JQuery. This flaw allows an attacker with the ability to supply input to the \u2018HTML\u2019 function to inject Javascript into the page where that input is rendered, and have it delivered by the browser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "No supported release of Red Hat OpenStack Platform is affected by this vulnerability as no shipped packages contain the vulnerable code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11022"
},
{
"category": "external",
"summary": "RHBZ#1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11022",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2",
"url": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2"
}
],
"release_date": "2020-04-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method"
},
{
"cve": "CVE-2020-11023",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-06-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1850004"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jQuery. HTML containing \\\u003coption\\\u003e elements from untrusted sources are passed, even after sanitizing, to one of jQuery\u0027s DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux versions 6, 7, and 8 ship a vulnerable version of JQuery in the `pcs` component. However, the vulnerability has not been found to be exploitable in reasonable scenarios. \n\nIn RHEL7, pcs-0.9.169-3.el7_9.3 [RHSA-2022:7343] contains an updated version of jquery (3.6.0), which does not contain the vulnerable code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11023"
},
{
"category": "external",
"summary": "RHBZ#1850004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/",
"url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/"
}
],
"release_date": "2020-04-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods"
},
{
"cve": "CVE-2021-35065",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-12-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2156324"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the glob-parent package. Affected versions of this package are vulnerable to Regular expression Denial of Service (ReDoS) attacks, affecting system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "glob-parent: Regular Expression Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The glob-parent package is a transitive dependency and this is not used directly in any of the Red Hat products. Hence, the impact is reduced to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-35065"
},
{
"category": "external",
"summary": "RHBZ#2156324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156324"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-35065",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35065"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-35065",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-35065"
},
{
"category": "external",
"summary": "https://security.snyk.io/vuln/SNYK-JS-GLOBPARENT-1314294",
"url": "https://security.snyk.io/vuln/SNYK-JS-GLOBPARENT-1314294"
}
],
"release_date": "2022-12-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "glob-parent: Regular Expression Denial of Service"
},
{
"cve": "CVE-2021-44906",
"cwe": {
"id": "CWE-1321",
"name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
},
"discovery_date": "2022-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2066009"
}
],
"notes": [
{
"category": "description",
"text": "An Uncontrolled Resource Consumption flaw was found in minimist. This flaw allows an attacker to trick the library into adding or modifying the properties of Object.prototype, using a constructor or __proto__ payload, resulting in prototype pollution and loss of confidentiality, availability, and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "minimist: prototype pollution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The original fix for CVE-2020-7598 was incomplete as it was still possible to bypass in some cases. While this flaw (CVE-2021-44906) enables attackers to control objects that they should not have access to, actual exploitation would still require a chain of independent flaws. Even though the CVSS for CVE-2021-44906 is higher than CVE-2020-7598, they are both rated as having Moderate impact.\n\nWithin Red Hat Satellite 6 this flaw has been rated as having a security impact of Low. It is not currently planned to be addressed there, as the minimist library is only included in the -doc subpackage and is part of test fixtures that are not in the execution path used by the rabl gem.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44906"
},
{
"category": "external",
"summary": "RHBZ#2066009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44906",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44906"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44906",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44906"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-xvch-5gv4-984h",
"url": "https://github.com/advisories/GHSA-xvch-5gv4-984h"
}
],
"release_date": "2022-03-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "minimist: prototype pollution"
},
{
"acknowledgments": [
{
"names": [
"Marcus Nilsson"
],
"organization": "usd AG"
}
],
"cve": "CVE-2022-1274",
"cwe": {
"id": "CWE-80",
"name": "Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)"
},
"discovery_date": "2022-04-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2073157"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Keycloak in the execute-actions-email endpoint. This issue allows arbitrary HTML to be injected into emails sent to Keycloak users and can be misused to perform phishing or other attacks against users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: HTML injection in execute-actions-email Admin REST API",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-1274"
},
{
"category": "external",
"summary": "RHBZ#2073157",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073157"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-1274",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1274"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1274",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1274"
},
{
"category": "external",
"summary": "https://github.com/keycloak/keycloak/security/advisories/GHSA-m4fv-gm5m-4725",
"url": "https://github.com/keycloak/keycloak/security/advisories/GHSA-m4fv-gm5m-4725"
}
],
"release_date": "2023-02-28T18:57:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "keycloak: HTML injection in execute-actions-email Admin REST API"
},
{
"acknowledgments": [
{
"names": [
"Grzegorz Tworek"
],
"organization": "SISOFT s.c."
}
],
"cve": "CVE-2022-1438",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2021-12-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2031904"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Keycloak. Under specific circumstances, HTML entities are not sanitized during user impersonation, resulting in a Cross-site scripting (XSS) vulnerability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: XSS on impersonation under specific circumstances",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-1438"
},
{
"category": "external",
"summary": "RHBZ#2031904",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031904"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-1438",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1438"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1438",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1438"
}
],
"release_date": "2023-02-28T18:56:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "keycloak: XSS on impersonation under specific circumstances"
},
{
"cve": "CVE-2022-1471",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-12-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2150009"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the SnakeYaml package. This flaw allows an attacker to benefit from remote code execution by sending malicious YAML content and this content being deserialized by the constructor. Deserialization is unsafe and leads to Remote Code Execution (RCE).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "SnakeYaml: Constructor Deserialization Remote Code Execution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In the Red Hat Process Automation 7 (RHPAM) the untrusted, malicious YAML file for deserialization by the vulnerable Snakeyaml\u0027s SafeConstructor class must be provided intentionally by the RHPAM user which requires high privileges. The potential attack complexity is also high because it depends on conditions that are beyond the attacker\u0027s control. Due to that the impact for RHPAM is reduced to Low.\n\nRed Hat Fuse 7 does not expose by default any endpoint that passes incoming data/request into vulnerable Snakeyaml\u0027s Constructor class nor pass untrusted data to this class. When this class is used, it\u2019s still only used to parse internal configuration, hence the impact by this vulnerability to Red Hat Fuse 7 is reduced to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-1471"
},
{
"category": "external",
"summary": "RHBZ#2150009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-1471",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1471"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1471",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1471"
},
{
"category": "external",
"summary": "https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2",
"url": "https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2"
}
],
"release_date": "2022-10-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "SnakeYaml: Constructor Deserialization Remote Code Execution"
},
{
"cve": "CVE-2022-2764",
"discovery_date": "2022-08-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2117506"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Undertow with EJB invocations. This flaw allows an attacker to generate a valid HTTP request and send it to the server on an established connection after removing the LAST_CHUNK from the bytes, causing a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Undertow: DoS can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-2764"
},
{
"category": "external",
"summary": "RHBZ#2117506",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2117506"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-2764",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2764"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-2764",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2764"
}
],
"release_date": "2022-08-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "Undertow: DoS can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations"
},
{
"acknowledgments": [
{
"names": [
"Peter Flintholm"
],
"organization": "Trifork"
}
],
"cve": "CVE-2022-3916",
"cwe": {
"id": "CWE-384",
"name": "Session Fixation"
},
"discovery_date": "2022-11-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2141404"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the offline_access scope in Keycloak. This issue would affect users of shared computers more (especially if cookies are not cleared), due to a lack of root session validation, and the reuse of session ids across root and user authentication sessions. This enables an attacker to resolve a user session attached to a previously authenticated user; when utilizing the refresh token, they will be issued a token for the original user.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: Session takeover with OIDC offline refreshtokens",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3916"
},
{
"category": "external",
"summary": "RHBZ#2141404",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2141404"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3916",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3916"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3916",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3916"
}
],
"release_date": "2022-11-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "keycloak: Session takeover with OIDC offline refreshtokens"
},
{
"cve": "CVE-2022-4137",
"cwe": {
"id": "CWE-81",
"name": "Improper Neutralization of Script in an Error Message Web Page"
},
"discovery_date": "2022-11-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2148496"
}
],
"notes": [
{
"category": "description",
"text": "A reflected cross-site scripting (XSS) vulnerability was found in the \u0027oob\u0027 OAuth endpoint due to incorrect null-byte handling. This issue allows a malicious link to insert an arbitrary URI into a Keycloak error page. This flaw requires a user or administrator to interact with a link in order to be vulnerable. This may compromise user details, allowing it to be changed or collected by an attacker.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: reflected XSS attack",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-4137"
},
{
"category": "external",
"summary": "RHBZ#2148496",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2148496"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-4137",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4137"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-4137",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4137"
}
],
"release_date": "2023-03-01T13:56:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "keycloak: reflected XSS attack"
},
{
"cve": "CVE-2022-24785",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2022-04-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2072009"
}
],
"notes": [
{
"category": "description",
"text": "A path traversal vulnerability was found in Moment.js that impacts npm (server) users. This issue occurs if a user-provided locale string is directly used to switch moment locale, which an attacker can exploit to change the correct path to one of their choice. This can result in a loss of integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Moment.js: Path traversal in moment.locale",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-24785"
},
{
"category": "external",
"summary": "RHBZ#2072009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-24785",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24785"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24785",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24785"
},
{
"category": "external",
"summary": "https://github.com/moment/moment/security/advisories/GHSA-8hfj-j24r-96c4",
"url": "https://github.com/moment/moment/security/advisories/GHSA-8hfj-j24r-96c4"
}
],
"release_date": "2022-04-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
},
{
"category": "workaround",
"details": "Sanitize the user-provided locale name before passing it to Moment.js.",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Moment.js: Path traversal in moment.locale"
},
{
"cve": "CVE-2022-25857",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-09-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2126789"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Denial of Service due to missing nested depth limitation for collections",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For RHEL-8 it\u0027s downgraded to moderate because \"snakeyaml\" itself in RHEL 8 or RHEL-9 isn\u0027t shipped and \"prometheus-jmx-exporter\" is needed as build dependency. And it\u0027s not directly exploitable, hence severity marked as moderate.\nRed Hat Integration and AMQ products are not vulnerable to this flaw, so their severity has been lowered to moderate.\nRed Hat Single Sign-On uses snakeyaml from liquibase-core and is only used when performing migrations and would require administrator privileges to execute, hence severity marked as Low.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be present soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25857"
},
{
"category": "external",
"summary": "RHBZ#2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25857",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25857"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857"
},
{
"category": "external",
"summary": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525",
"url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525"
}
],
"release_date": "2022-08-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "snakeyaml: Denial of Service due to missing nested depth limitation for collections"
},
{
"cve": "CVE-2022-31129",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-07-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2105075"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Moment.js package. Users who pass user-provided strings without sanity length checks to the moment constructor are vulnerable to regular expression denial of service (ReDoS) attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "moment: inefficient parsing algorithm resulting in DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Fuse provides the affected software but does not use the functionality and as such its impact has been downgraded to Low.\n\nRed Hat Advanced Cluster Management for Kubernetes (RHACM) ships a vulnerable version of the moment library. However, this affected functionality is restricted behind OAuth, reducing the impact to Moderate.\n\nRed Hat Satellite ships a vulnerable version of the moment library. However, this only affects a specific component (qpid-dispatch), reducing the impact to Moderate.\n\nRed Hat Ceph Storage (RHCS) ships a vulnerable version of the moment library, however, it is not directly used and is a transitive dependency from Angular. In addition, the impact would only be to the grafana browser, and not the underlying RHCS system, which reduces the impact to Moderate. \n\nRed Hat OpenShift Service Mesh (OSSM) ships a vulnerable version of the moment library, however, it is not directly used, and as such, the impact has been lowered to Moderate.\n\nRed Hat OpenShift distributed tracing ships a vulnerable version of the moment library, however, it is not directly used, and as such, the impact has been lowered to Moderate.\n\nIn Logging Subsystem for Red Hat OpenShift the vulnerable moment nodejs package is bundled in the ose-logging-kibana6 container as a transitive dependency, hence the direct impact is reduced to Moderate.\n\nIn OpenShift Container Platform 4 the vulnerabile moment package is a third party dependency, hence the direct impact is reduced to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-31129"
},
{
"category": "external",
"summary": "RHBZ#2105075",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105075"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-31129",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31129"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-31129",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-31129"
},
{
"category": "external",
"summary": "https://github.com/moment/moment/security/advisories/GHSA-wc69-rhjr-hc9g",
"url": "https://github.com/moment/moment/security/advisories/GHSA-wc69-rhjr-hc9g"
}
],
"release_date": "2022-07-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "moment: inefficient parsing algorithm resulting in DoS"
},
{
"cve": "CVE-2022-37603",
"cwe": {
"id": "CWE-185",
"name": "Incorrect Regular Expression"
},
"discovery_date": "2022-11-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2140597"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in loader-utils webpack library. When the url variable from interpolateName is set, the prototype can be polluted. This issue could lead to a regular expression Denial of Service (ReDoS), affecting the availability of the affected component.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "loader-utils: Regular expression denial of service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-37603"
},
{
"category": "external",
"summary": "RHBZ#2140597",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140597"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-37603",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37603"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-37603",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-37603"
}
],
"release_date": "2022-10-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "loader-utils: Regular expression denial of service"
},
{
"cve": "CVE-2022-38749",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129706"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38749"
},
{
"category": "external",
"summary": "RHBZ#2129706",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129706"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38749",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38749"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38749",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38749"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode"
},
{
"cve": "CVE-2022-38750",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129707"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38750"
},
{
"category": "external",
"summary": "RHBZ#2129707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129707"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38750",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38750"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38750",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38750"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject"
},
{
"cve": "CVE-2022-38751",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129709"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38751"
},
{
"category": "external",
"summary": "RHBZ#2129709",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129709"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38751",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38751"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38751",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38751"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match"
},
{
"cve": "CVE-2022-40149",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-10-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135771"
}
],
"notes": [
{
"category": "description",
"text": "A stack-based buffer overflow vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. This flaw allows an attacker to supply content that causes the parser to crash by writing outside the memory bounds if the parser is running on user-supplied input, resulting in a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: parser crash by stackoverflow",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40149"
},
{
"category": "external",
"summary": "RHBZ#2135771",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40149",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40149"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149"
},
{
"category": "external",
"summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1",
"url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1"
}
],
"release_date": "2022-09-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jettison: parser crash by stackoverflow"
},
{
"cve": "CVE-2022-40150",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-10-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135770"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. If the parser is running on user-supplied input, an attacker may supply content that causes the parser to crash, causing memory exhaustion. This effect may support a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: memory exhaustion via user-supplied XML or JSON data",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40150"
},
{
"category": "external",
"summary": "RHBZ#2135770",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40150",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40150"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150"
},
{
"category": "external",
"summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1",
"url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1"
}
],
"release_date": "2022-09-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jettison: memory exhaustion via user-supplied XML or JSON data"
},
{
"cve": "CVE-2022-42003",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135244"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42003"
},
{
"category": "external",
"summary": "RHBZ#2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42003",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS"
},
{
"cve": "CVE-2022-42004",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135247"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: use of deeply nested arrays",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42004"
},
{
"category": "external",
"summary": "RHBZ#2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42004",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: use of deeply nested arrays"
},
{
"cve": "CVE-2022-45047",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-11-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2145194"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache MINA SSHD, when using Java deserialization to load a serialized java.security.PrivateKey. An attacker could benefit from unsafe deserialization by inserting unsecured data that may affect the application or server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mina-sshd: Java unsafe deserialization vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Impact as High as there\u0027s a mitigation for minimizing the impact which the flaw requires org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to be impacted, which would require an external/public API for an attacker to benefit from it. \n\nRed Hat Fuse 7 and Red Hat JBoss Enterprise Application Platform 7 have a lower rate (moderate) as it\u0027s very unlikely to be exploited since those are for internal usage or use a custom implementation in their case.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45047"
},
{
"category": "external",
"summary": "RHBZ#2145194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45047",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45047"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047"
},
{
"category": "external",
"summary": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html",
"url": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html"
}
],
"release_date": "2022-11-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
},
{
"category": "workaround",
"details": "From the maintainer:\n\nFor Apache MINA SSHD \u003c= 2.9.1, do not use org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to generate and later load your server\u0027s host key. Use separately generated host key files, for instance in OpenSSH format, and load them via a org.apache.sshd.common.keyprovider.FileKeyPairProvider instead. Or use a custom implementation instead of \nSimpleGeneratorHostKeyProvider that uses the OpenSSH format for storing and loading the host key (via classes OpenSSHKeyPairResourceWriter and OpenSSHKeyPairResourceParser).",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "mina-sshd: Java unsafe deserialization vulnerability"
},
{
"cve": "CVE-2022-45693",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-12-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155970"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jettison, where it is vulnerable to a denial of service caused by a stack-based buffer overflow. By sending a specially-crafted request using the map parameter, a remote attacker can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat has determined the impact of this flaw to be Moderate; a successful attack using this flaw would require the processing of untrusted, unsanitized, or unrestricted user inputs, which runs counter to established Red Hat security practices.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45693"
},
{
"category": "external",
"summary": "RHBZ#2155970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155970"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45693",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45693"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45693",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45693"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos"
},
{
"cve": "CVE-2022-46175",
"cwe": {
"id": "CWE-1321",
"name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
},
"discovery_date": "2022-12-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2156263"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the json5 package. The affected version of the json5 package could allow an attacker to set arbitrary and unexpected keys on the object returned from JSON5.parse.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "json5: Prototype Pollution in JSON5 via Parse Method",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The json5 package is a build-time dependency in Red Hat products and is not used in production runtime. Hence, the impact is set to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-46175"
},
{
"category": "external",
"summary": "RHBZ#2156263",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156263"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-46175",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46175"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46175",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46175"
},
{
"category": "external",
"summary": "https://github.com/json5/json5/security/advisories/GHSA-9c47-m6qq-7p4h",
"url": "https://github.com/json5/json5/security/advisories/GHSA-9c47-m6qq-7p4h"
}
],
"release_date": "2022-12-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "json5: Prototype Pollution in JSON5 via Parse Method"
},
{
"cve": "CVE-2022-46363",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2022-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155681"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Apache CXF that could allow an attacker to perform a remote directory listing or code exfiltration. This issue only applies when the CXFServlet is configured with both the static-resources-list and redirect-query-check attributes. These attributes are not supposed to be used together, so the issue can only occur if the CXF service is misconfigured.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "CXF: directory listing / code exfiltration",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-46363"
},
{
"category": "external",
"summary": "RHBZ#2155681",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155681"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-46363",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46363"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46363",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46363"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/pdzo1qgyplf4y523tnnzrcm7hoco3l8c",
"url": "https://lists.apache.org/thread/pdzo1qgyplf4y523tnnzrcm7hoco3l8c"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "CXF: directory listing / code exfiltration"
},
{
"cve": "CVE-2022-46364",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2022-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155682"
}
],
"notes": [
{
"category": "description",
"text": "A SSRF vulnerability was found in Apache CXF. This issue occurs when parsing the href attribute of XOP:Include in MTOM requests, allowing an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "CXF: SSRF Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Integration Camel Quarkus does not support CXF extensions and so is affected at a reduced impact of Moderate.\nThe RHSSO server does not ship Apache CXF. The component mentioned in CVE-2022-46364 is a transitive dependency coming from Fuse adapters and the test suite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-46364"
},
{
"category": "external",
"summary": "RHBZ#2155682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155682"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-46364",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46364"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46364",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46364"
},
{
"category": "external",
"summary": "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1\u0026modificationDate=1670944472739\u0026api=v2",
"url": "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1\u0026modificationDate=1670944472739\u0026api=v2"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "CXF: SSRF Vulnerability"
},
{
"acknowledgments": [
{
"names": [
"Sourav Kumar"
],
"organization": "https://github.com/souravs17031999",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2023-0091",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2022-10-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2158585"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Keycloak, where it did not properly check client tokens for possible revocation in its client credential flow. This flaw allows an attacker to access or modify potentially sensitive information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: Client Registration endpoint does not check token revocation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-0091"
},
{
"category": "external",
"summary": "RHBZ#2158585",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2158585"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-0091",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0091"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0091",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0091"
},
{
"category": "external",
"summary": "https://github.com/keycloak/keycloak/security/advisories/GHSA-v436-q368-hvgg",
"url": "https://github.com/keycloak/keycloak/security/advisories/GHSA-v436-q368-hvgg"
},
{
"category": "external",
"summary": "https://github.com/keycloak/security/issues/27",
"url": "https://github.com/keycloak/security/issues/27"
}
],
"release_date": "2022-10-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "keycloak: Client Registration endpoint does not check token revocation"
},
{
"acknowledgments": [
{
"names": [
"Jordi Zayuelas i Mu\u00f1oz"
],
"organization": "A1 Digital",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2023-0264",
"cwe": {
"id": "CWE-303",
"name": "Incorrect Implementation of Authentication Algorithm"
},
"discovery_date": "2023-01-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2160585"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Keycloak\u0027s OpenID Connect user authentication, which may incorrectly authenticate requests. An authenticated attacker who could obtain information from a user request within the same realm could use that data to impersonate the victim and generate new session tokens. This issue could impact confidentiality, Integrity, and availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: user impersonation via stolen uuid code",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-0264"
},
{
"category": "external",
"summary": "RHBZ#2160585",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2160585"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-0264",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0264"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0264",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0264"
}
],
"release_date": "2023-02-28T18:58:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "keycloak: user impersonation via stolen uuid code"
}
]
}
RHSA-2023_1045
Vulnerability from csaf_redhat - Published: 2023-03-01 21:45 - Updated: 2024-12-18 00:38Summary
Red Hat Security Advisory: Red Hat Single Sign-On 7.6.2 security update on RHEL 9
Severity
Important
Notes
Topic: New Red Hat Single Sign-On 7.6.2 packages are now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.
This release of Red Hat Single Sign-On 7.6.2 on RHEL 9 serves as a replacement for Red Hat Single Sign-On 7.6.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* keycloak: XSS on impersonation under specific circumstances (CVE-2022-1438)
* Moment.js: Path traversal in moment.locale (CVE-2022-24785)
* keycloak: missing email notification template allowlist (CVE-2022-1274)
* keycloak: minimist: prototype pollution (CVE-2021-44906)
* moment: inefficient parsing algorithm resulting in DoS (CVE-2022-31129)
* undertow: DoS can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations (CVE-2022-2764)
* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)
* loader-utils: loader-utils:Regular expression denial of service (CVE-2022-37603)
* keycloak: Session takeover with OIDC offline refreshtokens (CVE-2022-3916)
* keycloak: path traversal via double URL encoding (CVE-2022-3782)
* snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode (CVE-2022-38749)
* snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match (CVE-2022-38751)
* snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject (CVE-2022-38750)
* keycloak: Client Registration endpoint does not check token revocation (CVE-2023-0091)
* keycloak: glob-parent: Regular Expression Denial of Service (CVE-2021-35065)
* json5: Prototype Pollution in JSON5 via Parse Method (CVE-2022-46175)
* keycloak: keycloak: user impersonation via stolen uuid code (CVE-2023-0264)
* snakeyaml: Constructor Deserialization Remote Code Execution (CVE-2022-1471)
* CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364)
* rcue-bootstrap: bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip (CVE-2018-14042)
* jettison: If the value in map is the map's self, the new new JSONObject(map) cause StackOverflowError which may lead to dos (CVE-2022-45693)
* sshd-common: mina-sshd: Java unsafe deserialization vulnerability (CVE-2022-45047)
* jettison: memory exhaustion via user-supplied XML or JSON data (CVE-2022-40150)
* jettison: parser crash by stackoverflow (CVE-2022-40149)
* jackson-databind: use of deeply nested arrays (CVE-2022-42004)
* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)
* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)
* jquery: Passing HTML containing <option> elements to manipulation methods could result in untrusted code execution (CVE-2020-11023)
* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)
* jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358)
* CXF: Apache CXF: directory listing / code exfiltration (CVE-2022-46363)
* keycloak: reflected XSS attack (CVE-2022-4137)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.
6.1 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1045
In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.
6.1 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1045
A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.
5.6 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1045
A Cross-site scripting (XSS) vulnerability exists in JQuery. This flaw allows an attacker with the ability to supply input to the ‘HTML’ function to inject Javascript into the page where that input is rendered, and have it delivered by the browser.
6.1 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1045
A flaw was found in jQuery. HTML containing \<option\> elements from untrusted sources are passed, even after sanitizing, to one of jQuery's DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.
6.1 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1045
A vulnerability was found in the glob-parent package. Affected versions of this package are vulnerable to Regular expression Denial of Service (ReDoS) attacks, affecting system availability.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1045
An Uncontrolled Resource Consumption flaw was found in minimist. This flaw allows an attacker to trick the library into adding or modifying the properties of Object.prototype, using a constructor or __proto__ payload, resulting in prototype pollution and loss of confidentiality, availability, and integrity.
9.8 (Critical)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1045
A flaw was found in Keycloak in the execute-actions-email endpoint. This issue allows arbitrary HTML to be injected into emails sent to Keycloak users and can be misused to perform phishing or other attacks against users.
7.6 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1045
A flaw was found in Keycloak. Under specific circumstances, HTML entities are not sanitized during user impersonation, resulting in a Cross-site scripting (XSS) vulnerability.
6.4 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1045
A flaw was found in the SnakeYaml package. This flaw allows an attacker to benefit from remote code execution by sending malicious YAML content and this content being deserialized by the constructor. Deserialization is unsafe and leads to Remote Code Execution (RCE).
9.8 (Critical)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1045
A flaw was found in Undertow with EJB invocations. This flaw allows an attacker to generate a valid HTTP request and send it to the server on an established connection after removing the LAST_CHUNK from the bytes, causing a denial of service.
4.2 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1045
A flaw was found in the offline_access scope in Keycloak. This issue would affect users of shared computers more (especially if cookies are not cleared), due to a lack of root session validation, and the reuse of session ids across root and user authentication sessions. This enables an attacker to resolve a user session attached to a previously authenticated user; when utilizing the refresh token, they will be issued a token for the original user.
6.8 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1045
A reflected cross-site scripting (XSS) vulnerability was found in the 'oob' OAuth endpoint due to incorrect null-byte handling. This issue allows a malicious link to insert an arbitrary URI into a Keycloak error page. This flaw requires a user or administrator to interact with a link in order to be vulnerable. This may compromise user details, allowing it to be changed or collected by an attacker.
8.1 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1045
A path traversal vulnerability was found in Moment.js that impacts npm (server) users. This issue occurs if a user-provided locale string is directly used to switch moment locale, which an attacker can exploit to change the correct path to one of their choice. This can result in a loss of integrity.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1045
Workaround
Sanitize the user-provided locale name before passing it to Moment.js.
A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1045
A flaw was found in the Moment.js package. Users who pass user-provided strings without sanity length checks to the moment constructor are vulnerable to regular expression denial of service (ReDoS) attacks.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1045
A flaw was found in loader-utils webpack library. When the url variable from interpolateName is set, the prototype can be polluted. This issue could lead to a regular expression Denial of Service (ReDoS), affecting the availability of the affected component.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1045
A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash, resulting in a denial of service.
6.5 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1045
A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.
5.5 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1045
A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.
6.5 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1045
A stack-based buffer overflow vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. This flaw allows an attacker to supply content that causes the parser to crash by writing outside the memory bounds if the parser is running on user-supplied input, resulting in a denial of service attack.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1045
A vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. If the parser is running on user-supplied input, an attacker may supply content that causes the parser to crash, causing memory exhaustion. This effect may support a denial of service attack.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1045
A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1045
A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1045
A flaw was found in Apache MINA SSHD, when using Java deserialization to load a serialized java.security.PrivateKey. An attacker could benefit from unsafe deserialization by inserting unsecured data that may affect the application or server.
9.8 (Critical)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1045
Workaround
From the maintainer:
For Apache MINA SSHD <= 2.9.1, do not use org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to generate and later load your server's host key. Use separately generated host key files, for instance in OpenSSH format, and load them via a org.apache.sshd.common.keyprovider.FileKeyPairProvider instead. Or use a custom implementation instead of
SimpleGeneratorHostKeyProvider that uses the OpenSSH format for storing and loading the host key (via classes OpenSSHKeyPairResourceWriter and OpenSSHKeyPairResourceParser).
A flaw was found in Jettison, where it is vulnerable to a denial of service caused by a stack-based buffer overflow. By sending a specially-crafted request using the map parameter, a remote attacker can cause a denial of service.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1045
A flaw was found in the json5 package. The affected version of the json5 package could allow an attacker to set arbitrary and unexpected keys on the object returned from JSON5.parse.
8.8 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1045
A vulnerability was found in Apache CXF that could allow an attacker to perform a remote directory listing or code exfiltration. This issue only applies when the CXFServlet is configured with both the static-resources-list and redirect-query-check attributes. These attributes are not supposed to be used together, so the issue can only occur if the CXF service is misconfigured.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1045
A SSRF vulnerability was found in Apache CXF. This issue occurs when parsing the href attribute of XOP:Include in MTOM requests, allowing an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type.
9.8 (Critical)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1045
A flaw was found in Keycloak, where it did not properly check client tokens for possible revocation in its client credential flow. This flaw allows an attacker to access or modify potentially sensitive information.
CWE-20 - Improper Input Validation
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1045
A flaw was found in Keycloak's OpenID Connect user authentication, which may incorrectly authenticate requests. An authenticated attacker who could obtain information from a user request within the same realm could use that data to impersonate the victim and generate new session tokens. This issue could impact confidentiality, Integrity, and availability.
4.6 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1045
References
| URL | Category | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Acknowledgments
usd AG
Marcus Nilsson
SISOFT s.c.
Grzegorz Tworek
Trifork
Peter Flintholm
https://github.com/souravs17031999
Sourav Kumar
A1 Digital
Jordi Zayuelas i Muñoz
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "New Red Hat Single Sign-On 7.6.2 packages are now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.\n\nThis release of Red Hat Single Sign-On 7.6.2 on RHEL 9 serves as a replacement for Red Hat Single Sign-On 7.6.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* keycloak: XSS on impersonation under specific circumstances (CVE-2022-1438)\n* Moment.js: Path traversal in moment.locale (CVE-2022-24785)\n* keycloak: missing email notification template allowlist (CVE-2022-1274)\n* keycloak: minimist: prototype pollution (CVE-2021-44906)\n* moment: inefficient parsing algorithm resulting in DoS (CVE-2022-31129)\n* undertow: DoS can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations (CVE-2022-2764)\n* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)\n* loader-utils: loader-utils:Regular expression denial of service (CVE-2022-37603)\n* keycloak: Session takeover with OIDC offline refreshtokens (CVE-2022-3916)\n* keycloak: path traversal via double URL encoding (CVE-2022-3782)\n* snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode (CVE-2022-38749)\n* snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match (CVE-2022-38751)\n* snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject (CVE-2022-38750)\n* keycloak: Client Registration endpoint does not check token revocation (CVE-2023-0091)\n* keycloak: glob-parent: Regular Expression Denial of Service (CVE-2021-35065)\n* json5: Prototype Pollution in JSON5 via Parse Method (CVE-2022-46175)\n* keycloak: keycloak: user impersonation via stolen uuid code (CVE-2023-0264)\n* snakeyaml: Constructor Deserialization Remote Code Execution (CVE-2022-1471)\n* CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364)\n* rcue-bootstrap: bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip (CVE-2018-14042)\n* jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos (CVE-2022-45693)\n* sshd-common: mina-sshd: Java unsafe deserialization vulnerability (CVE-2022-45047)\n* jettison: memory exhaustion via user-supplied XML or JSON data (CVE-2022-40150)\n* jettison: parser crash by stackoverflow (CVE-2022-40149)\n* jackson-databind: use of deeply nested arrays (CVE-2022-42004)\n* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)\n* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)\n* jquery: Passing HTML containing \u003coption\u003e elements to manipulation methods could result in untrusted code execution (CVE-2020-11023)\n* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)\n* jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358)\n* CXF: Apache CXF: directory listing / code exfiltration (CVE-2022-46363)\n* keycloak: reflected XSS attack (CVE-2022-4137)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:1045",
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "2031904",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031904"
},
{
"category": "external",
"summary": "2066009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066009"
},
{
"category": "external",
"summary": "2072009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072009"
},
{
"category": "external",
"summary": "2073157",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073157"
},
{
"category": "external",
"summary": "2105075",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105075"
},
{
"category": "external",
"summary": "2117506",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2117506"
},
{
"category": "external",
"summary": "2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "2129706",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129706"
},
{
"category": "external",
"summary": "2129707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129707"
},
{
"category": "external",
"summary": "2129709",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129709"
},
{
"category": "external",
"summary": "2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "2135770",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770"
},
{
"category": "external",
"summary": "2135771",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771"
},
{
"category": "external",
"summary": "2138971",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2138971"
},
{
"category": "external",
"summary": "2140597",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140597"
},
{
"category": "external",
"summary": "2141404",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2141404"
},
{
"category": "external",
"summary": "2145194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
},
{
"category": "external",
"summary": "2148496",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2148496"
},
{
"category": "external",
"summary": "2150009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150009"
},
{
"category": "external",
"summary": "2155681",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155681"
},
{
"category": "external",
"summary": "2155682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155682"
},
{
"category": "external",
"summary": "2155970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155970"
},
{
"category": "external",
"summary": "2156263",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156263"
},
{
"category": "external",
"summary": "2156324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156324"
},
{
"category": "external",
"summary": "2158585",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2158585"
},
{
"category": "external",
"summary": "2160585",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2160585"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_1045.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Single Sign-On 7.6.2 security update on RHEL 9",
"tracking": {
"current_release_date": "2024-12-18T00:38:05+00:00",
"generator": {
"date": "2024-12-18T00:38:05+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2023:1045",
"initial_release_date": "2023-03-01T21:45:17+00:00",
"revision_history": [
{
"date": "2023-03-01T21:45:17+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-03-01T21:45:17+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-18T00:38:05+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Single Sign-On 7.6 for RHEL 9",
"product": {
"name": "Red Hat Single Sign-On 7.6 for RHEL 9",
"product_id": "9Base-RHSSO-7.6",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:red_hat_single_sign_on:7.6::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Single Sign-On"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"product": {
"name": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"product_id": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7-keycloak@18.0.6-1.redhat_00001.1.el9sso?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"product": {
"name": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"product_id": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7-keycloak@18.0.6-1.redhat_00001.1.el9sso?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"product": {
"name": "rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"product_id": "rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7-keycloak-server@18.0.6-1.redhat_00001.1.el9sso?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch as a component of Red Hat Single Sign-On 7.6 for RHEL 9",
"product_id": "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
},
"product_reference": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"relates_to_product_reference": "9Base-RHSSO-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src as a component of Red Hat Single Sign-On 7.6 for RHEL 9",
"product_id": "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src"
},
"product_reference": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"relates_to_product_reference": "9Base-RHSSO-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch as a component of Red Hat Single Sign-On 7.6 for RHEL 9",
"product_id": "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
},
"product_reference": "rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"relates_to_product_reference": "9Base-RHSSO-7.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-14040",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601614"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14040"
},
{
"category": "external",
"summary": "RHBZ#1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14040",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14040"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute"
},
{
"cve": "CVE-2018-14042",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601617"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14042"
},
{
"category": "external",
"summary": "RHBZ#1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14042",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14042"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip"
},
{
"cve": "CVE-2019-11358",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-03-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1701972"
}
],
"notes": [
{
"category": "description",
"text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-11358"
},
{
"category": "external",
"summary": "RHBZ#1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/",
"url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"
},
{
"category": "external",
"summary": "https://www.drupal.org/sa-core-2019-006",
"url": "https://www.drupal.org/sa-core-2019-006"
}
],
"release_date": "2019-03-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection"
},
{
"cve": "CVE-2020-11022",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-04-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1828406"
}
],
"notes": [
{
"category": "description",
"text": "A Cross-site scripting (XSS) vulnerability exists in JQuery. This flaw allows an attacker with the ability to supply input to the \u2018HTML\u2019 function to inject Javascript into the page where that input is rendered, and have it delivered by the browser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "No supported release of Red Hat OpenStack Platform is affected by this vulnerability as no shipped packages contain the vulnerable code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11022"
},
{
"category": "external",
"summary": "RHBZ#1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11022",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2",
"url": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2"
}
],
"release_date": "2020-04-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method"
},
{
"cve": "CVE-2020-11023",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-06-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1850004"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jQuery. HTML containing \\\u003coption\\\u003e elements from untrusted sources are passed, even after sanitizing, to one of jQuery\u0027s DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux versions 6, 7, and 8 ship a vulnerable version of JQuery in the `pcs` component. However, the vulnerability has not been found to be exploitable in reasonable scenarios. \n\nIn RHEL7, pcs-0.9.169-3.el7_9.3 [RHSA-2022:7343] contains an updated version of jquery (3.6.0), which does not contain the vulnerable code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11023"
},
{
"category": "external",
"summary": "RHBZ#1850004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/",
"url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/"
}
],
"release_date": "2020-04-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods"
},
{
"cve": "CVE-2021-35065",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-12-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2156324"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the glob-parent package. Affected versions of this package are vulnerable to Regular expression Denial of Service (ReDoS) attacks, affecting system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "glob-parent: Regular Expression Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The glob-parent package is a transitive dependency and this is not used directly in any of the Red Hat products. Hence, the impact is reduced to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-35065"
},
{
"category": "external",
"summary": "RHBZ#2156324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156324"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-35065",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35065"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-35065",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-35065"
},
{
"category": "external",
"summary": "https://security.snyk.io/vuln/SNYK-JS-GLOBPARENT-1314294",
"url": "https://security.snyk.io/vuln/SNYK-JS-GLOBPARENT-1314294"
}
],
"release_date": "2022-12-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "glob-parent: Regular Expression Denial of Service"
},
{
"cve": "CVE-2021-44906",
"cwe": {
"id": "CWE-1321",
"name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
},
"discovery_date": "2022-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2066009"
}
],
"notes": [
{
"category": "description",
"text": "An Uncontrolled Resource Consumption flaw was found in minimist. This flaw allows an attacker to trick the library into adding or modifying the properties of Object.prototype, using a constructor or __proto__ payload, resulting in prototype pollution and loss of confidentiality, availability, and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "minimist: prototype pollution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The original fix for CVE-2020-7598 was incomplete as it was still possible to bypass in some cases. While this flaw (CVE-2021-44906) enables attackers to control objects that they should not have access to, actual exploitation would still require a chain of independent flaws. Even though the CVSS for CVE-2021-44906 is higher than CVE-2020-7598, they are both rated as having Moderate impact.\n\nWithin Red Hat Satellite 6 this flaw has been rated as having a security impact of Low. It is not currently planned to be addressed there, as the minimist library is only included in the -doc subpackage and is part of test fixtures that are not in the execution path used by the rabl gem.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44906"
},
{
"category": "external",
"summary": "RHBZ#2066009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44906",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44906"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44906",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44906"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-xvch-5gv4-984h",
"url": "https://github.com/advisories/GHSA-xvch-5gv4-984h"
}
],
"release_date": "2022-03-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "minimist: prototype pollution"
},
{
"acknowledgments": [
{
"names": [
"Marcus Nilsson"
],
"organization": "usd AG"
}
],
"cve": "CVE-2022-1274",
"cwe": {
"id": "CWE-80",
"name": "Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)"
},
"discovery_date": "2022-04-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2073157"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Keycloak in the execute-actions-email endpoint. This issue allows arbitrary HTML to be injected into emails sent to Keycloak users and can be misused to perform phishing or other attacks against users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: HTML injection in execute-actions-email Admin REST API",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-1274"
},
{
"category": "external",
"summary": "RHBZ#2073157",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073157"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-1274",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1274"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1274",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1274"
},
{
"category": "external",
"summary": "https://github.com/keycloak/keycloak/security/advisories/GHSA-m4fv-gm5m-4725",
"url": "https://github.com/keycloak/keycloak/security/advisories/GHSA-m4fv-gm5m-4725"
}
],
"release_date": "2023-02-28T18:57:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "keycloak: HTML injection in execute-actions-email Admin REST API"
},
{
"acknowledgments": [
{
"names": [
"Grzegorz Tworek"
],
"organization": "SISOFT s.c."
}
],
"cve": "CVE-2022-1438",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2021-12-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2031904"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Keycloak. Under specific circumstances, HTML entities are not sanitized during user impersonation, resulting in a Cross-site scripting (XSS) vulnerability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: XSS on impersonation under specific circumstances",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-1438"
},
{
"category": "external",
"summary": "RHBZ#2031904",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031904"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-1438",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1438"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1438",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1438"
}
],
"release_date": "2023-02-28T18:56:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "keycloak: XSS on impersonation under specific circumstances"
},
{
"cve": "CVE-2022-1471",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-12-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2150009"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the SnakeYaml package. This flaw allows an attacker to benefit from remote code execution by sending malicious YAML content and this content being deserialized by the constructor. Deserialization is unsafe and leads to Remote Code Execution (RCE).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "SnakeYaml: Constructor Deserialization Remote Code Execution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In the Red Hat Process Automation 7 (RHPAM) the untrusted, malicious YAML file for deserialization by the vulnerable Snakeyaml\u0027s SafeConstructor class must be provided intentionally by the RHPAM user which requires high privileges. The potential attack complexity is also high because it depends on conditions that are beyond the attacker\u0027s control. Due to that the impact for RHPAM is reduced to Low.\n\nRed Hat Fuse 7 does not expose by default any endpoint that passes incoming data/request into vulnerable Snakeyaml\u0027s Constructor class nor pass untrusted data to this class. When this class is used, it\u2019s still only used to parse internal configuration, hence the impact by this vulnerability to Red Hat Fuse 7 is reduced to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-1471"
},
{
"category": "external",
"summary": "RHBZ#2150009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-1471",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1471"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1471",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1471"
},
{
"category": "external",
"summary": "https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2",
"url": "https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2"
}
],
"release_date": "2022-10-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "SnakeYaml: Constructor Deserialization Remote Code Execution"
},
{
"cve": "CVE-2022-2764",
"discovery_date": "2022-08-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2117506"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Undertow with EJB invocations. This flaw allows an attacker to generate a valid HTTP request and send it to the server on an established connection after removing the LAST_CHUNK from the bytes, causing a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Undertow: DoS can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-2764"
},
{
"category": "external",
"summary": "RHBZ#2117506",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2117506"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-2764",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2764"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-2764",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2764"
}
],
"release_date": "2022-08-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "Undertow: DoS can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations"
},
{
"acknowledgments": [
{
"names": [
"Peter Flintholm"
],
"organization": "Trifork"
}
],
"cve": "CVE-2022-3916",
"cwe": {
"id": "CWE-384",
"name": "Session Fixation"
},
"discovery_date": "2022-11-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2141404"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the offline_access scope in Keycloak. This issue would affect users of shared computers more (especially if cookies are not cleared), due to a lack of root session validation, and the reuse of session ids across root and user authentication sessions. This enables an attacker to resolve a user session attached to a previously authenticated user; when utilizing the refresh token, they will be issued a token for the original user.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: Session takeover with OIDC offline refreshtokens",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3916"
},
{
"category": "external",
"summary": "RHBZ#2141404",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2141404"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3916",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3916"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3916",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3916"
}
],
"release_date": "2022-11-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "keycloak: Session takeover with OIDC offline refreshtokens"
},
{
"cve": "CVE-2022-4137",
"cwe": {
"id": "CWE-81",
"name": "Improper Neutralization of Script in an Error Message Web Page"
},
"discovery_date": "2022-11-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2148496"
}
],
"notes": [
{
"category": "description",
"text": "A reflected cross-site scripting (XSS) vulnerability was found in the \u0027oob\u0027 OAuth endpoint due to incorrect null-byte handling. This issue allows a malicious link to insert an arbitrary URI into a Keycloak error page. This flaw requires a user or administrator to interact with a link in order to be vulnerable. This may compromise user details, allowing it to be changed or collected by an attacker.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: reflected XSS attack",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-4137"
},
{
"category": "external",
"summary": "RHBZ#2148496",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2148496"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-4137",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4137"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-4137",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4137"
}
],
"release_date": "2023-03-01T13:56:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "keycloak: reflected XSS attack"
},
{
"cve": "CVE-2022-24785",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2022-04-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2072009"
}
],
"notes": [
{
"category": "description",
"text": "A path traversal vulnerability was found in Moment.js that impacts npm (server) users. This issue occurs if a user-provided locale string is directly used to switch moment locale, which an attacker can exploit to change the correct path to one of their choice. This can result in a loss of integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Moment.js: Path traversal in moment.locale",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-24785"
},
{
"category": "external",
"summary": "RHBZ#2072009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-24785",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24785"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24785",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24785"
},
{
"category": "external",
"summary": "https://github.com/moment/moment/security/advisories/GHSA-8hfj-j24r-96c4",
"url": "https://github.com/moment/moment/security/advisories/GHSA-8hfj-j24r-96c4"
}
],
"release_date": "2022-04-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
},
{
"category": "workaround",
"details": "Sanitize the user-provided locale name before passing it to Moment.js.",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Moment.js: Path traversal in moment.locale"
},
{
"cve": "CVE-2022-25857",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-09-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2126789"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Denial of Service due to missing nested depth limitation for collections",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For RHEL-8 it\u0027s downgraded to moderate because \"snakeyaml\" itself in RHEL 8 or RHEL-9 isn\u0027t shipped and \"prometheus-jmx-exporter\" is needed as build dependency. And it\u0027s not directly exploitable, hence severity marked as moderate.\nRed Hat Integration and AMQ products are not vulnerable to this flaw, so their severity has been lowered to moderate.\nRed Hat Single Sign-On uses snakeyaml from liquibase-core and is only used when performing migrations and would require administrator privileges to execute, hence severity marked as Low.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be present soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25857"
},
{
"category": "external",
"summary": "RHBZ#2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25857",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25857"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857"
},
{
"category": "external",
"summary": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525",
"url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525"
}
],
"release_date": "2022-08-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "snakeyaml: Denial of Service due to missing nested depth limitation for collections"
},
{
"cve": "CVE-2022-31129",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-07-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2105075"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Moment.js package. Users who pass user-provided strings without sanity length checks to the moment constructor are vulnerable to regular expression denial of service (ReDoS) attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "moment: inefficient parsing algorithm resulting in DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Fuse provides the affected software but does not use the functionality and as such its impact has been downgraded to Low.\n\nRed Hat Advanced Cluster Management for Kubernetes (RHACM) ships a vulnerable version of the moment library. However, this affected functionality is restricted behind OAuth, reducing the impact to Moderate.\n\nRed Hat Satellite ships a vulnerable version of the moment library. However, this only affects a specific component (qpid-dispatch), reducing the impact to Moderate.\n\nRed Hat Ceph Storage (RHCS) ships a vulnerable version of the moment library, however, it is not directly used and is a transitive dependency from Angular. In addition, the impact would only be to the grafana browser, and not the underlying RHCS system, which reduces the impact to Moderate. \n\nRed Hat OpenShift Service Mesh (OSSM) ships a vulnerable version of the moment library, however, it is not directly used, and as such, the impact has been lowered to Moderate.\n\nRed Hat OpenShift distributed tracing ships a vulnerable version of the moment library, however, it is not directly used, and as such, the impact has been lowered to Moderate.\n\nIn Logging Subsystem for Red Hat OpenShift the vulnerable moment nodejs package is bundled in the ose-logging-kibana6 container as a transitive dependency, hence the direct impact is reduced to Moderate.\n\nIn OpenShift Container Platform 4 the vulnerabile moment package is a third party dependency, hence the direct impact is reduced to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-31129"
},
{
"category": "external",
"summary": "RHBZ#2105075",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105075"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-31129",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31129"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-31129",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-31129"
},
{
"category": "external",
"summary": "https://github.com/moment/moment/security/advisories/GHSA-wc69-rhjr-hc9g",
"url": "https://github.com/moment/moment/security/advisories/GHSA-wc69-rhjr-hc9g"
}
],
"release_date": "2022-07-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "moment: inefficient parsing algorithm resulting in DoS"
},
{
"cve": "CVE-2022-37603",
"cwe": {
"id": "CWE-185",
"name": "Incorrect Regular Expression"
},
"discovery_date": "2022-11-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2140597"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in loader-utils webpack library. When the url variable from interpolateName is set, the prototype can be polluted. This issue could lead to a regular expression Denial of Service (ReDoS), affecting the availability of the affected component.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "loader-utils: Regular expression denial of service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-37603"
},
{
"category": "external",
"summary": "RHBZ#2140597",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140597"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-37603",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37603"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-37603",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-37603"
}
],
"release_date": "2022-10-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "loader-utils: Regular expression denial of service"
},
{
"cve": "CVE-2022-38749",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129706"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38749"
},
{
"category": "external",
"summary": "RHBZ#2129706",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129706"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38749",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38749"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38749",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38749"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode"
},
{
"cve": "CVE-2022-38750",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129707"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38750"
},
{
"category": "external",
"summary": "RHBZ#2129707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129707"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38750",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38750"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38750",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38750"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject"
},
{
"cve": "CVE-2022-38751",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129709"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38751"
},
{
"category": "external",
"summary": "RHBZ#2129709",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129709"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38751",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38751"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38751",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38751"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match"
},
{
"cve": "CVE-2022-40149",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-10-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135771"
}
],
"notes": [
{
"category": "description",
"text": "A stack-based buffer overflow vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. This flaw allows an attacker to supply content that causes the parser to crash by writing outside the memory bounds if the parser is running on user-supplied input, resulting in a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: parser crash by stackoverflow",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40149"
},
{
"category": "external",
"summary": "RHBZ#2135771",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40149",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40149"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149"
},
{
"category": "external",
"summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1",
"url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1"
}
],
"release_date": "2022-09-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jettison: parser crash by stackoverflow"
},
{
"cve": "CVE-2022-40150",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-10-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135770"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. If the parser is running on user-supplied input, an attacker may supply content that causes the parser to crash, causing memory exhaustion. This effect may support a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: memory exhaustion via user-supplied XML or JSON data",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40150"
},
{
"category": "external",
"summary": "RHBZ#2135770",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40150",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40150"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150"
},
{
"category": "external",
"summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1",
"url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1"
}
],
"release_date": "2022-09-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jettison: memory exhaustion via user-supplied XML or JSON data"
},
{
"cve": "CVE-2022-42003",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135244"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42003"
},
{
"category": "external",
"summary": "RHBZ#2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42003",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS"
},
{
"cve": "CVE-2022-42004",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135247"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: use of deeply nested arrays",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42004"
},
{
"category": "external",
"summary": "RHBZ#2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42004",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: use of deeply nested arrays"
},
{
"cve": "CVE-2022-45047",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-11-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2145194"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache MINA SSHD, when using Java deserialization to load a serialized java.security.PrivateKey. An attacker could benefit from unsafe deserialization by inserting unsecured data that may affect the application or server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mina-sshd: Java unsafe deserialization vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Impact as High as there\u0027s a mitigation for minimizing the impact which the flaw requires org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to be impacted, which would require an external/public API for an attacker to benefit from it. \n\nRed Hat Fuse 7 and Red Hat JBoss Enterprise Application Platform 7 have a lower rate (moderate) as it\u0027s very unlikely to be exploited since those are for internal usage or use a custom implementation in their case.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45047"
},
{
"category": "external",
"summary": "RHBZ#2145194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45047",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45047"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047"
},
{
"category": "external",
"summary": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html",
"url": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html"
}
],
"release_date": "2022-11-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
},
{
"category": "workaround",
"details": "From the maintainer:\n\nFor Apache MINA SSHD \u003c= 2.9.1, do not use org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to generate and later load your server\u0027s host key. Use separately generated host key files, for instance in OpenSSH format, and load them via a org.apache.sshd.common.keyprovider.FileKeyPairProvider instead. Or use a custom implementation instead of \nSimpleGeneratorHostKeyProvider that uses the OpenSSH format for storing and loading the host key (via classes OpenSSHKeyPairResourceWriter and OpenSSHKeyPairResourceParser).",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "mina-sshd: Java unsafe deserialization vulnerability"
},
{
"cve": "CVE-2022-45693",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-12-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155970"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jettison, where it is vulnerable to a denial of service caused by a stack-based buffer overflow. By sending a specially-crafted request using the map parameter, a remote attacker can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat has determined the impact of this flaw to be Moderate; a successful attack using this flaw would require the processing of untrusted, unsanitized, or unrestricted user inputs, which runs counter to established Red Hat security practices.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45693"
},
{
"category": "external",
"summary": "RHBZ#2155970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155970"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45693",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45693"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45693",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45693"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos"
},
{
"cve": "CVE-2022-46175",
"cwe": {
"id": "CWE-1321",
"name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
},
"discovery_date": "2022-12-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2156263"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the json5 package. The affected version of the json5 package could allow an attacker to set arbitrary and unexpected keys on the object returned from JSON5.parse.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "json5: Prototype Pollution in JSON5 via Parse Method",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The json5 package is a build-time dependency in Red Hat products and is not used in production runtime. Hence, the impact is set to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-46175"
},
{
"category": "external",
"summary": "RHBZ#2156263",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156263"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-46175",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46175"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46175",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46175"
},
{
"category": "external",
"summary": "https://github.com/json5/json5/security/advisories/GHSA-9c47-m6qq-7p4h",
"url": "https://github.com/json5/json5/security/advisories/GHSA-9c47-m6qq-7p4h"
}
],
"release_date": "2022-12-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "json5: Prototype Pollution in JSON5 via Parse Method"
},
{
"cve": "CVE-2022-46363",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2022-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155681"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Apache CXF that could allow an attacker to perform a remote directory listing or code exfiltration. This issue only applies when the CXFServlet is configured with both the static-resources-list and redirect-query-check attributes. These attributes are not supposed to be used together, so the issue can only occur if the CXF service is misconfigured.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "CXF: directory listing / code exfiltration",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-46363"
},
{
"category": "external",
"summary": "RHBZ#2155681",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155681"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-46363",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46363"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46363",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46363"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/pdzo1qgyplf4y523tnnzrcm7hoco3l8c",
"url": "https://lists.apache.org/thread/pdzo1qgyplf4y523tnnzrcm7hoco3l8c"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "CXF: directory listing / code exfiltration"
},
{
"cve": "CVE-2022-46364",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2022-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155682"
}
],
"notes": [
{
"category": "description",
"text": "A SSRF vulnerability was found in Apache CXF. This issue occurs when parsing the href attribute of XOP:Include in MTOM requests, allowing an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "CXF: SSRF Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Integration Camel Quarkus does not support CXF extensions and so is affected at a reduced impact of Moderate.\nThe RHSSO server does not ship Apache CXF. The component mentioned in CVE-2022-46364 is a transitive dependency coming from Fuse adapters and the test suite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-46364"
},
{
"category": "external",
"summary": "RHBZ#2155682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155682"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-46364",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46364"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46364",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46364"
},
{
"category": "external",
"summary": "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1\u0026modificationDate=1670944472739\u0026api=v2",
"url": "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1\u0026modificationDate=1670944472739\u0026api=v2"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "CXF: SSRF Vulnerability"
},
{
"acknowledgments": [
{
"names": [
"Sourav Kumar"
],
"organization": "https://github.com/souravs17031999",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2023-0091",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2022-10-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2158585"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Keycloak, where it did not properly check client tokens for possible revocation in its client credential flow. This flaw allows an attacker to access or modify potentially sensitive information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: Client Registration endpoint does not check token revocation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-0091"
},
{
"category": "external",
"summary": "RHBZ#2158585",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2158585"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-0091",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0091"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0091",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0091"
},
{
"category": "external",
"summary": "https://github.com/keycloak/keycloak/security/advisories/GHSA-v436-q368-hvgg",
"url": "https://github.com/keycloak/keycloak/security/advisories/GHSA-v436-q368-hvgg"
},
{
"category": "external",
"summary": "https://github.com/keycloak/security/issues/27",
"url": "https://github.com/keycloak/security/issues/27"
}
],
"release_date": "2022-10-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "keycloak: Client Registration endpoint does not check token revocation"
},
{
"acknowledgments": [
{
"names": [
"Jordi Zayuelas i Mu\u00f1oz"
],
"organization": "A1 Digital",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2023-0264",
"cwe": {
"id": "CWE-303",
"name": "Incorrect Implementation of Authentication Algorithm"
},
"discovery_date": "2023-01-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2160585"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Keycloak\u0027s OpenID Connect user authentication, which may incorrectly authenticate requests. An authenticated attacker who could obtain information from a user request within the same realm could use that data to impersonate the victim and generate new session tokens. This issue could impact confidentiality, Integrity, and availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: user impersonation via stolen uuid code",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-0264"
},
{
"category": "external",
"summary": "RHBZ#2160585",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2160585"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-0264",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0264"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0264",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0264"
}
],
"release_date": "2023-02-28T18:58:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "keycloak: user impersonation via stolen uuid code"
}
]
}
RHSA-2024_0776
Vulnerability from csaf_redhat - Published: 2024-02-12 10:26 - Updated: 2024-12-16 16:08Summary
Red Hat Security Advisory: jenkins and jenkins-2-plugins security update
Severity
Important
Notes
Topic: An update for jenkins and jenkins-2-plugins is now available for OpenShift Developer Tools and Services for OCP 4.13.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron.
Security Fix(es):
* apache-commons-text: variable interpolation RCE (CVE-2022-42889)
* maven: Block repositories using http by default (CVE-2021-26291)
* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)
* maven-shared-utils: Command injection via Commandline class (CVE-2022-29599)
* jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin (CVE-2023-24422)
* Jenkins: Session fixation vulnerability in OpenShift Login Plugin (CVE-2023-37946)
* jenkins: Arbitrary file read vulnerability through the CLI can lead to RCE (CVE-2024-23897)
* jenkins: cross-site WebSocket hijacking (CVE-2024-23898)
* jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin (CVE-2023-25761)
* jenkins-2-plugins/pipeline-build-step: Stored XSS vulnerability in Pipeline: Build Step Plugin (CVE-2023-25762)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in maven. Repositories that are defined in a dependency’s Project Object Model (pom), which may be unknown to users, are used by default resulting in potential risk if a malicious actor takes over that repository or is able to insert themselves into a position to pretend to be that repository. The highest threat from this vulnerability is to data confidentiality and integrity.
7.4 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0776
Workaround
To avoid possible man-in-the-middle related attacks with this flaw, ensure any linked repositories in maven POMs use https and not http.
A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.
7.5 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0776
A flaw was found in the maven-shared-utils package. This issue allows a Command Injection due to improper escaping, allowing a shell injection attack.
9.8 (Critical)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0776
A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code execution (RCE) and unintentional contact with untrusted remote servers.
9.8 (Critical)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0776
Workaround
This flaw may be avoided by ensuring that any external inputs used with the Commons-Text lookup methods are sanitized properly. Untrusted input should always be thoroughly sanitized before using in any potentially risky situations.
A flaw was found in the script-security Jenkins Plugin. In affected versions of the script-security plugin, property assignments performed implicitly by the Groovy language runtime when invoking map constructors were not intercepted by the sandbox. This vulnerability allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM.
8.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0776
A flaw was found in the Jenkins JUnit plugin. The affected versions of the JUnit Plugin do not escape test case class names in JavaScript expressions, resulting in a stored cross-site scripting (XSS) vulnerability. This may allow an attacker to control test case class names in the JUnit resources processed by the plugin.
5.4 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0776
A flaw was found in the Jenkins pipeline-build-step plugin. Affected versions of the pipeline-build-step plugin do not escape job names in a JavaScript expression used in the Pipeline Snippet Generator. This can result in a stored cross-site scripting (XSS) vulnerability that may allow attackers to control job names.
5.4 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0776
A flaw was found in the Jenkins OpenShift Login Plugin. Affected versions of this plugin could allow a remote attacker to bypass security restrictions caused by not invalidating the existing session on login. By persuading a victim to visit a specially crafted Web site, an attacker can gain administrator access to Jenkins.
8.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0776
A flaw was found in Jenkins, which uses the args4j library to parse command arguments and options on the Jenkins controller when processing CLI commands. This command parser has a feature that replaces the "@" character followed by a file path in an argument with the file’s contents (expandAtFiles). This feature is enabled by default; Jenkins 2.441 and earlier as well as LTS 2.426.2 and earlier do not disable it.
9.8 (Critical)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0776
Workaround
Disabling access to the CLI is expected to prevent exploitation completely. Doing so is strongly recommended to administrators unable to immediately update to Jenkins 2.442, LTS 2.426.3 or LTS 2.440.1. Applying this workaround does not require a Jenkins restart.
A flaw was found in Jenkins where websocket access to the CLI does not perform origin validation of requests when they are made through the websocket endpoint.
8.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0776
References
| URL | Category | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for jenkins and jenkins-2-plugins is now available for OpenShift Developer Tools and Services for OCP 4.13.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron.\n\nSecurity Fix(es):\n\n* apache-commons-text: variable interpolation RCE (CVE-2022-42889)\n\n* maven: Block repositories using http by default (CVE-2021-26291)\n\n* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)\n\n* maven-shared-utils: Command injection via Commandline class (CVE-2022-29599)\n\n* jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin (CVE-2023-24422)\n\n* Jenkins: Session fixation vulnerability in OpenShift Login Plugin (CVE-2023-37946)\n\n* jenkins: Arbitrary file read vulnerability through the CLI can lead to RCE (CVE-2024-23897)\n\n* jenkins: cross-site WebSocket hijacking (CVE-2024-23898)\n\n* jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin (CVE-2023-25761)\n\n* jenkins-2-plugins/pipeline-build-step: Stored XSS vulnerability in Pipeline: Build Step Plugin (CVE-2023-25762)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:0776",
"url": "https://access.redhat.com/errata/RHSA-2024:0776"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1955739",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1955739"
},
{
"category": "external",
"summary": "2066479",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066479"
},
{
"category": "external",
"summary": "2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "2135435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135435"
},
{
"category": "external",
"summary": "2164278",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164278"
},
{
"category": "external",
"summary": "2170039",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170039"
},
{
"category": "external",
"summary": "2170041",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170041"
},
{
"category": "external",
"summary": "2222709",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222709"
},
{
"category": "external",
"summary": "2260180",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2260180"
},
{
"category": "external",
"summary": "2260182",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2260182"
},
{
"category": "external",
"summary": "JKNS-271",
"url": "https://issues.redhat.com/browse/JKNS-271"
},
{
"category": "external",
"summary": "JKNS-289",
"url": "https://issues.redhat.com/browse/JKNS-289"
},
{
"category": "external",
"summary": "OCPBUGS-10934",
"url": "https://issues.redhat.com/browse/OCPBUGS-10934"
},
{
"category": "external",
"summary": "OCPBUGS-11158",
"url": "https://issues.redhat.com/browse/OCPBUGS-11158"
},
{
"category": "external",
"summary": "OCPBUGS-11329",
"url": "https://issues.redhat.com/browse/OCPBUGS-11329"
},
{
"category": "external",
"summary": "OCPBUGS-11446",
"url": "https://issues.redhat.com/browse/OCPBUGS-11446"
},
{
"category": "external",
"summary": "OCPBUGS-11452",
"url": "https://issues.redhat.com/browse/OCPBUGS-11452"
},
{
"category": "external",
"summary": "OCPBUGS-1357",
"url": "https://issues.redhat.com/browse/OCPBUGS-1357"
},
{
"category": "external",
"summary": "OCPBUGS-13651",
"url": "https://issues.redhat.com/browse/OCPBUGS-13651"
},
{
"category": "external",
"summary": "OCPBUGS-13870",
"url": "https://issues.redhat.com/browse/OCPBUGS-13870"
},
{
"category": "external",
"summary": "OCPBUGS-14112",
"url": "https://issues.redhat.com/browse/OCPBUGS-14112"
},
{
"category": "external",
"summary": "OCPBUGS-14311",
"url": "https://issues.redhat.com/browse/OCPBUGS-14311"
},
{
"category": "external",
"summary": "OCPBUGS-14634",
"url": "https://issues.redhat.com/browse/OCPBUGS-14634"
},
{
"category": "external",
"summary": "OCPBUGS-15647",
"url": "https://issues.redhat.com/browse/OCPBUGS-15647"
},
{
"category": "external",
"summary": "OCPBUGS-15986",
"url": "https://issues.redhat.com/browse/OCPBUGS-15986"
},
{
"category": "external",
"summary": "OCPBUGS-1709",
"url": "https://issues.redhat.com/browse/OCPBUGS-1709"
},
{
"category": "external",
"summary": "OCPBUGS-1942",
"url": "https://issues.redhat.com/browse/OCPBUGS-1942"
},
{
"category": "external",
"summary": "OCPBUGS-2099",
"url": "https://issues.redhat.com/browse/OCPBUGS-2099"
},
{
"category": "external",
"summary": "OCPBUGS-2184",
"url": "https://issues.redhat.com/browse/OCPBUGS-2184"
},
{
"category": "external",
"summary": "OCPBUGS-2318",
"url": "https://issues.redhat.com/browse/OCPBUGS-2318"
},
{
"category": "external",
"summary": "OCPBUGS-27389",
"url": "https://issues.redhat.com/browse/OCPBUGS-27389"
},
{
"category": "external",
"summary": "OCPBUGS-655",
"url": "https://issues.redhat.com/browse/OCPBUGS-655"
},
{
"category": "external",
"summary": "OCPBUGS-6579",
"url": "https://issues.redhat.com/browse/OCPBUGS-6579"
},
{
"category": "external",
"summary": "OCPBUGS-6870",
"url": "https://issues.redhat.com/browse/OCPBUGS-6870"
},
{
"category": "external",
"summary": "OCPBUGS-710",
"url": "https://issues.redhat.com/browse/OCPBUGS-710"
},
{
"category": "external",
"summary": "OCPBUGS-8377",
"url": "https://issues.redhat.com/browse/OCPBUGS-8377"
},
{
"category": "external",
"summary": "OCPBUGS-8442",
"url": "https://issues.redhat.com/browse/OCPBUGS-8442"
},
{
"category": "external",
"summary": "OCPTOOLS-245",
"url": "https://issues.redhat.com/browse/OCPTOOLS-245"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_0776.json"
}
],
"title": "Red Hat Security Advisory: jenkins and jenkins-2-plugins security update",
"tracking": {
"current_release_date": "2024-12-16T16:08:40+00:00",
"generator": {
"date": "2024-12-16T16:08:40+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2024:0776",
"initial_release_date": "2024-02-12T10:26:48+00:00",
"revision_history": [
{
"date": "2024-02-12T10:26:48+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-02-12T10:26:48+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-16T16:08:40+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenShift Developer Tools and Services for OCP 4.13",
"product": {
"name": "OpenShift Developer Tools and Services for OCP 4.13",
"product_id": "8Base-OCP-Tools-4.13",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ocp_tools:4.13::el8"
}
}
}
],
"category": "product_family",
"name": "OpenShift Jenkins"
},
{
"branches": [
{
"category": "product_version",
"name": "jenkins-0:2.426.3.1706516254-3.el8.src",
"product": {
"name": "jenkins-0:2.426.3.1706516254-3.el8.src",
"product_id": "jenkins-0:2.426.3.1706516254-3.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins@2.426.3.1706516254-3.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "jenkins-2-plugins-0:4.13.1706516346-1.el8.src",
"product": {
"name": "jenkins-2-plugins-0:4.13.1706516346-1.el8.src",
"product_id": "jenkins-2-plugins-0:4.13.1706516346-1.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins-2-plugins@4.13.1706516346-1.el8?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "jenkins-0:2.426.3.1706516254-3.el8.noarch",
"product": {
"name": "jenkins-0:2.426.3.1706516254-3.el8.noarch",
"product_id": "jenkins-0:2.426.3.1706516254-3.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins@2.426.3.1706516254-3.el8?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch",
"product": {
"name": "jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch",
"product_id": "jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins-2-plugins@4.13.1706516346-1.el8?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-0:2.426.3.1706516254-3.el8.noarch as a component of OpenShift Developer Tools and Services for OCP 4.13",
"product_id": "8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.noarch"
},
"product_reference": "jenkins-0:2.426.3.1706516254-3.el8.noarch",
"relates_to_product_reference": "8Base-OCP-Tools-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-0:2.426.3.1706516254-3.el8.src as a component of OpenShift Developer Tools and Services for OCP 4.13",
"product_id": "8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.src"
},
"product_reference": "jenkins-0:2.426.3.1706516254-3.el8.src",
"relates_to_product_reference": "8Base-OCP-Tools-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch as a component of OpenShift Developer Tools and Services for OCP 4.13",
"product_id": "8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch"
},
"product_reference": "jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch",
"relates_to_product_reference": "8Base-OCP-Tools-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-2-plugins-0:4.13.1706516346-1.el8.src as a component of OpenShift Developer Tools and Services for OCP 4.13",
"product_id": "8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.src"
},
"product_reference": "jenkins-2-plugins-0:4.13.1706516346-1.el8.src",
"relates_to_product_reference": "8Base-OCP-Tools-4.13"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-26291",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-04-23T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1955739"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in maven. Repositories that are defined in a dependency\u2019s Project Object Model (pom), which may be unknown to users, are used by default resulting in potential risk if a malicious actor takes over that repository or is able to insert themselves into a position to pretend to be that repository. The highest threat from this vulnerability is to data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "maven: Block repositories using http by default",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-26291"
},
{
"category": "external",
"summary": "RHBZ#1955739",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1955739"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-26291",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26291"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-26291",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-26291"
},
{
"category": "external",
"summary": "https://maven.apache.org/docs/3.8.1/release-notes.html#cve-2021-26291",
"url": "https://maven.apache.org/docs/3.8.1/release-notes.html#cve-2021-26291"
}
],
"release_date": "2021-04-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:26:48+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0776"
},
{
"category": "workaround",
"details": "To avoid possible man-in-the-middle related attacks with this flaw, ensure any linked repositories in maven POMs use https and not http.",
"product_ids": [
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.src",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.src",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "maven: Block repositories using http by default"
},
{
"cve": "CVE-2022-25857",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-09-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2126789"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Denial of Service due to missing nested depth limitation for collections",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For RHEL-8 it\u0027s downgraded to moderate because \"snakeyaml\" itself in RHEL 8 or RHEL-9 isn\u0027t shipped and \"prometheus-jmx-exporter\" is needed as build dependency. And it\u0027s not directly exploitable, hence severity marked as moderate.\nRed Hat Integration and AMQ products are not vulnerable to this flaw, so their severity has been lowered to moderate.\nRed Hat Single Sign-On uses snakeyaml from liquibase-core and is only used when performing migrations and would require administrator privileges to execute, hence severity marked as Low.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be present soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25857"
},
{
"category": "external",
"summary": "RHBZ#2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25857",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25857"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857"
},
{
"category": "external",
"summary": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525",
"url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525"
}
],
"release_date": "2022-08-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:26:48+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0776"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.src",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "snakeyaml: Denial of Service due to missing nested depth limitation for collections"
},
{
"cve": "CVE-2022-29599",
"cwe": {
"id": "CWE-77",
"name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
},
"discovery_date": "2022-03-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2066479"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the maven-shared-utils package. This issue allows a Command Injection due to improper escaping, allowing a shell injection attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "maven-shared-utils: Command injection via Commandline class",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite ships Candlepin component, which uses the Tomcatjss module from the RHEL AppStream repository. In turn, Tomcatjss relies on Maven, which itself depends on affected Apache Maven Shared Utils. Due to the fact that Satellite does not directly use Apache Maven Shared Utils, or expose it in its code, it is considered not affected by the flaw. Satellite customers can resolve the security warning by updating to the fixed Apache Maven Shared Utils through the updated Maven module, which is available in the RHEL 8 AppStream repository. It\u0027s worth noting that this solution applies solely to RHEL 8, which supports modules exclusively, and it is not applicable to earlier versions including RHEL 7.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-29599"
},
{
"category": "external",
"summary": "RHBZ#2066479",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066479"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-29599",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29599"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-29599",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-29599"
}
],
"release_date": "2020-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:26:48+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0776"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.src",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "maven-shared-utils: Command injection via Commandline class"
},
{
"cve": "CVE-2022-42889",
"cwe": {
"id": "CWE-1188",
"name": "Initialization of a Resource with an Insecure Default"
},
"discovery_date": "2022-10-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135435"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code execution (RCE) and unintentional contact with untrusted remote servers.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-commons-text: variable interpolation RCE",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In order to carry successful exploitation of this vulnerability, the following conditions must be in place on the affected target:\n - Usage of specific methods that interpolate the variables as described in the flaw\n - Usage of external input for those methods\n - Usage of that external input has to be unsanitized/no \"allow list\"/etc.\n\nThe following products have *Low* impact because they have maven references to the affected package but do not ship it nor use the code:\n- Red Hat EAP Expansion Pack (EAP-XP)\n- Red Hat Camel-K\n- Red Hat Camel-Quarkus\n\nRed Hat Satellite ships Candlepin that embeds Apache Commons Text, however, it is not vulnerable to the flaw since the library has not been exposed in the product code. In Candlepin, the Commons Text is being pulled for the Liquibase and ActiveMQ Artemis libraries as a dependency. Red Hat Product Security has evaluated and rated the impact of the flaw as Low for Satellite since there was no harm identified to the confidentiality, integrity, or availability of systems.\n\n- The OCP has a *Moderate* impact because the affected library is a third-party library in the OCP jenkins-2-plugin component which reduces the possibilities of successful exploitation.\n- The OCP-4.8 is affected by this CVE and is in an extended life phase. For versions of products in the Extended Life Phase, Red Hat will provide limited ongoing technical support. No bug fixes, security fixes, hardware enablement or root-cause analysis will be available during this phase, and support will be provided on existing installations only.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42889"
},
{
"category": "external",
"summary": "RHBZ#2135435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135435"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42889",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42889"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42889",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42889"
},
{
"category": "external",
"summary": "https://blogs.apache.org/security/entry/cve-2022-42889",
"url": "https://blogs.apache.org/security/entry/cve-2022-42889"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om",
"url": "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om"
},
{
"category": "external",
"summary": "https://seclists.org/oss-sec/2022/q4/22",
"url": "https://seclists.org/oss-sec/2022/q4/22"
}
],
"release_date": "2022-10-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:26:48+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0776"
},
{
"category": "workaround",
"details": "This flaw may be avoided by ensuring that any external inputs used with the Commons-Text lookup methods are sanitized properly. Untrusted input should always be thoroughly sanitized before using in any potentially risky situations.",
"product_ids": [
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.src",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.src",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache-commons-text: variable interpolation RCE"
},
{
"cve": "CVE-2023-24422",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2023-01-25T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2164278"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the script-security Jenkins Plugin. In affected versions of the script-security plugin, property assignments performed implicitly by the Groovy language runtime when invoking map constructors were not intercepted by the sandbox. This vulnerability allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift 3.11 is already in the ELS support model phase. The Jenkins components are out of scope of the ELS support; hence OpenShift 3.11 Jenkins component is marked in this CVE as out of support scope.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-24422"
},
{
"category": "external",
"summary": "RHBZ#2164278",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164278"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-24422",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24422"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-24422",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24422"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-01-24/#SECURITY-3016",
"url": "https://www.jenkins.io/security/advisory/2023-01-24/#SECURITY-3016"
}
],
"release_date": "2023-01-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:26:48+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0776"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.src",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin"
},
{
"cve": "CVE-2023-25761",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2023-02-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2170039"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Jenkins JUnit plugin. The affected versions of the JUnit Plugin do not escape test case class names in JavaScript expressions, resulting in a stored cross-site scripting (XSS) vulnerability. This may allow an attacker to control test case class names in the JUnit resources processed by the plugin.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift 3.11 is already in the ELS support model phase. The Jenkins components are out of scope of the ELS support, therefore, the OpenShift 3.11 Jenkins component is marked as out of support scope in this CVE.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-25761"
},
{
"category": "external",
"summary": "RHBZ#2170039",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170039"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-25761",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25761"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-25761",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25761"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-3032",
"url": "https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-3032"
}
],
"release_date": "2023-02-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:26:48+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0776"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.src",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin"
},
{
"cve": "CVE-2023-25762",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2023-02-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2170041"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Jenkins pipeline-build-step plugin. Affected versions of the pipeline-build-step plugin do not escape job names in a JavaScript expression used in the Pipeline Snippet Generator. This can result in a stored cross-site scripting (XSS) vulnerability that may allow attackers to control job names.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-2-plugins/pipeline-build-step: Stored XSS vulnerability in Pipeline: Build Step Plugin",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift 3.11 is already in the ELS support model phase. The Jenkins components are out of scope of the ELS support, therefore, the OpenShift 3.11 Jenkins component is marked as out of support scope in this CVE.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-25762"
},
{
"category": "external",
"summary": "RHBZ#2170041",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170041"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-25762",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25762"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-25762",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25762"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-3019",
"url": "https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-3019"
}
],
"release_date": "2023-02-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:26:48+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0776"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.src",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins-2-plugins/pipeline-build-step: Stored XSS vulnerability in Pipeline: Build Step Plugin"
},
{
"cve": "CVE-2023-37946",
"cwe": {
"id": "CWE-384",
"name": "Session Fixation"
},
"discovery_date": "2023-07-12T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2222709"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Jenkins OpenShift Login Plugin. Affected versions of this plugin could allow a remote attacker to bypass security restrictions caused by not invalidating the existing session on login. By persuading a victim to visit a specially crafted Web site, an attacker can gain administrator access to Jenkins.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Jenkins: Session fixation vulnerability in OpenShift Login Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-37946"
},
{
"category": "external",
"summary": "RHBZ#2222709",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222709"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-37946",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-37946"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-37946",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-37946"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-07-12/#SECURITY-2998",
"url": "https://www.jenkins.io/security/advisory/2023-07-12/#SECURITY-2998"
}
],
"release_date": "2023-07-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:26:48+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0776"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.src",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Jenkins: Session fixation vulnerability in OpenShift Login Plugin"
},
{
"cve": "CVE-2024-23897",
"cwe": {
"id": "CWE-88",
"name": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)"
},
"discovery_date": "2024-01-24T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2260180"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jenkins, which uses the args4j library to parse command arguments and options on the Jenkins controller when processing CLI commands. This command parser has a feature that replaces the \"@\" character followed by a file path in an argument with the file\u2019s contents (expandAtFiles). This feature is enabled by default; Jenkins 2.441 and earlier as well as LTS 2.426.2 and earlier do not disable it.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins: Arbitrary file read vulnerability through the CLI can lead to RCE",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-23897"
},
{
"category": "external",
"summary": "RHBZ#2260180",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2260180"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-23897",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23897"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-23897",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23897"
},
{
"category": "external",
"summary": "http://www.openwall.com/lists/oss-security/2024/01/24/6",
"url": "http://www.openwall.com/lists/oss-security/2024/01/24/6"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2024-01-24/#SECURITY-3314",
"url": "https://www.jenkins.io/security/advisory/2024-01-24/#SECURITY-3314"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2024-01-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:26:48+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0776"
},
{
"category": "workaround",
"details": "Disabling access to the CLI is expected to prevent exploitation completely. Doing so is strongly recommended to administrators unable to immediately update to Jenkins 2.442, LTS 2.426.3 or LTS 2.440.1. Applying this workaround does not require a Jenkins restart.",
"product_ids": [
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.src",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.src",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.src"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2024-08-19T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Critical"
}
],
"title": "jenkins: Arbitrary file read vulnerability through the CLI can lead to RCE"
},
{
"cve": "CVE-2024-23898",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-01-24T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2260182"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jenkins where websocket access to the CLI does not perform origin validation of requests when they are made through the websocket endpoint.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins: cross-site WebSocket hijacking",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-23898"
},
{
"category": "external",
"summary": "RHBZ#2260182",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2260182"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-23898",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23898"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-23898",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23898"
},
{
"category": "external",
"summary": "http://www.openwall.com/lists/oss-security/2024/01/24/6",
"url": "http://www.openwall.com/lists/oss-security/2024/01/24/6"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2024-01-24/#SECURITY-3315",
"url": "https://www.jenkins.io/security/advisory/2024-01-24/#SECURITY-3315"
}
],
"release_date": "2024-01-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:26:48+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0776"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-0:2.426.3.1706516254-3.el8.src",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.noarch",
"8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1706516346-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jenkins: cross-site WebSocket hijacking"
}
]
}
RHSA-2022:6825
Vulnerability from csaf_redhat - Published: 2022-10-05 16:46 - Updated: 2026-04-01 18:37Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.7 Security update
Severity
Important
Notes
Topic: A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.7 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.6, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.7 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* undertow: Large AJP request may cause DoS (CVE-2022-2053)
* undertow: potential security issue in flow control over HTTP/2 may lead to DOS. Incomplete fix for CVE-2021-3629 (CVE-2022-1259)
* snakeyaml: Denial of Service due missing to nested depth limitation for collections. (CVE-2022-25857)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in Undertow. A potential security issue in flow control handling by the browser over HTTP/2 may cause overhead or a denial of service in the server.
7.5 (High)
Vendor Fix
Before applying this update, ensure all previously released errata relevant to your system have been applied. For details about how to apply this update, see: https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2022:6825
A flaw was found in Undertow. AJP requests to the server may allow an attacker to send a malicious request and trigger server errors, resulting in a denial of service.
7.5 (High)
Vendor Fix
Before applying this update, ensure all previously released errata relevant to your system have been applied. For details about how to apply this update, see: https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2022:6825
A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.
7.5 (High)
Vendor Fix
Before applying this update, ensure all previously released errata relevant to your system have been applied. For details about how to apply this update, see: https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2022:6825
References
| URL | Category | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.7 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.6, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.7 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* undertow: Large AJP request may cause DoS (CVE-2022-2053)\n\n* undertow: potential security issue in flow control over HTTP/2 may lead to DOS. Incomplete fix for CVE-2021-3629 (CVE-2022-1259)\n\n* snakeyaml: Denial of Service due missing to nested depth limitation for collections. (CVE-2022-25857)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:6825",
"url": "https://access.redhat.com/errata/RHSA-2022:6825"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4",
"url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/index",
"url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/index"
},
{
"category": "external",
"summary": "2072339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072339"
},
{
"category": "external",
"summary": "2095862",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095862"
},
{
"category": "external",
"summary": "2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "JBEAP-23687",
"url": "https://issues.redhat.com/browse/JBEAP-23687"
},
{
"category": "external",
"summary": "JBEAP-23738",
"url": "https://issues.redhat.com/browse/JBEAP-23738"
},
{
"category": "external",
"summary": "JBEAP-23741",
"url": "https://issues.redhat.com/browse/JBEAP-23741"
},
{
"category": "external",
"summary": "JBEAP-23753",
"url": "https://issues.redhat.com/browse/JBEAP-23753"
},
{
"category": "external",
"summary": "JBEAP-23772",
"url": "https://issues.redhat.com/browse/JBEAP-23772"
},
{
"category": "external",
"summary": "JBEAP-23794",
"url": "https://issues.redhat.com/browse/JBEAP-23794"
},
{
"category": "external",
"summary": "JBEAP-23802",
"url": "https://issues.redhat.com/browse/JBEAP-23802"
},
{
"category": "external",
"summary": "JBEAP-23803",
"url": "https://issues.redhat.com/browse/JBEAP-23803"
},
{
"category": "external",
"summary": "JBEAP-23805",
"url": "https://issues.redhat.com/browse/JBEAP-23805"
},
{
"category": "external",
"summary": "JBEAP-23816",
"url": "https://issues.redhat.com/browse/JBEAP-23816"
},
{
"category": "external",
"summary": "JBEAP-23818",
"url": "https://issues.redhat.com/browse/JBEAP-23818"
},
{
"category": "external",
"summary": "JBEAP-23869",
"url": "https://issues.redhat.com/browse/JBEAP-23869"
},
{
"category": "external",
"summary": "JBEAP-23881",
"url": "https://issues.redhat.com/browse/JBEAP-23881"
},
{
"category": "external",
"summary": "JBEAP-23912",
"url": "https://issues.redhat.com/browse/JBEAP-23912"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_6825.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.7 Security update",
"tracking": {
"current_release_date": "2026-04-01T18:37:55+00:00",
"generator": {
"date": "2026-04-01T18:37:55+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.4"
}
},
"id": "RHSA-2022:6825",
"initial_release_date": "2022-10-05T16:46:28+00:00",
"revision_history": [
{
"date": "2022-10-05T16:46:28+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-10-23T22:29:52+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-01T18:37:55+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform ",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform ",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"category": "product_version",
"name": "None.jboss-eap-7.4.7-runtime-maven-repository.zip-None",
"product": {
"name": "None.jboss-eap-7.4.7-runtime-maven-repository.zip-None",
"product_id": "None.jboss-eap-7.4.7-runtime-maven-repository.zip-None",
"product_identification_helper": {
"purl": "pkg:generic/jboss-eap-7.4.7-runtime-maven-repository.zip"
}
}
},
{
"category": "product_version",
"name": "commons-collections.commons-collections-3.2.2.redhat-2.pom",
"product": {
"name": "commons-collections.commons-collections-3.2.2.redhat-2.pom",
"product_id": "commons-collections.commons-collections-3.2.2.redhat-2.pom",
"product_identification_helper": {
"purl": "pkg:maven/commons-collections/commons-collections@3.2.2.redhat-2?type=pom"
}
}
},
{
"category": "product_version",
"name": "commons-collections.commons-collections-3.2.2.redhat-2.jar",
"product": {
"name": "commons-collections.commons-collections-3.2.2.redhat-2.jar",
"product_id": "commons-collections.commons-collections-3.2.2.redhat-2.jar",
"product_identification_helper": {
"purl": "pkg:maven/commons-collections/commons-collections@3.2.2.redhat-2?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.logging.jul-to-slf4j-stub-1.0.1.Final-redhat-3.jar",
"product": {
"name": "org.jboss.logging.jul-to-slf4j-stub-1.0.1.Final-redhat-3.jar",
"product_id": "org.jboss.logging.jul-to-slf4j-stub-1.0.1.Final-redhat-3.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.logging/jul-to-slf4j-stub@1.0.1.Final-redhat-3?type=jar"
}
}
},
{
"category": "product_version",
"name": "antlr.antlr-2.7.7.redhat-7.jar",
"product": {
"name": "antlr.antlr-2.7.7.redhat-7.jar",
"product_id": "antlr.antlr-2.7.7.redhat-7.jar",
"product_identification_helper": {
"purl": "pkg:maven/antlr/antlr@2.7.7.redhat-7?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.ws.projects.jaxws-undertow-httpspi-1.0.1.Final-redhat-1.jar",
"product": {
"name": "org.jboss.ws.projects.jaxws-undertow-httpspi-1.0.1.Final-redhat-1.jar",
"product_id": "org.jboss.ws.projects.jaxws-undertow-httpspi-1.0.1.Final-redhat-1.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.ws.projects/jaxws-undertow-httpspi@1.0.1.Final-redhat-1?type=jar"
}
}
},
{
"category": "product_version",
"name": "javax.jws.jsr181-api-1.0.0.MR1-redhat-8.jar",
"product": {
"name": "javax.jws.jsr181-api-1.0.0.MR1-redhat-8.jar",
"product_id": "javax.jws.jsr181-api-1.0.0.MR1-redhat-8.jar",
"product_identification_helper": {
"purl": "pkg:maven/javax.jws/jsr181-api@1.0.0.MR1-redhat-8?type=jar"
}
}
},
{
"category": "product_version",
"name": "com.sun.xml.fastinfoset.FastInfoset-1.2.13.redhat-1.jar",
"product": {
"name": "com.sun.xml.fastinfoset.FastInfoset-1.2.13.redhat-1.jar",
"product_id": "com.sun.xml.fastinfoset.FastInfoset-1.2.13.redhat-1.jar",
"product_identification_helper": {
"purl": "pkg:maven/com.sun.xml.fastinfoset/FastInfoset@1.2.13.redhat-1?type=jar"
}
}
},
{
"category": "product_version",
"name": "net.jcip.jcip-annotations-1.0.0.redhat-8.jar",
"product": {
"name": "net.jcip.jcip-annotations-1.0.0.redhat-8.jar",
"product_id": "net.jcip.jcip-annotations-1.0.0.redhat-8.jar",
"product_identification_helper": {
"purl": "pkg:maven/net.jcip/jcip-annotations@1.0.0.redhat-8?type=jar"
}
}
},
{
"category": "product_version",
"name": "wsdl4j.wsdl4j-1.6.3.redhat-2.jar",
"product": {
"name": "wsdl4j.wsdl4j-1.6.3.redhat-2.jar",
"product_id": "wsdl4j.wsdl4j-1.6.3.redhat-2.jar",
"product_identification_helper": {
"purl": "pkg:maven/wsdl4j/wsdl4j@1.6.3.redhat-2?type=jar"
}
}
},
{
"category": "product_version",
"name": "ch.qos.cal10n.cal10n-api-0.8.1.redhat-1.jar",
"product": {
"name": "ch.qos.cal10n.cal10n-api-0.8.1.redhat-1.jar",
"product_id": "ch.qos.cal10n.cal10n-api-0.8.1.redhat-1.jar",
"product_identification_helper": {
"purl": "pkg:maven/ch.qos.cal10n/cal10n-api@0.8.1.redhat-1?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.ws.projects.jaxws-undertow-httpspi-1.0.1.Final-redhat-1.pom",
"product": {
"name": "org.jboss.ws.projects.jaxws-undertow-httpspi-1.0.1.Final-redhat-1.pom",
"product_id": "org.jboss.ws.projects.jaxws-undertow-httpspi-1.0.1.Final-redhat-1.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.ws.projects/jaxws-undertow-httpspi@1.0.1.Final-redhat-1?type=pom"
}
}
},
{
"category": "product_version",
"name": "com.sun.xml.fastinfoset.FastInfoset-1.2.13.redhat-1.pom",
"product": {
"name": "com.sun.xml.fastinfoset.FastInfoset-1.2.13.redhat-1.pom",
"product_id": "com.sun.xml.fastinfoset.FastInfoset-1.2.13.redhat-1.pom",
"product_identification_helper": {
"purl": "pkg:maven/com.sun.xml.fastinfoset/FastInfoset@1.2.13.redhat-1?type=pom"
}
}
},
{
"category": "product_version",
"name": "io.undertow.js.undertow-js-1.0.2.Final-redhat-1.pom",
"product": {
"name": "io.undertow.js.undertow-js-1.0.2.Final-redhat-1.pom",
"product_id": "io.undertow.js.undertow-js-1.0.2.Final-redhat-1.pom",
"product_identification_helper": {
"purl": "pkg:maven/io.undertow.js/undertow-js@1.0.2.Final-redhat-1?type=pom"
}
}
},
{
"category": "product_version",
"name": "wsdl4j.wsdl4j-1.6.3.redhat-2.pom",
"product": {
"name": "wsdl4j.wsdl4j-1.6.3.redhat-2.pom",
"product_id": "wsdl4j.wsdl4j-1.6.3.redhat-2.pom",
"product_identification_helper": {
"purl": "pkg:maven/wsdl4j/wsdl4j@1.6.3.redhat-2?type=pom"
}
}
},
{
"category": "product_version",
"name": "io.undertow.js.undertow-js-1.0.2.Final-redhat-1.jar",
"product": {
"name": "io.undertow.js.undertow-js-1.0.2.Final-redhat-1.jar",
"product_id": "io.undertow.js.undertow-js-1.0.2.Final-redhat-1.jar",
"product_identification_helper": {
"purl": "pkg:maven/io.undertow.js/undertow-js@1.0.2.Final-redhat-1?type=jar"
}
}
},
{
"category": "product_version",
"name": "ch.qos.cal10n.cal10n-api-0.8.1.redhat-1.pom",
"product": {
"name": "ch.qos.cal10n.cal10n-api-0.8.1.redhat-1.pom",
"product_id": "ch.qos.cal10n.cal10n-api-0.8.1.redhat-1.pom",
"product_identification_helper": {
"purl": "pkg:maven/ch.qos.cal10n/cal10n-api@0.8.1.redhat-1?type=pom"
}
}
},
{
"category": "product_version",
"name": "javax.jws.jsr181-api-1.0.0.MR1-redhat-8.pom",
"product": {
"name": "javax.jws.jsr181-api-1.0.0.MR1-redhat-8.pom",
"product_id": "javax.jws.jsr181-api-1.0.0.MR1-redhat-8.pom",
"product_identification_helper": {
"purl": "pkg:maven/javax.jws/jsr181-api@1.0.0.MR1-redhat-8?type=pom"
}
}
},
{
"category": "product_version",
"name": "gnu.getopt.java-getopt-1.0.13.redhat-5.pom",
"product": {
"name": "gnu.getopt.java-getopt-1.0.13.redhat-5.pom",
"product_id": "gnu.getopt.java-getopt-1.0.13.redhat-5.pom",
"product_identification_helper": {
"purl": "pkg:maven/gnu.getopt/java-getopt@1.0.13.redhat-5?type=pom"
}
}
},
{
"category": "product_version",
"name": "antlr.antlr-2.7.7.redhat-7.pom",
"product": {
"name": "antlr.antlr-2.7.7.redhat-7.pom",
"product_id": "antlr.antlr-2.7.7.redhat-7.pom",
"product_identification_helper": {
"purl": "pkg:maven/antlr/antlr@2.7.7.redhat-7?type=pom"
}
}
},
{
"category": "product_version",
"name": "gnu.getopt.java-getopt-1.0.13.redhat-5.jar",
"product": {
"name": "gnu.getopt.java-getopt-1.0.13.redhat-5.jar",
"product_id": "gnu.getopt.java-getopt-1.0.13.redhat-5.jar",
"product_identification_helper": {
"purl": "pkg:maven/gnu.getopt/java-getopt@1.0.13.redhat-5?type=jar"
}
}
},
{
"category": "product_version",
"name": "net.jcip.jcip-annotations-1.0.0.redhat-8.pom",
"product": {
"name": "net.jcip.jcip-annotations-1.0.0.redhat-8.pom",
"product_id": "net.jcip.jcip-annotations-1.0.0.redhat-8.pom",
"product_identification_helper": {
"purl": "pkg:maven/net.jcip/jcip-annotations@1.0.0.redhat-8?type=pom"
}
}
},
{
"category": "product_version",
"name": "commons-cli.commons-cli-1.2.0.redhat-10.pom",
"product": {
"name": "commons-cli.commons-cli-1.2.0.redhat-10.pom",
"product_id": "commons-cli.commons-cli-1.2.0.redhat-10.pom",
"product_identification_helper": {
"purl": "pkg:maven/commons-cli/commons-cli@1.2.0.redhat-10?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.seam.integration.jboss-seam-int-jbossas-7.0.0.GA-redhat-2.pom",
"product": {
"name": "org.jboss.seam.integration.jboss-seam-int-jbossas-7.0.0.GA-redhat-2.pom",
"product_id": "org.jboss.seam.integration.jboss-seam-int-jbossas-7.0.0.GA-redhat-2.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.seam.integration/jboss-seam-int-jbossas@7.0.0.GA-redhat-2?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.picketbox.picketbox-commons-1.0.0.final-redhat-5.jar",
"product": {
"name": "org.picketbox.picketbox-commons-1.0.0.final-redhat-5.jar",
"product_id": "org.picketbox.picketbox-commons-1.0.0.final-redhat-5.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.picketbox/picketbox-commons@1.0.0.final-redhat-5?type=jar"
}
}
},
{
"category": "product_version",
"name": "joda-time.joda-time-2.9.7.redhat-1.pom",
"product": {
"name": "joda-time.joda-time-2.9.7.redhat-1.pom",
"product_id": "joda-time.joda-time-2.9.7.redhat-1.pom",
"product_identification_helper": {
"purl": "pkg:maven/joda-time/joda-time@2.9.7.redhat-1?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.seam.integration.jboss-seam-int-jbossas-7.0.0.GA-redhat-2.jar",
"product": {
"name": "org.jboss.seam.integration.jboss-seam-int-jbossas-7.0.0.GA-redhat-2.jar",
"product_id": "org.jboss.seam.integration.jboss-seam-int-jbossas-7.0.0.GA-redhat-2.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.seam.integration/jboss-seam-int-jbossas@7.0.0.GA-redhat-2?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.staxmapper-1.3.0.Final-redhat-1.pom",
"product": {
"name": "org.jboss.staxmapper-1.3.0.Final-redhat-1.pom",
"product_id": "org.jboss.staxmapper-1.3.0.Final-redhat-1.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss/staxmapper@1.3.0.Final-redhat-1?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.staxmapper-1.3.0.Final-redhat-1.jar",
"product": {
"name": "org.jboss.staxmapper-1.3.0.Final-redhat-1.jar",
"product_id": "org.jboss.staxmapper-1.3.0.Final-redhat-1.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss/staxmapper@1.3.0.Final-redhat-1?type=jar"
}
}
},
{
"category": "product_version",
"name": "joda-time.joda-time-2.9.7.redhat-1.jar",
"product": {
"name": "joda-time.joda-time-2.9.7.redhat-1.jar",
"product_id": "joda-time.joda-time-2.9.7.redhat-1.jar",
"product_identification_helper": {
"purl": "pkg:maven/joda-time/joda-time@2.9.7.redhat-1?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.picketbox.picketbox-commons-1.0.0.final-redhat-5.pom",
"product": {
"name": "org.picketbox.picketbox-commons-1.0.0.final-redhat-5.pom",
"product_id": "org.picketbox.picketbox-commons-1.0.0.final-redhat-5.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.picketbox/picketbox-commons@1.0.0.final-redhat-5?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.logging.jul-to-slf4j-stub-1.0.1.Final-redhat-3.pom",
"product": {
"name": "org.jboss.logging.jul-to-slf4j-stub-1.0.1.Final-redhat-3.pom",
"product_id": "org.jboss.logging.jul-to-slf4j-stub-1.0.1.Final-redhat-3.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.logging/jul-to-slf4j-stub@1.0.1.Final-redhat-3?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.taglibs.taglibs-standard-compat-1.2.6.RC1-redhat-1.pom",
"product": {
"name": "org.apache.taglibs.taglibs-standard-compat-1.2.6.RC1-redhat-1.pom",
"product_id": "org.apache.taglibs.taglibs-standard-compat-1.2.6.RC1-redhat-1.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.taglibs/taglibs-standard-compat@1.2.6.RC1-redhat-1?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.taglibs.taglibs-standard-compat-1.2.6.RC1-redhat-1.jar",
"product": {
"name": "org.apache.taglibs.taglibs-standard-compat-1.2.6.RC1-redhat-1.jar",
"product_id": "org.apache.taglibs.taglibs-standard-compat-1.2.6.RC1-redhat-1.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.taglibs/taglibs-standard-compat@1.2.6.RC1-redhat-1?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.jboss-transaction-spi-7.6.0.Final-redhat-1.pom",
"product": {
"name": "org.jboss.jboss-transaction-spi-7.6.0.Final-redhat-1.pom",
"product_id": "org.jboss.jboss-transaction-spi-7.6.0.Final-redhat-1.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss/jboss-transaction-spi@7.6.0.Final-redhat-1?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.taglibs.taglibs-standard-spec-1.2.6.RC1-redhat-1.jar",
"product": {
"name": "org.apache.taglibs.taglibs-standard-spec-1.2.6.RC1-redhat-1.jar",
"product_id": "org.apache.taglibs.taglibs-standard-spec-1.2.6.RC1-redhat-1.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.taglibs/taglibs-standard-spec@1.2.6.RC1-redhat-1?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.taglibs.taglibs-standard-spec-1.2.6.RC1-redhat-1.pom",
"product": {
"name": "org.apache.taglibs.taglibs-standard-spec-1.2.6.RC1-redhat-1.pom",
"product_id": "org.apache.taglibs.taglibs-standard-spec-1.2.6.RC1-redhat-1.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.taglibs/taglibs-standard-spec@1.2.6.RC1-redhat-1?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.security.jbossxacml-2.0.8.Final-redhat-8.jar",
"product": {
"name": "org.jboss.security.jbossxacml-2.0.8.Final-redhat-8.jar",
"product_id": "org.jboss.security.jbossxacml-2.0.8.Final-redhat-8.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.security/jbossxacml@2.0.8.Final-redhat-8?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.taglibs.taglibs-standard-impl-1.2.6.RC1-redhat-1.pom",
"product": {
"name": "org.apache.taglibs.taglibs-standard-impl-1.2.6.RC1-redhat-1.pom",
"product_id": "org.apache.taglibs.taglibs-standard-impl-1.2.6.RC1-redhat-1.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.taglibs/taglibs-standard-impl@1.2.6.RC1-redhat-1?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.jboss-transaction-spi-7.6.0.Final-redhat-1.jar",
"product": {
"name": "org.jboss.jboss-transaction-spi-7.6.0.Final-redhat-1.jar",
"product_id": "org.jboss.jboss-transaction-spi-7.6.0.Final-redhat-1.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss/jboss-transaction-spi@7.6.0.Final-redhat-1?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.taglibs.taglibs-standard-impl-1.2.6.RC1-redhat-1.jar",
"product": {
"name": "org.apache.taglibs.taglibs-standard-impl-1.2.6.RC1-redhat-1.jar",
"product_id": "org.apache.taglibs.taglibs-standard-impl-1.2.6.RC1-redhat-1.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.taglibs/taglibs-standard-impl@1.2.6.RC1-redhat-1?type=jar"
}
}
},
{
"category": "product_version",
"name": "net.java.dev.msv.msv-core-2013.6.1.pom",
"product": {
"name": "net.java.dev.msv.msv-core-2013.6.1.pom",
"product_id": "net.java.dev.msv.msv-core-2013.6.1.pom",
"product_identification_helper": {
"purl": "pkg:maven/net.java.dev.msv/msv-core@2013.6.1?type=pom"
}
}
},
{
"category": "product_version",
"name": "net.java.dev.msv.xsdlib-2013.6.1.pom",
"product": {
"name": "net.java.dev.msv.xsdlib-2013.6.1.pom",
"product_id": "net.java.dev.msv.xsdlib-2013.6.1.pom",
"product_identification_helper": {
"purl": "pkg:maven/net.java.dev.msv/xsdlib@2013.6.1?type=pom"
}
}
},
{
"category": "product_version",
"name": "com.sun.xml.bind.jaxb.isorelax-20090621.pom",
"product": {
"name": "com.sun.xml.bind.jaxb.isorelax-20090621.pom",
"product_id": "com.sun.xml.bind.jaxb.isorelax-20090621.pom",
"product_identification_helper": {
"purl": "pkg:maven/com.sun.xml.bind.jaxb/isorelax@20090621?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.projectodd.vdx.vdx-core-1.1.6.redhat-1.jar",
"product": {
"name": "org.projectodd.vdx.vdx-core-1.1.6.redhat-1.jar",
"product_id": "org.projectodd.vdx.vdx-core-1.1.6.redhat-1.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.projectodd.vdx/vdx-core@1.1.6.redhat-1?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.projectodd.vdx.vdx-wildfly-1.1.6.redhat-1.jar",
"product": {
"name": "org.projectodd.vdx.vdx-wildfly-1.1.6.redhat-1.jar",
"product_id": "org.projectodd.vdx.vdx-wildfly-1.1.6.redhat-1.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.projectodd.vdx/vdx-wildfly@1.1.6.redhat-1?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.jboss-iiop-client-1.0.1.Final-redhat-1.pom",
"product": {
"name": "org.jboss.jboss-iiop-client-1.0.1.Final-redhat-1.pom",
"product_id": "org.jboss.jboss-iiop-client-1.0.1.Final-redhat-1.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss/jboss-iiop-client@1.0.1.Final-redhat-1?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.jboss-iiop-client-1.0.1.Final-redhat-1.jar",
"product": {
"name": "org.jboss.jboss-iiop-client-1.0.1.Final-redhat-1.jar",
"product_id": "org.jboss.jboss-iiop-client-1.0.1.Final-redhat-1.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss/jboss-iiop-client@1.0.1.Final-redhat-1?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.projectodd.vdx.vdx-wildfly-1.1.6.redhat-1.pom",
"product": {
"name": "org.projectodd.vdx.vdx-wildfly-1.1.6.redhat-1.pom",
"product_id": "org.projectodd.vdx.vdx-wildfly-1.1.6.redhat-1.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.projectodd.vdx/vdx-wildfly@1.1.6.redhat-1?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.projectodd.vdx.vdx-core-1.1.6.redhat-1.pom",
"product": {
"name": "org.projectodd.vdx.vdx-core-1.1.6.redhat-1.pom",
"product_id": "org.projectodd.vdx.vdx-core-1.1.6.redhat-1.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.projectodd.vdx/vdx-core@1.1.6.redhat-1?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.slf4j.slf4j-api-1.7.22.redhat-2.jar",
"product": {
"name": "org.slf4j.slf4j-api-1.7.22.redhat-2.jar",
"product_id": "org.slf4j.slf4j-api-1.7.22.redhat-2.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.slf4j/slf4j-api@1.7.22.redhat-2?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.slf4j.slf4j-api-1.7.22.redhat-2.pom",
"product": {
"name": "org.slf4j.slf4j-api-1.7.22.redhat-2.pom",
"product_id": "org.slf4j.slf4j-api-1.7.22.redhat-2.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.slf4j/slf4j-api@1.7.22.redhat-2?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.slf4j.slf4j-ext-1.7.22.redhat-2.jar",
"product": {
"name": "org.slf4j.slf4j-ext-1.7.22.redhat-2.jar",
"product_id": "org.slf4j.slf4j-ext-1.7.22.redhat-2.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.slf4j/slf4j-ext@1.7.22.redhat-2?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.slf4j.slf4j-ext-1.7.22.redhat-2.pom",
"product": {
"name": "org.slf4j.slf4j-ext-1.7.22.redhat-2.pom",
"product_id": "org.slf4j.slf4j-ext-1.7.22.redhat-2.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.slf4j/slf4j-ext@1.7.22.redhat-2?type=pom"
}
}
},
{
"category": "product_version",
"name": "jaxen.jaxen-1.1.6.redhat-2.pom",
"product": {
"name": "jaxen.jaxen-1.1.6.redhat-2.pom",
"product_id": "jaxen.jaxen-1.1.6.redhat-2.pom",
"product_identification_helper": {
"purl": "pkg:maven/jaxen/jaxen@1.1.6.redhat-2?type=pom"
}
}
},
{
"category": "product_version",
"name": "jaxen.jaxen-1.1.6.redhat-2.jar",
"product": {
"name": "jaxen.jaxen-1.1.6.redhat-2.jar",
"product_id": "jaxen.jaxen-1.1.6.redhat-2.jar",
"product_identification_helper": {
"purl": "pkg:maven/jaxen/jaxen@1.1.6.redhat-2?type=jar"
}
}
},
{
"category": "product_version",
"name": "xml-resolver.xml-resolver-1.2.0.redhat-12.pom",
"product": {
"name": "xml-resolver.xml-resolver-1.2.0.redhat-12.pom",
"product_id": "xml-resolver.xml-resolver-1.2.0.redhat-12.pom",
"product_identification_helper": {
"purl": "pkg:maven/xml-resolver/xml-resolver@1.2.0.redhat-12?type=pom"
}
}
},
{
"category": "product_version",
"name": "xml-resolver.xml-resolver-1.2.0.redhat-12.jar",
"product": {
"name": "xml-resolver.xml-resolver-1.2.0.redhat-12.jar",
"product_id": "xml-resolver.xml-resolver-1.2.0.redhat-12.jar",
"product_identification_helper": {
"purl": "pkg:maven/xml-resolver/xml-resolver@1.2.0.redhat-12?type=jar"
}
}
},
{
"category": "product_version",
"name": "commons-lang.commons-lang-2.6.0.redhat-7.jar",
"product": {
"name": "commons-lang.commons-lang-2.6.0.redhat-7.jar",
"product_id": "commons-lang.commons-lang-2.6.0.redhat-7.jar",
"product_identification_helper": {
"purl": "pkg:maven/commons-lang/commons-lang@2.6.0.redhat-7?type=jar"
}
}
},
{
"category": "product_version",
"name": "commons-lang.commons-lang-2.6.0.redhat-7.pom",
"product": {
"name": "commons-lang.commons-lang-2.6.0.redhat-7.pom",
"product_id": "commons-lang.commons-lang-2.6.0.redhat-7.pom",
"product_identification_helper": {
"purl": "pkg:maven/commons-lang/commons-lang@2.6.0.redhat-7?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.james.apache-mime4j-0.6.0.redhat-7.jar",
"product": {
"name": "org.apache.james.apache-mime4j-0.6.0.redhat-7.jar",
"product_id": "org.apache.james.apache-mime4j-0.6.0.redhat-7.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.james/apache-mime4j@0.6.0.redhat-7?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.james.apache-mime4j-0.6.0.redhat-7.pom",
"product": {
"name": "org.apache.james.apache-mime4j-0.6.0.redhat-7.pom",
"product_id": "org.apache.james.apache-mime4j-0.6.0.redhat-7.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.james/apache-mime4j@0.6.0.redhat-7?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.client.wildfly-client-config-1.0.1.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.client.wildfly-client-config-1.0.1.Final-redhat-00001.jar",
"product_id": "org.wildfly.client.wildfly-client-config-1.0.1.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.client/wildfly-client-config@1.0.1.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.spec.javax.xml.soap.jboss-saaj-api_1.3_spec-1.0.6.Final-redhat-1.jar",
"product": {
"name": "org.jboss.spec.javax.xml.soap.jboss-saaj-api_1.3_spec-1.0.6.Final-redhat-1.jar",
"product_id": "org.jboss.spec.javax.xml.soap.jboss-saaj-api_1.3_spec-1.0.6.Final-redhat-1.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.spec.javax.xml.soap/jboss-saaj-api_1.3_spec@1.0.6.Final-redhat-1?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.lucene.lucene-queryparser-5.5.5.redhat-2.pom",
"product": {
"name": "org.apache.lucene.lucene-queryparser-5.5.5.redhat-2.pom",
"product_id": "org.apache.lucene.lucene-queryparser-5.5.5.redhat-2.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.lucene/lucene-queryparser@5.5.5.redhat-2?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.lucene.lucene-core-5.5.5.redhat-2.jar",
"product": {
"name": "org.apache.lucene.lucene-core-5.5.5.redhat-2.jar",
"product_id": "org.apache.lucene.lucene-core-5.5.5.redhat-2.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.lucene/lucene-core@5.5.5.redhat-2?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.avro.avro-1.7.6.redhat-2.jar",
"product": {
"name": "org.apache.avro.avro-1.7.6.redhat-2.jar",
"product_id": "org.apache.avro.avro-1.7.6.redhat-2.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.avro/avro@1.7.6.redhat-2?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.lucene.lucene-analyzers-common-5.5.5.redhat-2.jar",
"product": {
"name": "org.apache.lucene.lucene-analyzers-common-5.5.5.redhat-2.jar",
"product_id": "org.apache.lucene.lucene-analyzers-common-5.5.5.redhat-2.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.lucene/lucene-analyzers-common@5.5.5.redhat-2?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.lucene.lucene-misc-5.5.5.redhat-2.pom",
"product": {
"name": "org.apache.lucene.lucene-misc-5.5.5.redhat-2.pom",
"product_id": "org.apache.lucene.lucene-misc-5.5.5.redhat-2.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.lucene/lucene-misc@5.5.5.redhat-2?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.logging.commons-logging-jboss-logging-1.0.0.Final-redhat-1.jar",
"product": {
"name": "org.jboss.logging.commons-logging-jboss-logging-1.0.0.Final-redhat-1.jar",
"product_id": "org.jboss.logging.commons-logging-jboss-logging-1.0.0.Final-redhat-1.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.logging/commons-logging-jboss-logging@1.0.0.Final-redhat-1?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.avro.avro-1.7.6.redhat-2.pom",
"product": {
"name": "org.apache.avro.avro-1.7.6.redhat-2.pom",
"product_id": "org.apache.avro.avro-1.7.6.redhat-2.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.avro/avro@1.7.6.redhat-2?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.lucene.lucene-core-5.5.5.redhat-2.pom",
"product": {
"name": "org.apache.lucene.lucene-core-5.5.5.redhat-2.pom",
"product_id": "org.apache.lucene.lucene-core-5.5.5.redhat-2.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.lucene/lucene-core@5.5.5.redhat-2?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.lucene.lucene-backward-codecs-5.5.5.redhat-2.jar",
"product": {
"name": "org.apache.lucene.lucene-backward-codecs-5.5.5.redhat-2.jar",
"product_id": "org.apache.lucene.lucene-backward-codecs-5.5.5.redhat-2.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.lucene/lucene-backward-codecs@5.5.5.redhat-2?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.neethi.neethi-3.1.1.redhat-1.pom",
"product": {
"name": "org.apache.neethi.neethi-3.1.1.redhat-1.pom",
"product_id": "org.apache.neethi.neethi-3.1.1.redhat-1.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.neethi/neethi@3.1.1.redhat-1?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.lucene.lucene-backward-codecs-5.5.5.redhat-2.pom",
"product": {
"name": "org.apache.lucene.lucene-backward-codecs-5.5.5.redhat-2.pom",
"product_id": "org.apache.lucene.lucene-backward-codecs-5.5.5.redhat-2.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.lucene/lucene-backward-codecs@5.5.5.redhat-2?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.lucene.lucene-queries-5.5.5.redhat-2.pom",
"product": {
"name": "org.apache.lucene.lucene-queries-5.5.5.redhat-2.pom",
"product_id": "org.apache.lucene.lucene-queries-5.5.5.redhat-2.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.lucene/lucene-queries@5.5.5.redhat-2?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.spec.javax.xml.soap.jboss-saaj-api_1.3_spec-1.0.6.Final-redhat-1.pom",
"product": {
"name": "org.jboss.spec.javax.xml.soap.jboss-saaj-api_1.3_spec-1.0.6.Final-redhat-1.pom",
"product_id": "org.jboss.spec.javax.xml.soap.jboss-saaj-api_1.3_spec-1.0.6.Final-redhat-1.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.spec.javax.xml.soap/jboss-saaj-api_1.3_spec@1.0.6.Final-redhat-1?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.lucene.lucene-queries-5.5.5.redhat-2.jar",
"product": {
"name": "org.apache.lucene.lucene-queries-5.5.5.redhat-2.jar",
"product_id": "org.apache.lucene.lucene-queries-5.5.5.redhat-2.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.lucene/lucene-queries@5.5.5.redhat-2?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.lucene.lucene-analyzers-common-5.5.5.redhat-2.pom",
"product": {
"name": "org.apache.lucene.lucene-analyzers-common-5.5.5.redhat-2.pom",
"product_id": "org.apache.lucene.lucene-analyzers-common-5.5.5.redhat-2.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.lucene/lucene-analyzers-common@5.5.5.redhat-2?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.lucene.lucene-queryparser-5.5.5.redhat-2.jar",
"product": {
"name": "org.apache.lucene.lucene-queryparser-5.5.5.redhat-2.jar",
"product_id": "org.apache.lucene.lucene-queryparser-5.5.5.redhat-2.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.lucene/lucene-queryparser@5.5.5.redhat-2?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.lucene.lucene-misc-5.5.5.redhat-2.jar",
"product": {
"name": "org.apache.lucene.lucene-misc-5.5.5.redhat-2.jar",
"product_id": "org.apache.lucene.lucene-misc-5.5.5.redhat-2.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.lucene/lucene-misc@5.5.5.redhat-2?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.lucene.lucene-facet-5.5.5.redhat-2.jar",
"product": {
"name": "org.apache.lucene.lucene-facet-5.5.5.redhat-2.jar",
"product_id": "org.apache.lucene.lucene-facet-5.5.5.redhat-2.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.lucene/lucene-facet@5.5.5.redhat-2?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.neethi.neethi-3.1.1.redhat-1.jar",
"product": {
"name": "org.apache.neethi.neethi-3.1.1.redhat-1.jar",
"product_id": "org.apache.neethi.neethi-3.1.1.redhat-1.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.neethi/neethi@3.1.1.redhat-1?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.lucene.lucene-facet-5.5.5.redhat-2.pom",
"product": {
"name": "org.apache.lucene.lucene-facet-5.5.5.redhat-2.pom",
"product_id": "org.apache.lucene.lucene-facet-5.5.5.redhat-2.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.lucene/lucene-facet@5.5.5.redhat-2?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.client.wildfly-client-config-1.0.1.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.client.wildfly-client-config-1.0.1.Final-redhat-00001.pom",
"product_id": "org.wildfly.client.wildfly-client-config-1.0.1.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.client/wildfly-client-config@1.0.1.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.ws.jbossws-api-1.1.2.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.ws.jbossws-api-1.1.2.Final-redhat-00001.jar",
"product_id": "org.jboss.ws.jbossws-api-1.1.2.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.ws/jbossws-api@1.1.2.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "io.agroal.agroal-narayana-1.3.0.redhat-00001.jar",
"product": {
"name": "io.agroal.agroal-narayana-1.3.0.redhat-00001.jar",
"product_id": "io.agroal.agroal-narayana-1.3.0.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/io.agroal/agroal-narayana@1.3.0.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "io.agroal.agroal-narayana-1.3.0.redhat-00001.pom",
"product": {
"name": "io.agroal.agroal-narayana-1.3.0.redhat-00001.pom",
"product_id": "io.agroal.agroal-narayana-1.3.0.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/io.agroal/agroal-narayana@1.3.0.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.ws.jbossws-api-1.1.2.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.ws.jbossws-api-1.1.2.Final-redhat-00001.pom",
"product_id": "org.jboss.ws.jbossws-api-1.1.2.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.ws/jbossws-api@1.1.2.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "io.agroal.agroal-pool-1.3.0.redhat-00001.pom",
"product": {
"name": "io.agroal.agroal-pool-1.3.0.redhat-00001.pom",
"product_id": "io.agroal.agroal-pool-1.3.0.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/io.agroal/agroal-pool@1.3.0.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "io.agroal.agroal-api-1.3.0.redhat-00001.jar",
"product": {
"name": "io.agroal.agroal-api-1.3.0.redhat-00001.jar",
"product_id": "io.agroal.agroal-api-1.3.0.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/io.agroal/agroal-api@1.3.0.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "io.agroal.agroal-pool-1.3.0.redhat-00001.jar",
"product": {
"name": "io.agroal.agroal-pool-1.3.0.redhat-00001.jar",
"product_id": "io.agroal.agroal-pool-1.3.0.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/io.agroal/agroal-pool@1.3.0.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.ws.jbossws-common-tools-1.3.2.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.ws.jbossws-common-tools-1.3.2.Final-redhat-00001.pom",
"product_id": "org.jboss.ws.jbossws-common-tools-1.3.2.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.ws/jbossws-common-tools@1.3.2.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.ws.jbossws-common-tools-1.3.2.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.ws.jbossws-common-tools-1.3.2.Final-redhat-00001.jar",
"product_id": "org.jboss.ws.jbossws-common-tools-1.3.2.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.ws/jbossws-common-tools@1.3.2.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "io.agroal.agroal-api-1.3.0.redhat-00001.pom",
"product": {
"name": "io.agroal.agroal-api-1.3.0.redhat-00001.pom",
"product_id": "io.agroal.agroal-api-1.3.0.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/io.agroal/agroal-api@1.3.0.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.logging.commons-logging-jboss-logging-1.0.0.Final-redhat-1.pom",
"product": {
"name": "org.jboss.logging.commons-logging-jboss-logging-1.0.0.Final-redhat-1.pom",
"product_id": "org.jboss.logging.commons-logging-jboss-logging-1.0.0.Final-redhat-1.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.logging/commons-logging-jboss-logging@1.0.0.Final-redhat-1?type=pom"
}
}
},
{
"category": "product_version",
"name": "commons-codec.commons-codec-1.11.0.redhat-00001.pom",
"product": {
"name": "commons-codec.commons-codec-1.11.0.redhat-00001.pom",
"product_id": "commons-codec.commons-codec-1.11.0.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/commons-codec/commons-codec@1.11.0.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.jboss-ejb-client-legacy-3.0.3.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.jboss-ejb-client-legacy-3.0.3.Final-redhat-00001.jar",
"product_id": "org.jboss.jboss-ejb-client-legacy-3.0.3.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss/jboss-ejb-client-legacy@3.0.3.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.jboss-ejb-client-legacy-3.0.3.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.jboss-ejb-client-legacy-3.0.3.Final-redhat-00001.pom",
"product_id": "org.jboss.jboss-ejb-client-legacy-3.0.3.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss/jboss-ejb-client-legacy@3.0.3.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.httpcomponents.httpasyncclient-4.1.4.redhat-00001.pom",
"product": {
"name": "org.apache.httpcomponents.httpasyncclient-4.1.4.redhat-00001.pom",
"product_id": "org.apache.httpcomponents.httpasyncclient-4.1.4.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.httpcomponents/httpasyncclient@4.1.4.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.httpcomponents.httpasyncclient-4.1.4.redhat-00001.jar",
"product": {
"name": "org.apache.httpcomponents.httpasyncclient-4.1.4.redhat-00001.jar",
"product_id": "org.apache.httpcomponents.httpasyncclient-4.1.4.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.httpcomponents/httpasyncclient@4.1.4.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.ejb3.jboss-ejb3-ext-api-2.3.0.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.ejb3.jboss-ejb3-ext-api-2.3.0.Final-redhat-00001.jar",
"product_id": "org.jboss.ejb3.jboss-ejb3-ext-api-2.3.0.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.ejb3/jboss-ejb3-ext-api@2.3.0.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.ejb3.jboss-ejb3-ext-api-2.3.0.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.ejb3.jboss-ejb3-ext-api-2.3.0.Final-redhat-00001.pom",
"product_id": "org.jboss.ejb3.jboss-ejb3-ext-api-2.3.0.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.ejb3/jboss-ejb3-ext-api@2.3.0.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.metadata.jboss-metadata-ear-13.0.0.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.metadata.jboss-metadata-ear-13.0.0.Final-redhat-00001.jar",
"product_id": "org.jboss.metadata.jboss-metadata-ear-13.0.0.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.metadata/jboss-metadata-ear@13.0.0.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.metadata.jboss-metadata-common-13.0.0.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.metadata.jboss-metadata-common-13.0.0.Final-redhat-00001.jar",
"product_id": "org.jboss.metadata.jboss-metadata-common-13.0.0.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.metadata/jboss-metadata-common@13.0.0.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.metadata.jboss-metadata-ejb-13.0.0.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.metadata.jboss-metadata-ejb-13.0.0.Final-redhat-00001.jar",
"product_id": "org.jboss.metadata.jboss-metadata-ejb-13.0.0.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.metadata/jboss-metadata-ejb@13.0.0.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.metadata.jboss-metadata-appclient-13.0.0.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.metadata.jboss-metadata-appclient-13.0.0.Final-redhat-00001.pom",
"product_id": "org.jboss.metadata.jboss-metadata-appclient-13.0.0.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.metadata/jboss-metadata-appclient@13.0.0.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.metadata.jboss-metadata-ejb-13.0.0.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.metadata.jboss-metadata-ejb-13.0.0.Final-redhat-00001.pom",
"product_id": "org.jboss.metadata.jboss-metadata-ejb-13.0.0.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.metadata/jboss-metadata-ejb@13.0.0.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.metadata.jboss-metadata-ear-13.0.0.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.metadata.jboss-metadata-ear-13.0.0.Final-redhat-00001.pom",
"product_id": "org.jboss.metadata.jboss-metadata-ear-13.0.0.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.metadata/jboss-metadata-ear@13.0.0.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.metadata.jboss-metadata-common-13.0.0.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.metadata.jboss-metadata-common-13.0.0.Final-redhat-00001.pom",
"product_id": "org.jboss.metadata.jboss-metadata-common-13.0.0.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.metadata/jboss-metadata-common@13.0.0.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.metadata.jboss-metadata-web-13.0.0.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.metadata.jboss-metadata-web-13.0.0.Final-redhat-00001.pom",
"product_id": "org.jboss.metadata.jboss-metadata-web-13.0.0.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.metadata/jboss-metadata-web@13.0.0.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.metadata.jboss-metadata-appclient-13.0.0.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.metadata.jboss-metadata-appclient-13.0.0.Final-redhat-00001.jar",
"product_id": "org.jboss.metadata.jboss-metadata-appclient-13.0.0.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.metadata/jboss-metadata-appclient@13.0.0.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.metadata.jboss-metadata-web-13.0.0.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.metadata.jboss-metadata-web-13.0.0.Final-redhat-00001.jar",
"product_id": "org.jboss.metadata.jboss-metadata-web-13.0.0.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.metadata/jboss-metadata-web@13.0.0.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.hibernate.common.hibernate-commons-annotations-5.0.5.Final-redhat-00002.jar",
"product": {
"name": "org.hibernate.common.hibernate-commons-annotations-5.0.5.Final-redhat-00002.jar",
"product_id": "org.hibernate.common.hibernate-commons-annotations-5.0.5.Final-redhat-00002.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.hibernate.common/hibernate-commons-annotations@5.0.5.Final-redhat-00002?type=jar"
}
}
},
{
"category": "product_version",
"name": "com.google.code.gson.gson-2.8.5.redhat-00001.pom",
"product": {
"name": "com.google.code.gson.gson-2.8.5.redhat-00001.pom",
"product_id": "com.google.code.gson.gson-2.8.5.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/com.google.code.gson/gson@2.8.5.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.stdio.jboss-stdio-1.1.0.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.stdio.jboss-stdio-1.1.0.Final-redhat-00001.jar",
"product_id": "org.jboss.stdio.jboss-stdio-1.1.0.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.stdio/jboss-stdio@1.1.0.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.stdio.jboss-stdio-1.1.0.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.stdio.jboss-stdio-1.1.0.Final-redhat-00001.pom",
"product_id": "org.jboss.stdio.jboss-stdio-1.1.0.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.stdio/jboss-stdio@1.1.0.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.security.jboss-negotiation-spnego-3.0.6.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.security.jboss-negotiation-spnego-3.0.6.Final-redhat-00001.pom",
"product_id": "org.jboss.security.jboss-negotiation-spnego-3.0.6.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.security/jboss-negotiation-spnego@3.0.6.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.security.jboss-negotiation-common-3.0.6.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.security.jboss-negotiation-common-3.0.6.Final-redhat-00001.jar",
"product_id": "org.jboss.security.jboss-negotiation-common-3.0.6.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.security/jboss-negotiation-common@3.0.6.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.security.jboss-negotiation-extras-3.0.6.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.security.jboss-negotiation-extras-3.0.6.Final-redhat-00001.pom",
"product_id": "org.jboss.security.jboss-negotiation-extras-3.0.6.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.security/jboss-negotiation-extras@3.0.6.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.security.jboss-negotiation-common-3.0.6.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.security.jboss-negotiation-common-3.0.6.Final-redhat-00001.pom",
"product_id": "org.jboss.security.jboss-negotiation-common-3.0.6.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.security/jboss-negotiation-common@3.0.6.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.security.jboss-negotiation-ntlm-3.0.6.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.security.jboss-negotiation-ntlm-3.0.6.Final-redhat-00001.pom",
"product_id": "org.jboss.security.jboss-negotiation-ntlm-3.0.6.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.security/jboss-negotiation-ntlm@3.0.6.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.security.jboss-negotiation-extras-3.0.6.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.security.jboss-negotiation-extras-3.0.6.Final-redhat-00001.jar",
"product_id": "org.jboss.security.jboss-negotiation-extras-3.0.6.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.security/jboss-negotiation-extras@3.0.6.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.security.jboss-negotiation-spnego-3.0.6.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.security.jboss-negotiation-spnego-3.0.6.Final-redhat-00001.jar",
"product_id": "org.jboss.security.jboss-negotiation-spnego-3.0.6.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.security/jboss-negotiation-spnego@3.0.6.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.security.jboss-negotiation-ntlm-3.0.6.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.security.jboss-negotiation-ntlm-3.0.6.Final-redhat-00001.jar",
"product_id": "org.jboss.security.jboss-negotiation-ntlm-3.0.6.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.security/jboss-negotiation-ntlm@3.0.6.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "jboss.jaxbintros.jboss-jaxb-intros-1.0.3.GA-redhat-00001.pom",
"product": {
"name": "jboss.jaxbintros.jboss-jaxb-intros-1.0.3.GA-redhat-00001.pom",
"product_id": "jboss.jaxbintros.jboss-jaxb-intros-1.0.3.GA-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/jboss.jaxbintros/jboss-jaxb-intros@1.0.3.GA-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "jboss.jaxbintros.jboss-jaxb-intros-1.0.3.GA-redhat-00001.jar",
"product": {
"name": "jboss.jaxbintros.jboss-jaxb-intros-1.0.3.GA-redhat-00001.jar",
"product_id": "jboss.jaxbintros.jboss-jaxb-intros-1.0.3.GA-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/jboss.jaxbintros/jboss-jaxb-intros@1.0.3.GA-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.fusesource.hawtjni.hawtjni-runtime-1.17.0.redhat-00001.pom",
"product": {
"name": "org.fusesource.hawtjni.hawtjni-runtime-1.17.0.redhat-00001.pom",
"product_id": "org.fusesource.hawtjni.hawtjni-runtime-1.17.0.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.fusesource.hawtjni/hawtjni-runtime@1.17.0.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.fusesource.jansi.jansi-1.18.0.redhat-00001.jar",
"product": {
"name": "org.fusesource.jansi.jansi-1.18.0.redhat-00001.jar",
"product_id": "org.fusesource.jansi.jansi-1.18.0.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.fusesource.jansi/jansi@1.18.0.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.fusesource.jansi.jansi-linux32-1.8.0.redhat-00001.pom",
"product": {
"name": "org.fusesource.jansi.jansi-linux32-1.8.0.redhat-00001.pom",
"product_id": "org.fusesource.jansi.jansi-linux32-1.8.0.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.fusesource.jansi/jansi-linux32@1.8.0.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.fusesource.jansi.jansi-linux64-1.8.0.redhat-00001.pom",
"product": {
"name": "org.fusesource.jansi.jansi-linux64-1.8.0.redhat-00001.pom",
"product_id": "org.fusesource.jansi.jansi-linux64-1.8.0.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.fusesource.jansi/jansi-linux64@1.8.0.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.fusesource.jansi.jansi-native-1.8.0.redhat-00001.pom",
"product": {
"name": "org.fusesource.jansi.jansi-native-1.8.0.redhat-00001.pom",
"product_id": "org.fusesource.jansi.jansi-native-1.8.0.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.fusesource.jansi/jansi-native@1.8.0.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.common.jboss-common-beans-2.0.1.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.common.jboss-common-beans-2.0.1.Final-redhat-00001.jar",
"product_id": "org.jboss.common.jboss-common-beans-2.0.1.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.common/jboss-common-beans@2.0.1.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.common.jboss-common-beans-2.0.1.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.common.jboss-common-beans-2.0.1.Final-redhat-00001.pom",
"product_id": "org.jboss.common.jboss-common-beans-2.0.1.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.common/jboss-common-beans@2.0.1.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.openjdk-orb.openjdk-orb-8.1.4.Final-redhat-00002.pom",
"product": {
"name": "org.jboss.openjdk-orb.openjdk-orb-8.1.4.Final-redhat-00002.pom",
"product_id": "org.jboss.openjdk-orb.openjdk-orb-8.1.4.Final-redhat-00002.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.openjdk-orb/openjdk-orb@8.1.4.Final-redhat-00002?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.openjdk-orb.openjdk-orb-8.1.4.Final-redhat-00002.jar",
"product": {
"name": "org.jboss.openjdk-orb.openjdk-orb-8.1.4.Final-redhat-00002.jar",
"product_id": "org.jboss.openjdk-orb.openjdk-orb-8.1.4.Final-redhat-00002.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.openjdk-orb/openjdk-orb@8.1.4.Final-redhat-00002?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.logging.jboss-logging-3.4.1.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.logging.jboss-logging-3.4.1.Final-redhat-00001.pom",
"product_id": "org.jboss.logging.jboss-logging-3.4.1.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.logging/jboss-logging@3.4.1.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.logging.jboss-logging-3.4.1.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.logging.jboss-logging-3.4.1.Final-redhat-00001.jar",
"product_id": "org.jboss.logging.jboss-logging-3.4.1.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.logging/jboss-logging@3.4.1.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.aesh.aesh-extensions-1.8.0.redhat-00001.jar",
"product": {
"name": "org.aesh.aesh-extensions-1.8.0.redhat-00001.jar",
"product_id": "org.aesh.aesh-extensions-1.8.0.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.aesh/aesh-extensions@1.8.0.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.aesh.aesh-extensions-1.8.0.redhat-00001.pom",
"product": {
"name": "org.aesh.aesh-extensions-1.8.0.redhat-00001.pom",
"product_id": "org.aesh.aesh-extensions-1.8.0.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.aesh/aesh-extensions@1.8.0.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "commons-cli.commons-cli-1.4.0.redhat-00001.jar",
"product": {
"name": "commons-cli.commons-cli-1.4.0.redhat-00001.jar",
"product_id": "commons-cli.commons-cli-1.4.0.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/commons-cli/commons-cli@1.4.0.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "commons-cli.commons-cli-1.4.0.redhat-00001.pom",
"product": {
"name": "commons-cli.commons-cli-1.4.0.redhat-00001.pom",
"product_id": "commons-cli.commons-cli-1.4.0.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/commons-cli/commons-cli@1.4.0.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.aesh.aesh-2.4.0.redhat-00001.jar",
"product": {
"name": "org.aesh.aesh-2.4.0.redhat-00001.jar",
"product_id": "org.aesh.aesh-2.4.0.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.aesh/aesh@2.4.0.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.aesh.aesh-2.4.0.redhat-00001.pom",
"product": {
"name": "org.aesh.aesh-2.4.0.redhat-00001.pom",
"product_id": "org.aesh.aesh-2.4.0.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.aesh/aesh@2.4.0.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.spec.javax.security.auth.message.jboss-jaspi-api_1.1_spec-2.0.1.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.spec.javax.security.auth.message.jboss-jaspi-api_1.1_spec-2.0.1.Final-redhat-00001.pom",
"product_id": "org.jboss.spec.javax.security.auth.message.jboss-jaspi-api_1.1_spec-2.0.1.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.spec.javax.security.auth.message/jboss-jaspi-api_1.1_spec@2.0.1.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.spec.javax.security.auth.message.jboss-jaspi-api_1.1_spec-2.0.1.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.spec.javax.security.auth.message.jboss-jaspi-api_1.1_spec-2.0.1.Final-redhat-00001.jar",
"product_id": "org.jboss.spec.javax.security.auth.message.jboss-jaspi-api_1.1_spec-2.0.1.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.spec.javax.security.auth.message/jboss-jaspi-api_1.1_spec@2.0.1.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.spec.javax.security.jacc.jboss-jacc-api_1.5_spec-2.0.0.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.spec.javax.security.jacc.jboss-jacc-api_1.5_spec-2.0.0.Final-redhat-00001.pom",
"product_id": "org.jboss.spec.javax.security.jacc.jboss-jacc-api_1.5_spec-2.0.0.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.spec.javax.security.jacc/jboss-jacc-api_1.5_spec@2.0.0.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.spec.javax.security.jacc.jboss-jacc-api_1.5_spec-2.0.0.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.spec.javax.security.jacc.jboss-jacc-api_1.5_spec-2.0.0.Final-redhat-00001.jar",
"product_id": "org.jboss.spec.javax.security.jacc.jboss-jacc-api_1.5_spec-2.0.0.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.spec.javax.security.jacc/jboss-jacc-api_1.5_spec@2.0.0.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.glassfish.jakarta.json-1.1.6.redhat-00001.jar",
"product": {
"name": "org.glassfish.jakarta.json-1.1.6.redhat-00001.jar",
"product_id": "org.glassfish.jakarta.json-1.1.6.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.glassfish/jakarta.json@1.1.6.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.glassfish.jakarta.json-1.1.6.redhat-00001.pom",
"product": {
"name": "org.glassfish.jakarta.json-1.1.6.redhat-00001.pom",
"product_id": "org.glassfish.jakarta.json-1.1.6.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.glassfish/jakarta.json@1.1.6.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "jakarta.json.jakarta.json-api-1.1.6.redhat-00001.jar",
"product": {
"name": "jakarta.json.jakarta.json-api-1.1.6.redhat-00001.jar",
"product_id": "jakarta.json.jakarta.json-api-1.1.6.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/jakarta.json/jakarta.json-api@1.1.6.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "jakarta.json.jakarta.json-api-1.1.6.redhat-00001.pom",
"product": {
"name": "jakarta.json.jakarta.json-api-1.1.6.redhat-00001.pom",
"product_id": "jakarta.json.jakarta.json-api-1.1.6.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/jakarta.json/jakarta.json-api@1.1.6.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.hibernate.hibernate-search-orm-5.10.7.Final-redhat-00001.pom",
"product": {
"name": "org.hibernate.hibernate-search-orm-5.10.7.Final-redhat-00001.pom",
"product_id": "org.hibernate.hibernate-search-orm-5.10.7.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.hibernate/hibernate-search-orm@5.10.7.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.hibernate.hibernate-search-engine-5.10.7.Final-redhat-00001.jar",
"product": {
"name": "org.hibernate.hibernate-search-engine-5.10.7.Final-redhat-00001.jar",
"product_id": "org.hibernate.hibernate-search-engine-5.10.7.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.hibernate/hibernate-search-engine@5.10.7.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.hibernate.hibernate-search-serialization-avro-5.10.7.Final-redhat-00001.pom",
"product": {
"name": "org.hibernate.hibernate-search-serialization-avro-5.10.7.Final-redhat-00001.pom",
"product_id": "org.hibernate.hibernate-search-serialization-avro-5.10.7.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.hibernate/hibernate-search-serialization-avro@5.10.7.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.hibernate.hibernate-search-backend-jms-5.10.7.Final-redhat-00001.pom",
"product": {
"name": "org.hibernate.hibernate-search-backend-jms-5.10.7.Final-redhat-00001.pom",
"product_id": "org.hibernate.hibernate-search-backend-jms-5.10.7.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.hibernate/hibernate-search-backend-jms@5.10.7.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.hibernate.hibernate-search-serialization-avro-5.10.7.Final-redhat-00001.jar",
"product": {
"name": "org.hibernate.hibernate-search-serialization-avro-5.10.7.Final-redhat-00001.jar",
"product_id": "org.hibernate.hibernate-search-serialization-avro-5.10.7.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.hibernate/hibernate-search-serialization-avro@5.10.7.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.hibernate.hibernate-search-engine-5.10.7.Final-redhat-00001.pom",
"product": {
"name": "org.hibernate.hibernate-search-engine-5.10.7.Final-redhat-00001.pom",
"product_id": "org.hibernate.hibernate-search-engine-5.10.7.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.hibernate/hibernate-search-engine@5.10.7.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.hibernate.hibernate-search-orm-5.10.7.Final-redhat-00001.jar",
"product": {
"name": "org.hibernate.hibernate-search-orm-5.10.7.Final-redhat-00001.jar",
"product_id": "org.hibernate.hibernate-search-orm-5.10.7.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.hibernate/hibernate-search-orm@5.10.7.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.hibernate.hibernate-search-backend-jms-5.10.7.Final-redhat-00001.jar",
"product": {
"name": "org.hibernate.hibernate-search-backend-jms-5.10.7.Final-redhat-00001.jar",
"product_id": "org.hibernate.hibernate-search-backend-jms-5.10.7.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.hibernate/hibernate-search-backend-jms@5.10.7.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "jakarta.security.enterprise.jakarta.security.enterprise-api-1.0.2.redhat-00001.jar",
"product": {
"name": "jakarta.security.enterprise.jakarta.security.enterprise-api-1.0.2.redhat-00001.jar",
"product_id": "jakarta.security.enterprise.jakarta.security.enterprise-api-1.0.2.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/jakarta.security.enterprise/jakarta.security.enterprise-api@1.0.2.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "jakarta.security.enterprise.jakarta.security.enterprise-api-1.0.2.redhat-00001.pom",
"product": {
"name": "jakarta.security.enterprise.jakarta.security.enterprise-api-1.0.2.redhat-00001.pom",
"product_id": "jakarta.security.enterprise.jakarta.security.enterprise-api-1.0.2.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/jakarta.security.enterprise/jakarta.security.enterprise-api@1.0.2.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "net.shibboleth.utilities.java-support-7.3.0.redhat-00001.jar",
"product": {
"name": "net.shibboleth.utilities.java-support-7.3.0.redhat-00001.jar",
"product_id": "net.shibboleth.utilities.java-support-7.3.0.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/net.shibboleth.utilities/java-support@7.3.0.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "net.shibboleth.utilities.java-support-7.3.0.redhat-00001.pom",
"product": {
"name": "net.shibboleth.utilities.java-support-7.3.0.redhat-00001.pom",
"product_id": "net.shibboleth.utilities.java-support-7.3.0.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/net.shibboleth.utilities/java-support@7.3.0.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.spec.javax.xml.ws.jboss-jaxws-api_2.3_spec-2.0.0.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.spec.javax.xml.ws.jboss-jaxws-api_2.3_spec-2.0.0.Final-redhat-00001.pom",
"product_id": "org.jboss.spec.javax.xml.ws.jboss-jaxws-api_2.3_spec-2.0.0.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.spec.javax.xml.ws/jboss-jaxws-api_2.3_spec@2.0.0.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.spec.javax.xml.ws.jboss-jaxws-api_2.3_spec-2.0.0.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.spec.javax.xml.ws.jboss-jaxws-api_2.3_spec-2.0.0.Final-redhat-00001.jar",
"product_id": "org.jboss.spec.javax.xml.ws.jboss-jaxws-api_2.3_spec-2.0.0.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.spec.javax.xml.ws/jboss-jaxws-api_2.3_spec@2.0.0.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.spec.javax.websocket.jboss-websocket-api_1.1_spec-2.0.0.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.spec.javax.websocket.jboss-websocket-api_1.1_spec-2.0.0.Final-redhat-00001.jar",
"product_id": "org.jboss.spec.javax.websocket.jboss-websocket-api_1.1_spec-2.0.0.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.spec.javax.websocket/jboss-websocket-api_1.1_spec@2.0.0.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.spec.javax.websocket.jboss-websocket-api_1.1_spec-2.0.0.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.spec.javax.websocket.jboss-websocket-api_1.1_spec-2.0.0.Final-redhat-00001.pom",
"product_id": "org.jboss.spec.javax.websocket.jboss-websocket-api_1.1_spec-2.0.0.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.spec.javax.websocket/jboss-websocket-api_1.1_spec@2.0.0.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "jakarta.persistence.jakarta.persistence-api-2.2.3.redhat-00001.jar",
"product": {
"name": "jakarta.persistence.jakarta.persistence-api-2.2.3.redhat-00001.jar",
"product_id": "jakarta.persistence.jakarta.persistence-api-2.2.3.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/jakarta.persistence/jakarta.persistence-api@2.2.3.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "jakarta.persistence.jakarta.persistence-api-2.2.3.redhat-00001.pom",
"product": {
"name": "jakarta.persistence.jakarta.persistence-api-2.2.3.redhat-00001.pom",
"product_id": "jakarta.persistence.jakarta.persistence-api-2.2.3.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/jakarta.persistence/jakarta.persistence-api@2.2.3.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "jakarta.validation.jakarta.validation-api-2.0.2.redhat-00001.pom",
"product": {
"name": "jakarta.validation.jakarta.validation-api-2.0.2.redhat-00001.pom",
"product_id": "jakarta.validation.jakarta.validation-api-2.0.2.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/jakarta.validation/jakarta.validation-api@2.0.2.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "jakarta.validation.jakarta.validation-api-2.0.2.redhat-00001.jar",
"product": {
"name": "jakarta.validation.jakarta.validation-api-2.0.2.redhat-00001.jar",
"product_id": "jakarta.validation.jakarta.validation-api-2.0.2.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/jakarta.validation/jakarta.validation-api@2.0.2.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.spec.javax.ejb.jboss-ejb-api_3.2_spec-2.0.0.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.spec.javax.ejb.jboss-ejb-api_3.2_spec-2.0.0.Final-redhat-00001.pom",
"product_id": "org.jboss.spec.javax.ejb.jboss-ejb-api_3.2_spec-2.0.0.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.spec.javax.ejb/jboss-ejb-api_3.2_spec@2.0.0.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.spec.javax.ejb.jboss-ejb-api_3.2_spec-2.0.0.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.spec.javax.ejb.jboss-ejb-api_3.2_spec-2.0.0.Final-redhat-00001.jar",
"product_id": "org.jboss.spec.javax.ejb.jboss-ejb-api_3.2_spec-2.0.0.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.spec.javax.ejb/jboss-ejb-api_3.2_spec@2.0.0.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.spec.javax.batch.jboss-batch-api_1.0_spec-2.0.0.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.spec.javax.batch.jboss-batch-api_1.0_spec-2.0.0.Final-redhat-00001.pom",
"product_id": "org.jboss.spec.javax.batch.jboss-batch-api_1.0_spec-2.0.0.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.spec.javax.batch/jboss-batch-api_1.0_spec@2.0.0.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.spec.javax.batch.jboss-batch-api_1.0_spec-2.0.0.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.spec.javax.batch.jboss-batch-api_1.0_spec-2.0.0.Final-redhat-00001.jar",
"product_id": "org.jboss.spec.javax.batch.jboss-batch-api_1.0_spec-2.0.0.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.spec.javax.batch/jboss-batch-api_1.0_spec@2.0.0.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.spec.javax.el.jboss-el-api_3.0_spec-2.0.0.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.spec.javax.el.jboss-el-api_3.0_spec-2.0.0.Final-redhat-00001.pom",
"product_id": "org.jboss.spec.javax.el.jboss-el-api_3.0_spec-2.0.0.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.spec.javax.el/jboss-el-api_3.0_spec@2.0.0.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.spec.javax.el.jboss-el-api_3.0_spec-2.0.0.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.spec.javax.el.jboss-el-api_3.0_spec-2.0.0.Final-redhat-00001.jar",
"product_id": "org.jboss.spec.javax.el.jboss-el-api_3.0_spec-2.0.0.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.spec.javax.el/jboss-el-api_3.0_spec@2.0.0.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.spec.javax.enterprise.concurrent.jboss-concurrency-api_1.0_spec-2.0.0.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.spec.javax.enterprise.concurrent.jboss-concurrency-api_1.0_spec-2.0.0.Final-redhat-00001.jar",
"product_id": "org.jboss.spec.javax.enterprise.concurrent.jboss-concurrency-api_1.0_spec-2.0.0.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.spec.javax.enterprise.concurrent/jboss-concurrency-api_1.0_spec@2.0.0.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.spec.javax.enterprise.concurrent.jboss-concurrency-api_1.0_spec-2.0.0.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.spec.javax.enterprise.concurrent.jboss-concurrency-api_1.0_spec-2.0.0.Final-redhat-00001.pom",
"product_id": "org.jboss.spec.javax.enterprise.concurrent.jboss-concurrency-api_1.0_spec-2.0.0.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.spec.javax.enterprise.concurrent/jboss-concurrency-api_1.0_spec@2.0.0.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.spec.javax.xml.rpc.jboss-jaxrpc-api_1.1_spec-2.0.0.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.spec.javax.xml.rpc.jboss-jaxrpc-api_1.1_spec-2.0.0.Final-redhat-00001.jar",
"product_id": "org.jboss.spec.javax.xml.rpc.jboss-jaxrpc-api_1.1_spec-2.0.0.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.spec.javax.xml.rpc/jboss-jaxrpc-api_1.1_spec@2.0.0.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.spec.javax.xml.rpc.jboss-jaxrpc-api_1.1_spec-2.0.0.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.spec.javax.xml.rpc.jboss-jaxrpc-api_1.1_spec-2.0.0.Final-redhat-00001.pom",
"product_id": "org.jboss.spec.javax.xml.rpc.jboss-jaxrpc-api_1.1_spec-2.0.0.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.spec.javax.xml.rpc/jboss-jaxrpc-api_1.1_spec@2.0.0.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.spec.javax.servlet.jsp.jboss-jsp-api_2.3_spec-2.0.0.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.spec.javax.servlet.jsp.jboss-jsp-api_2.3_spec-2.0.0.Final-redhat-00001.pom",
"product_id": "org.jboss.spec.javax.servlet.jsp.jboss-jsp-api_2.3_spec-2.0.0.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.spec.javax.servlet.jsp/jboss-jsp-api_2.3_spec@2.0.0.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.spec.javax.servlet.jsp.jboss-jsp-api_2.3_spec-2.0.0.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.spec.javax.servlet.jsp.jboss-jsp-api_2.3_spec-2.0.0.Final-redhat-00001.jar",
"product_id": "org.jboss.spec.javax.servlet.jsp.jboss-jsp-api_2.3_spec-2.0.0.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.spec.javax.servlet.jsp/jboss-jsp-api_2.3_spec@2.0.0.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.spec.javax.resource.jboss-connector-api_1.7_spec-2.0.0.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.spec.javax.resource.jboss-connector-api_1.7_spec-2.0.0.Final-redhat-00001.jar",
"product_id": "org.jboss.spec.javax.resource.jboss-connector-api_1.7_spec-2.0.0.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.spec.javax.resource/jboss-connector-api_1.7_spec@2.0.0.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.spec.javax.resource.jboss-connector-api_1.7_spec-2.0.0.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.spec.javax.resource.jboss-connector-api_1.7_spec-2.0.0.Final-redhat-00001.pom",
"product_id": "org.jboss.spec.javax.resource.jboss-connector-api_1.7_spec-2.0.0.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.spec.javax.resource/jboss-connector-api_1.7_spec@2.0.0.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.spec.javax.management.j2ee.jboss-j2eemgmt-api_1.1_spec-2.0.0.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.spec.javax.management.j2ee.jboss-j2eemgmt-api_1.1_spec-2.0.0.Final-redhat-00001.jar",
"product_id": "org.jboss.spec.javax.management.j2ee.jboss-j2eemgmt-api_1.1_spec-2.0.0.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.spec.javax.management.j2ee/jboss-j2eemgmt-api_1.1_spec@2.0.0.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.spec.javax.management.j2ee.jboss-j2eemgmt-api_1.1_spec-2.0.0.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.spec.javax.management.j2ee.jboss-j2eemgmt-api_1.1_spec-2.0.0.Final-redhat-00001.pom",
"product_id": "org.jboss.spec.javax.management.j2ee.jboss-j2eemgmt-api_1.1_spec-2.0.0.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.spec.javax.management.j2ee/jboss-j2eemgmt-api_1.1_spec@2.0.0.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.spec.javax.jms.jboss-jms-api_2.0_spec-2.0.0.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.spec.javax.jms.jboss-jms-api_2.0_spec-2.0.0.Final-redhat-00001.pom",
"product_id": "org.jboss.spec.javax.jms.jboss-jms-api_2.0_spec-2.0.0.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.spec.javax.jms/jboss-jms-api_2.0_spec@2.0.0.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.spec.javax.jms.jboss-jms-api_2.0_spec-2.0.0.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.spec.javax.jms.jboss-jms-api_2.0_spec-2.0.0.Final-redhat-00001.jar",
"product_id": "org.jboss.spec.javax.jms.jboss-jms-api_2.0_spec-2.0.0.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.spec.javax.jms/jboss-jms-api_2.0_spec@2.0.0.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.spec.javax.annotation.jboss-annotations-api_1.3_spec-2.0.1.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.spec.javax.annotation.jboss-annotations-api_1.3_spec-2.0.1.Final-redhat-00001.pom",
"product_id": "org.jboss.spec.javax.annotation.jboss-annotations-api_1.3_spec-2.0.1.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.spec.javax.annotation/jboss-annotations-api_1.3_spec@2.0.1.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.spec.javax.annotation.jboss-annotations-api_1.3_spec-2.0.1.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.spec.javax.annotation.jboss-annotations-api_1.3_spec-2.0.1.Final-redhat-00001.jar",
"product_id": "org.jboss.spec.javax.annotation.jboss-annotations-api_1.3_spec-2.0.1.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.spec.javax.annotation/jboss-annotations-api_1.3_spec@2.0.1.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.spec.javax.servlet.jboss-servlet-api_4.0_spec-2.0.0.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.spec.javax.servlet.jboss-servlet-api_4.0_spec-2.0.0.Final-redhat-00001.jar",
"product_id": "org.jboss.spec.javax.servlet.jboss-servlet-api_4.0_spec-2.0.0.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.spec.javax.servlet/jboss-servlet-api_4.0_spec@2.0.0.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.spec.javax.servlet.jboss-servlet-api_4.0_spec-2.0.0.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.spec.javax.servlet.jboss-servlet-api_4.0_spec-2.0.0.Final-redhat-00001.pom",
"product_id": "org.jboss.spec.javax.servlet.jboss-servlet-api_4.0_spec-2.0.0.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.spec.javax.servlet/jboss-servlet-api_4.0_spec@2.0.0.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "com.sun.xml.messaging.saaj.saaj-impl-1.4.1.SP1-redhat-00001.pom",
"product": {
"name": "com.sun.xml.messaging.saaj.saaj-impl-1.4.1.SP1-redhat-00001.pom",
"product_id": "com.sun.xml.messaging.saaj.saaj-impl-1.4.1.SP1-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/com.sun.xml.messaging.saaj/saaj-impl@1.4.1.SP1-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "com.sun.xml.messaging.saaj.saaj-impl-1.4.1.SP1-redhat-00001.jar",
"product": {
"name": "com.sun.xml.messaging.saaj.saaj-impl-1.4.1.SP1-redhat-00001.jar",
"product_id": "com.sun.xml.messaging.saaj.saaj-impl-1.4.1.SP1-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/com.sun.xml.messaging.saaj/saaj-impl@1.4.1.SP1-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.spec.javax.interceptor.jboss-interceptors-api_1.2_spec-2.0.0.Final-redhat-00002.pom",
"product": {
"name": "org.jboss.spec.javax.interceptor.jboss-interceptors-api_1.2_spec-2.0.0.Final-redhat-00002.pom",
"product_id": "org.jboss.spec.javax.interceptor.jboss-interceptors-api_1.2_spec-2.0.0.Final-redhat-00002.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.spec.javax.interceptor/jboss-interceptors-api_1.2_spec@2.0.0.Final-redhat-00002?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.spec.javax.interceptor.jboss-interceptors-api_1.2_spec-2.0.0.Final-redhat-00002.jar",
"product": {
"name": "org.jboss.spec.javax.interceptor.jboss-interceptors-api_1.2_spec-2.0.0.Final-redhat-00002.jar",
"product_id": "org.jboss.spec.javax.interceptor.jboss-interceptors-api_1.2_spec-2.0.0.Final-redhat-00002.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.spec.javax.interceptor/jboss-interceptors-api_1.2_spec@2.0.0.Final-redhat-00002?type=jar"
}
}
},
{
"category": "product_version",
"name": "jakarta.json.bind.jakarta.json.bind-api-1.0.2.redhat-00001.jar",
"product": {
"name": "jakarta.json.bind.jakarta.json.bind-api-1.0.2.redhat-00001.jar",
"product_id": "jakarta.json.bind.jakarta.json.bind-api-1.0.2.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/jakarta.json.bind/jakarta.json.bind-api@1.0.2.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "jakarta.json.bind.jakarta.json.bind-api-1.0.2.redhat-00001.pom",
"product": {
"name": "jakarta.json.bind.jakarta.json.bind-api-1.0.2.redhat-00001.pom",
"product_id": "jakarta.json.bind.jakarta.json.bind-api-1.0.2.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/jakarta.json.bind/jakarta.json.bind-api@1.0.2.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "jakarta.enterprise.jakarta.enterprise.cdi-api-2.0.2.redhat-00002.jar",
"product": {
"name": "jakarta.enterprise.jakarta.enterprise.cdi-api-2.0.2.redhat-00002.jar",
"product_id": "jakarta.enterprise.jakarta.enterprise.cdi-api-2.0.2.redhat-00002.jar",
"product_identification_helper": {
"purl": "pkg:maven/jakarta.enterprise/jakarta.enterprise.cdi-api@2.0.2.redhat-00002?type=jar"
}
}
},
{
"category": "product_version",
"name": "jakarta.enterprise.jakarta.enterprise.cdi-api-2.0.2.redhat-00002.pom",
"product": {
"name": "jakarta.enterprise.jakarta.enterprise.cdi-api-2.0.2.redhat-00002.pom",
"product_id": "jakarta.enterprise.jakarta.enterprise.cdi-api-2.0.2.redhat-00002.pom",
"product_identification_helper": {
"purl": "pkg:maven/jakarta.enterprise/jakarta.enterprise.cdi-api@2.0.2.redhat-00002?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.spec.javax.ws.rs.jboss-jaxrs-api_2.1_spec-2.0.1.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.spec.javax.ws.rs.jboss-jaxrs-api_2.1_spec-2.0.1.Final-redhat-00001.jar",
"product_id": "org.jboss.spec.javax.ws.rs.jboss-jaxrs-api_2.1_spec-2.0.1.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.spec.javax.ws.rs/jboss-jaxrs-api_2.1_spec@2.0.1.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.spec.javax.ws.rs.jboss-jaxrs-api_2.1_spec-2.0.1.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.spec.javax.ws.rs.jboss-jaxrs-api_2.1_spec-2.0.1.Final-redhat-00001.pom",
"product_id": "org.jboss.spec.javax.ws.rs.jboss-jaxrs-api_2.1_spec-2.0.1.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.spec.javax.ws.rs/jboss-jaxrs-api_2.1_spec@2.0.1.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "commons-beanutils.commons-beanutils-1.9.4.redhat-00002.pom",
"product": {
"name": "commons-beanutils.commons-beanutils-1.9.4.redhat-00002.pom",
"product_id": "commons-beanutils.commons-beanutils-1.9.4.redhat-00002.pom",
"product_identification_helper": {
"purl": "pkg:maven/commons-beanutils/commons-beanutils@1.9.4.redhat-00002?type=pom"
}
}
},
{
"category": "product_version",
"name": "commons-beanutils.commons-beanutils-1.9.4.redhat-00002.jar",
"product": {
"name": "commons-beanutils.commons-beanutils-1.9.4.redhat-00002.jar",
"product_id": "commons-beanutils.commons-beanutils-1.9.4.redhat-00002.jar",
"product_identification_helper": {
"purl": "pkg:maven/commons-beanutils/commons-beanutils@1.9.4.redhat-00002?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.codehaus.jettison.jettison-1.4.0.redhat-00001.jar",
"product": {
"name": "org.codehaus.jettison.jettison-1.4.0.redhat-00001.jar",
"product_id": "org.codehaus.jettison.jettison-1.4.0.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.codehaus.jettison/jettison@1.4.0.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.codehaus.jettison.jettison-1.4.0.redhat-00001.pom",
"product": {
"name": "org.codehaus.jettison.jettison-1.4.0.redhat-00001.pom",
"product_id": "org.codehaus.jettison.jettison-1.4.0.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.codehaus.jettison/jettison@1.4.0.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "com.github.fge.json-patch-1.9.0.redhat-00002.jar",
"product": {
"name": "com.github.fge.json-patch-1.9.0.redhat-00002.jar",
"product_id": "com.github.fge.json-patch-1.9.0.redhat-00002.jar",
"product_identification_helper": {
"purl": "pkg:maven/com.github.fge/json-patch@1.9.0.redhat-00002?type=jar"
}
}
},
{
"category": "product_version",
"name": "com.fasterxml.woodstox.woodstox-core-6.0.3.redhat-00001.jar",
"product": {
"name": "com.fasterxml.woodstox.woodstox-core-6.0.3.redhat-00001.jar",
"product_id": "com.fasterxml.woodstox.woodstox-core-6.0.3.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/com.fasterxml.woodstox/woodstox-core@6.0.3.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "com.sun.istack.istack-commons-runtime-3.0.10.redhat-00001.pom",
"product": {
"name": "com.sun.istack.istack-commons-runtime-3.0.10.redhat-00001.pom",
"product_id": "com.sun.istack.istack-commons-runtime-3.0.10.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/com.sun.istack/istack-commons-runtime@3.0.10.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "com.sun.istack.istack-commons-runtime-3.0.10.redhat-00001.jar",
"product": {
"name": "com.sun.istack.istack-commons-runtime-3.0.10.redhat-00001.jar",
"product_id": "com.sun.istack.istack-commons-runtime-3.0.10.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/com.sun.istack/istack-commons-runtime@3.0.10.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "com.sun.istack.istack-commons-tools-3.0.10.redhat-00001.pom",
"product": {
"name": "com.sun.istack.istack-commons-tools-3.0.10.redhat-00001.pom",
"product_id": "com.sun.istack.istack-commons-tools-3.0.10.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/com.sun.istack/istack-commons-tools@3.0.10.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "com.sun.istack.istack-commons-tools-3.0.10.redhat-00001.jar",
"product": {
"name": "com.sun.istack.istack-commons-tools-3.0.10.redhat-00001.jar",
"product_id": "com.sun.istack.istack-commons-tools-3.0.10.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/com.sun.istack/istack-commons-tools@3.0.10.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.glassfish.jaxb.jaxb-runtime-2.3.3.b02-redhat-00001.jar",
"product": {
"name": "org.glassfish.jaxb.jaxb-runtime-2.3.3.b02-redhat-00001.jar",
"product_id": "org.glassfish.jaxb.jaxb-runtime-2.3.3.b02-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.glassfish.jaxb/jaxb-runtime@2.3.3.b02-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.glassfish.jaxb.xsom-2.3.3.b02-redhat-00001.pom",
"product": {
"name": "org.glassfish.jaxb.xsom-2.3.3.b02-redhat-00001.pom",
"product_id": "org.glassfish.jaxb.xsom-2.3.3.b02-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.glassfish.jaxb/xsom@2.3.3.b02-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.glassfish.jaxb.jaxb-jxc-2.3.3.b02-redhat-00001.pom",
"product": {
"name": "org.glassfish.jaxb.jaxb-jxc-2.3.3.b02-redhat-00001.pom",
"product_id": "org.glassfish.jaxb.jaxb-jxc-2.3.3.b02-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.glassfish.jaxb/jaxb-jxc@2.3.3.b02-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.glassfish.jaxb.jaxb-jxc-2.3.3.b02-redhat-00001.jar",
"product": {
"name": "org.glassfish.jaxb.jaxb-jxc-2.3.3.b02-redhat-00001.jar",
"product_id": "org.glassfish.jaxb.jaxb-jxc-2.3.3.b02-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.glassfish.jaxb/jaxb-jxc@2.3.3.b02-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "com.sun.xml.bind.external.relaxng-datatype-2.3.3.b02-redhat-00001.jar",
"product": {
"name": "com.sun.xml.bind.external.relaxng-datatype-2.3.3.b02-redhat-00001.jar",
"product_id": "com.sun.xml.bind.external.relaxng-datatype-2.3.3.b02-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/com.sun.xml.bind.external/relaxng-datatype@2.3.3.b02-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "com.sun.xml.bind.external.rngom-2.3.3.b02-redhat-00001.pom",
"product": {
"name": "com.sun.xml.bind.external.rngom-2.3.3.b02-redhat-00001.pom",
"product_id": "com.sun.xml.bind.external.rngom-2.3.3.b02-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/com.sun.xml.bind.external/rngom@2.3.3.b02-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "com.sun.xml.bind.external.rngom-2.3.3.b02-redhat-00001.jar",
"product": {
"name": "com.sun.xml.bind.external.rngom-2.3.3.b02-redhat-00001.jar",
"product_id": "com.sun.xml.bind.external.rngom-2.3.3.b02-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/com.sun.xml.bind.external/rngom@2.3.3.b02-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.glassfish.jaxb.txw2-2.3.3.b02-redhat-00001.jar",
"product": {
"name": "org.glassfish.jaxb.txw2-2.3.3.b02-redhat-00001.jar",
"product_id": "org.glassfish.jaxb.txw2-2.3.3.b02-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.glassfish.jaxb/txw2@2.3.3.b02-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "com.sun.xml.bind.external.relaxng-datatype-2.3.3.b02-redhat-00001.pom",
"product": {
"name": "com.sun.xml.bind.external.relaxng-datatype-2.3.3.b02-redhat-00001.pom",
"product_id": "com.sun.xml.bind.external.relaxng-datatype-2.3.3.b02-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/com.sun.xml.bind.external/relaxng-datatype@2.3.3.b02-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.glassfish.jaxb.jaxb-xjc-2.3.3.b02-redhat-00001.pom",
"product": {
"name": "org.glassfish.jaxb.jaxb-xjc-2.3.3.b02-redhat-00001.pom",
"product_id": "org.glassfish.jaxb.jaxb-xjc-2.3.3.b02-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.glassfish.jaxb/jaxb-xjc@2.3.3.b02-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.glassfish.jaxb.codemodel-2.3.3.b02-redhat-00001.pom",
"product": {
"name": "org.glassfish.jaxb.codemodel-2.3.3.b02-redhat-00001.pom",
"product_id": "org.glassfish.jaxb.codemodel-2.3.3.b02-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.glassfish.jaxb/codemodel@2.3.3.b02-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.glassfish.jaxb.txw2-2.3.3.b02-redhat-00001.pom",
"product": {
"name": "org.glassfish.jaxb.txw2-2.3.3.b02-redhat-00001.pom",
"product_id": "org.glassfish.jaxb.txw2-2.3.3.b02-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.glassfish.jaxb/txw2@2.3.3.b02-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.glassfish.jaxb.xsom-2.3.3.b02-redhat-00001.jar",
"product": {
"name": "org.glassfish.jaxb.xsom-2.3.3.b02-redhat-00001.jar",
"product_id": "org.glassfish.jaxb.xsom-2.3.3.b02-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.glassfish.jaxb/xsom@2.3.3.b02-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.glassfish.jaxb.codemodel-2.3.3.b02-redhat-00001.jar",
"product": {
"name": "org.glassfish.jaxb.codemodel-2.3.3.b02-redhat-00001.jar",
"product_id": "org.glassfish.jaxb.codemodel-2.3.3.b02-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.glassfish.jaxb/codemodel@2.3.3.b02-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.glassfish.jaxb.jaxb-xjc-2.3.3.b02-redhat-00001.jar",
"product": {
"name": "org.glassfish.jaxb.jaxb-xjc-2.3.3.b02-redhat-00001.jar",
"product_id": "org.glassfish.jaxb.jaxb-xjc-2.3.3.b02-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.glassfish.jaxb/jaxb-xjc@2.3.3.b02-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.glassfish.jaxb.jaxb-runtime-2.3.3.b02-redhat-00001.pom",
"product": {
"name": "org.glassfish.jaxb.jaxb-runtime-2.3.3.b02-redhat-00001.pom",
"product_id": "org.glassfish.jaxb.jaxb-runtime-2.3.3.b02-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.glassfish.jaxb/jaxb-runtime@2.3.3.b02-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.glassfish.jakarta.enterprise.concurrent-1.1.1.redhat-00001.jar",
"product": {
"name": "org.glassfish.jakarta.enterprise.concurrent-1.1.1.redhat-00001.jar",
"product_id": "org.glassfish.jakarta.enterprise.concurrent-1.1.1.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.glassfish/jakarta.enterprise.concurrent@1.1.1.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.glassfish.jakarta.enterprise.concurrent-1.1.1.redhat-00001.pom",
"product": {
"name": "org.glassfish.jakarta.enterprise.concurrent-1.1.1.redhat-00001.pom",
"product_id": "org.glassfish.jakarta.enterprise.concurrent-1.1.1.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.glassfish/jakarta.enterprise.concurrent@1.1.1.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "com.github.spullara.mustache.java.compiler-0.9.6.redhat-00001.jar",
"product": {
"name": "com.github.spullara.mustache.java.compiler-0.9.6.redhat-00001.jar",
"product_id": "com.github.spullara.mustache.java.compiler-0.9.6.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/com.github.spullara.mustache.java/compiler@0.9.6.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "com.github.spullara.mustache.java.compiler-0.9.6.redhat-00001.pom",
"product": {
"name": "com.github.spullara.mustache.java.compiler-0.9.6.redhat-00001.pom",
"product_id": "com.github.spullara.mustache.java.compiler-0.9.6.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/com.github.spullara.mustache.java/compiler@0.9.6.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.xnio.netty.netty-xnio-transport-0.1.9.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.xnio.netty.netty-xnio-transport-0.1.9.Final-redhat-00001.jar",
"product_id": "org.jboss.xnio.netty.netty-xnio-transport-0.1.9.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.xnio.netty/netty-xnio-transport@0.1.9.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.xnio.netty.netty-xnio-transport-0.1.9.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.xnio.netty.netty-xnio-transport-0.1.9.Final-redhat-00001.pom",
"product_id": "org.jboss.xnio.netty.netty-xnio-transport-0.1.9.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.xnio.netty/netty-xnio-transport@0.1.9.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.httpcomponents.httpcore-4.4.13.redhat-00001.pom",
"product": {
"name": "org.apache.httpcomponents.httpcore-4.4.13.redhat-00001.pom",
"product_id": "org.apache.httpcomponents.httpcore-4.4.13.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.httpcomponents/httpcore@4.4.13.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.spec.javax.transaction.jboss-transaction-api_1.3_spec-2.0.0.Final-redhat-00005.jar",
"product": {
"name": "org.jboss.spec.javax.transaction.jboss-transaction-api_1.3_spec-2.0.0.Final-redhat-00005.jar",
"product_id": "org.jboss.spec.javax.transaction.jboss-transaction-api_1.3_spec-2.0.0.Final-redhat-00005.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.spec.javax.transaction/jboss-transaction-api_1.3_spec@2.0.0.Final-redhat-00005?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.spec.javax.transaction.jboss-transaction-api_1.3_spec-2.0.0.Final-redhat-00005.pom",
"product": {
"name": "org.jboss.spec.javax.transaction.jboss-transaction-api_1.3_spec-2.0.0.Final-redhat-00005.pom",
"product_id": "org.jboss.spec.javax.transaction.jboss-transaction-api_1.3_spec-2.0.0.Final-redhat-00005.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.spec.javax.transaction/jboss-transaction-api_1.3_spec@2.0.0.Final-redhat-00005?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.spec.javax.xml.soap.jboss-saaj-api_1.4_spec-1.0.2.Final-redhat-00002.jar",
"product": {
"name": "org.jboss.spec.javax.xml.soap.jboss-saaj-api_1.4_spec-1.0.2.Final-redhat-00002.jar",
"product_id": "org.jboss.spec.javax.xml.soap.jboss-saaj-api_1.4_spec-1.0.2.Final-redhat-00002.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.spec.javax.xml.soap/jboss-saaj-api_1.4_spec@1.0.2.Final-redhat-00002?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.spec.javax.xml.soap.jboss-saaj-api_1.4_spec-1.0.2.Final-redhat-00002.pom",
"product": {
"name": "org.jboss.spec.javax.xml.soap.jboss-saaj-api_1.4_spec-1.0.2.Final-redhat-00002.pom",
"product_id": "org.jboss.spec.javax.xml.soap.jboss-saaj-api_1.4_spec-1.0.2.Final-redhat-00002.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.spec.javax.xml.soap/jboss-saaj-api_1.4_spec@1.0.2.Final-redhat-00002?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.glassfish.soteria.jakarta.security.enterprise-1.0.1.redhat-00002.pom",
"product": {
"name": "org.glassfish.soteria.jakarta.security.enterprise-1.0.1.redhat-00002.pom",
"product_id": "org.glassfish.soteria.jakarta.security.enterprise-1.0.1.redhat-00002.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.glassfish.soteria/jakarta.security.enterprise@1.0.1.redhat-00002?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.glassfish.soteria.jakarta.security.enterprise-1.0.1.redhat-00002.jar",
"product": {
"name": "org.glassfish.soteria.jakarta.security.enterprise-1.0.1.redhat-00002.jar",
"product_id": "org.glassfish.soteria.jakarta.security.enterprise-1.0.1.redhat-00002.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.glassfish.soteria/jakarta.security.enterprise@1.0.1.redhat-00002?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.codehaus.jackson.jackson-xc-1.9.13.redhat-00007.jar",
"product": {
"name": "org.codehaus.jackson.jackson-xc-1.9.13.redhat-00007.jar",
"product_id": "org.codehaus.jackson.jackson-xc-1.9.13.redhat-00007.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.codehaus.jackson/jackson-xc@1.9.13.redhat-00007?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.codehaus.jackson.jackson-jaxrs-1.9.13.redhat-00007.jar",
"product": {
"name": "org.codehaus.jackson.jackson-jaxrs-1.9.13.redhat-00007.jar",
"product_id": "org.codehaus.jackson.jackson-jaxrs-1.9.13.redhat-00007.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.codehaus.jackson/jackson-jaxrs@1.9.13.redhat-00007?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.codehaus.jackson.jackson-core-asl-1.9.13.redhat-00007.jar",
"product": {
"name": "org.codehaus.jackson.jackson-core-asl-1.9.13.redhat-00007.jar",
"product_id": "org.codehaus.jackson.jackson-core-asl-1.9.13.redhat-00007.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.codehaus.jackson/jackson-core-asl@1.9.13.redhat-00007?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.codehaus.jackson.jackson-mapper-asl-1.9.13.redhat-00007.jar",
"product": {
"name": "org.codehaus.jackson.jackson-mapper-asl-1.9.13.redhat-00007.jar",
"product_id": "org.codehaus.jackson.jackson-mapper-asl-1.9.13.redhat-00007.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.9.13.redhat-00007?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.remotingjmx.remoting-jmx-3.0.4.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.remotingjmx.remoting-jmx-3.0.4.Final-redhat-00001.jar",
"product_id": "org.jboss.remotingjmx.remoting-jmx-3.0.4.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.remotingjmx/remoting-jmx@3.0.4.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.remotingjmx.remoting-jmx-3.0.4.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.remotingjmx.remoting-jmx-3.0.4.Final-redhat-00001.pom",
"product_id": "org.jboss.remotingjmx.remoting-jmx-3.0.4.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.remotingjmx/remoting-jmx@3.0.4.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.cryptacular.cryptacular-1.2.4.redhat-00001.pom",
"product": {
"name": "org.cryptacular.cryptacular-1.2.4.redhat-00001.pom",
"product_id": "org.cryptacular.cryptacular-1.2.4.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.cryptacular/cryptacular@1.2.4.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.cryptacular.cryptacular-1.2.4.redhat-00001.jar",
"product": {
"name": "org.cryptacular.cryptacular-1.2.4.redhat-00001.jar",
"product_id": "org.cryptacular.cryptacular-1.2.4.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.cryptacular/cryptacular@1.2.4.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.opensaml.opensaml-profile-api-3.3.1.redhat-00002.pom",
"product": {
"name": "org.opensaml.opensaml-profile-api-3.3.1.redhat-00002.pom",
"product_id": "org.opensaml.opensaml-profile-api-3.3.1.redhat-00002.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.opensaml/opensaml-profile-api@3.3.1.redhat-00002?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.opensaml.opensaml-xacml-api-3.3.1.redhat-00002.pom",
"product": {
"name": "org.opensaml.opensaml-xacml-api-3.3.1.redhat-00002.pom",
"product_id": "org.opensaml.opensaml-xacml-api-3.3.1.redhat-00002.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.opensaml/opensaml-xacml-api@3.3.1.redhat-00002?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.opensaml.opensaml-xmlsec-api-3.3.1.redhat-00002.pom",
"product": {
"name": "org.opensaml.opensaml-xmlsec-api-3.3.1.redhat-00002.pom",
"product_id": "org.opensaml.opensaml-xmlsec-api-3.3.1.redhat-00002.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.opensaml/opensaml-xmlsec-api@3.3.1.redhat-00002?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.opensaml.opensaml-xacml-saml-impl-3.3.1.redhat-00002.jar",
"product": {
"name": "org.opensaml.opensaml-xacml-saml-impl-3.3.1.redhat-00002.jar",
"product_id": "org.opensaml.opensaml-xacml-saml-impl-3.3.1.redhat-00002.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.opensaml/opensaml-xacml-saml-impl@3.3.1.redhat-00002?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.opensaml.opensaml-saml-impl-3.3.1.redhat-00002.pom",
"product": {
"name": "org.opensaml.opensaml-saml-impl-3.3.1.redhat-00002.pom",
"product_id": "org.opensaml.opensaml-saml-impl-3.3.1.redhat-00002.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.opensaml/opensaml-saml-impl@3.3.1.redhat-00002?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.opensaml.opensaml-xacml-api-3.3.1.redhat-00002.jar",
"product": {
"name": "org.opensaml.opensaml-xacml-api-3.3.1.redhat-00002.jar",
"product_id": "org.opensaml.opensaml-xacml-api-3.3.1.redhat-00002.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.opensaml/opensaml-xacml-api@3.3.1.redhat-00002?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.opensaml.opensaml-xacml-impl-3.3.1.redhat-00002.pom",
"product": {
"name": "org.opensaml.opensaml-xacml-impl-3.3.1.redhat-00002.pom",
"product_id": "org.opensaml.opensaml-xacml-impl-3.3.1.redhat-00002.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.opensaml/opensaml-xacml-impl@3.3.1.redhat-00002?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.opensaml.opensaml-xmlsec-impl-3.3.1.redhat-00002.jar",
"product": {
"name": "org.opensaml.opensaml-xmlsec-impl-3.3.1.redhat-00002.jar",
"product_id": "org.opensaml.opensaml-xmlsec-impl-3.3.1.redhat-00002.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.opensaml/opensaml-xmlsec-impl@3.3.1.redhat-00002?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.opensaml.opensaml-core-3.3.1.redhat-00002.pom",
"product": {
"name": "org.opensaml.opensaml-core-3.3.1.redhat-00002.pom",
"product_id": "org.opensaml.opensaml-core-3.3.1.redhat-00002.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.opensaml/opensaml-core@3.3.1.redhat-00002?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.opensaml.opensaml-saml-impl-3.3.1.redhat-00002.jar",
"product": {
"name": "org.opensaml.opensaml-saml-impl-3.3.1.redhat-00002.jar",
"product_id": "org.opensaml.opensaml-saml-impl-3.3.1.redhat-00002.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.opensaml/opensaml-saml-impl@3.3.1.redhat-00002?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.opensaml.opensaml-security-impl-3.3.1.redhat-00002.jar",
"product": {
"name": "org.opensaml.opensaml-security-impl-3.3.1.redhat-00002.jar",
"product_id": "org.opensaml.opensaml-security-impl-3.3.1.redhat-00002.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.opensaml/opensaml-security-impl@3.3.1.redhat-00002?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.opensaml.opensaml-security-api-3.3.1.redhat-00002.jar",
"product": {
"name": "org.opensaml.opensaml-security-api-3.3.1.redhat-00002.jar",
"product_id": "org.opensaml.opensaml-security-api-3.3.1.redhat-00002.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.opensaml/opensaml-security-api@3.3.1.redhat-00002?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.opensaml.opensaml-saml-api-3.3.1.redhat-00002.pom",
"product": {
"name": "org.opensaml.opensaml-saml-api-3.3.1.redhat-00002.pom",
"product_id": "org.opensaml.opensaml-saml-api-3.3.1.redhat-00002.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.opensaml/opensaml-saml-api@3.3.1.redhat-00002?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.opensaml.opensaml-soap-api-3.3.1.redhat-00002.pom",
"product": {
"name": "org.opensaml.opensaml-soap-api-3.3.1.redhat-00002.pom",
"product_id": "org.opensaml.opensaml-soap-api-3.3.1.redhat-00002.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.opensaml/opensaml-soap-api@3.3.1.redhat-00002?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.opensaml.opensaml-saml-api-3.3.1.redhat-00002.jar",
"product": {
"name": "org.opensaml.opensaml-saml-api-3.3.1.redhat-00002.jar",
"product_id": "org.opensaml.opensaml-saml-api-3.3.1.redhat-00002.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.opensaml/opensaml-saml-api@3.3.1.redhat-00002?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.opensaml.opensaml-xmlsec-api-3.3.1.redhat-00002.jar",
"product": {
"name": "org.opensaml.opensaml-xmlsec-api-3.3.1.redhat-00002.jar",
"product_id": "org.opensaml.opensaml-xmlsec-api-3.3.1.redhat-00002.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.opensaml/opensaml-xmlsec-api@3.3.1.redhat-00002?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.opensaml.opensaml-profile-api-3.3.1.redhat-00002.jar",
"product": {
"name": "org.opensaml.opensaml-profile-api-3.3.1.redhat-00002.jar",
"product_id": "org.opensaml.opensaml-profile-api-3.3.1.redhat-00002.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.opensaml/opensaml-profile-api@3.3.1.redhat-00002?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.opensaml.opensaml-security-impl-3.3.1.redhat-00002.pom",
"product": {
"name": "org.opensaml.opensaml-security-impl-3.3.1.redhat-00002.pom",
"product_id": "org.opensaml.opensaml-security-impl-3.3.1.redhat-00002.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.opensaml/opensaml-security-impl@3.3.1.redhat-00002?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.opensaml.opensaml-core-3.3.1.redhat-00002.jar",
"product": {
"name": "org.opensaml.opensaml-core-3.3.1.redhat-00002.jar",
"product_id": "org.opensaml.opensaml-core-3.3.1.redhat-00002.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.opensaml/opensaml-core@3.3.1.redhat-00002?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.opensaml.opensaml-xacml-impl-3.3.1.redhat-00002.jar",
"product": {
"name": "org.opensaml.opensaml-xacml-impl-3.3.1.redhat-00002.jar",
"product_id": "org.opensaml.opensaml-xacml-impl-3.3.1.redhat-00002.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.opensaml/opensaml-xacml-impl@3.3.1.redhat-00002?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.opensaml.opensaml-xacml-saml-api-3.3.1.redhat-00002.pom",
"product": {
"name": "org.opensaml.opensaml-xacml-saml-api-3.3.1.redhat-00002.pom",
"product_id": "org.opensaml.opensaml-xacml-saml-api-3.3.1.redhat-00002.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.opensaml/opensaml-xacml-saml-api@3.3.1.redhat-00002?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.opensaml.opensaml-security-api-3.3.1.redhat-00002.pom",
"product": {
"name": "org.opensaml.opensaml-security-api-3.3.1.redhat-00002.pom",
"product_id": "org.opensaml.opensaml-security-api-3.3.1.redhat-00002.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.opensaml/opensaml-security-api@3.3.1.redhat-00002?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.opensaml.opensaml-soap-api-3.3.1.redhat-00002.jar",
"product": {
"name": "org.opensaml.opensaml-soap-api-3.3.1.redhat-00002.jar",
"product_id": "org.opensaml.opensaml-soap-api-3.3.1.redhat-00002.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.opensaml/opensaml-soap-api@3.3.1.redhat-00002?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.opensaml.opensaml-xmlsec-impl-3.3.1.redhat-00002.pom",
"product": {
"name": "org.opensaml.opensaml-xmlsec-impl-3.3.1.redhat-00002.pom",
"product_id": "org.opensaml.opensaml-xmlsec-impl-3.3.1.redhat-00002.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.opensaml/opensaml-xmlsec-impl@3.3.1.redhat-00002?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.opensaml.opensaml-xacml-saml-api-3.3.1.redhat-00002.jar",
"product": {
"name": "org.opensaml.opensaml-xacml-saml-api-3.3.1.redhat-00002.jar",
"product_id": "org.opensaml.opensaml-xacml-saml-api-3.3.1.redhat-00002.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.opensaml/opensaml-xacml-saml-api@3.3.1.redhat-00002?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.opensaml.opensaml-xacml-saml-impl-3.3.1.redhat-00002.pom",
"product": {
"name": "org.opensaml.opensaml-xacml-saml-impl-3.3.1.redhat-00002.pom",
"product_id": "org.opensaml.opensaml-xacml-saml-impl-3.3.1.redhat-00002.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.opensaml/opensaml-xacml-saml-impl@3.3.1.redhat-00002?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.common.wildfly-common-1.5.4.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.common.wildfly-common-1.5.4.Final-redhat-00001.jar",
"product_id": "org.wildfly.common.wildfly-common-1.5.4.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.common/wildfly-common@1.5.4.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.common.wildfly-common-1.5.4.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.common.wildfly-common-1.5.4.Final-redhat-00001.pom",
"product_id": "org.wildfly.common.wildfly-common-1.5.4.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.common/wildfly-common@1.5.4.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.dom4j.dom4j-2.1.3.redhat-00001.jar",
"product": {
"name": "org.dom4j.dom4j-2.1.3.redhat-00001.jar",
"product_id": "org.dom4j.dom4j-2.1.3.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.dom4j/dom4j@2.1.3.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.dom4j.dom4j-2.1.3.redhat-00001.pom",
"product": {
"name": "org.dom4j.dom4j-2.1.3.redhat-00001.pom",
"product_id": "org.dom4j.dom4j-2.1.3.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.dom4j/dom4j@2.1.3.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.jboss-dmr-1.5.1.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.jboss-dmr-1.5.1.Final-redhat-00001.jar",
"product_id": "org.jboss.jboss-dmr-1.5.1.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss/jboss-dmr@1.5.1.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.jboss-dmr-1.5.1.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.jboss-dmr-1.5.1.Final-redhat-00001.pom",
"product_id": "org.jboss.jboss-dmr-1.5.1.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss/jboss-dmr@1.5.1.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.discovery.wildfly-discovery-client-1.2.1.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.discovery.wildfly-discovery-client-1.2.1.Final-redhat-00001.jar",
"product_id": "org.wildfly.discovery.wildfly-discovery-client-1.2.1.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.discovery/wildfly-discovery-client@1.2.1.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.discovery.wildfly-discovery-client-1.2.1.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.discovery.wildfly-discovery-client-1.2.1.Final-redhat-00001.pom",
"product_id": "org.wildfly.discovery.wildfly-discovery-client-1.2.1.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.discovery/wildfly-discovery-client@1.2.1.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "com.sun.mail.jakarta.mail-1.6.5.redhat-00001.pom",
"product": {
"name": "com.sun.mail.jakarta.mail-1.6.5.redhat-00001.pom",
"product_id": "com.sun.mail.jakarta.mail-1.6.5.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/com.sun.mail/jakarta.mail@1.6.5.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "com.sun.mail.jakarta.mail-1.6.5.redhat-00001.jar",
"product": {
"name": "com.sun.mail.jakarta.mail-1.6.5.redhat-00001.jar",
"product_id": "com.sun.mail.jakarta.mail-1.6.5.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/com.sun.mail/jakarta.mail@1.6.5.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "com.fasterxml.classmate-1.5.1.redhat-00001.jar",
"product": {
"name": "com.fasterxml.classmate-1.5.1.redhat-00001.jar",
"product_id": "com.fasterxml.classmate-1.5.1.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/com.fasterxml/classmate@1.5.1.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "com.fasterxml.classmate-1.5.1.redhat-00001.pom",
"product": {
"name": "com.fasterxml.classmate-1.5.1.redhat-00001.pom",
"product_id": "com.fasterxml.classmate-1.5.1.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/com.fasterxml/classmate@1.5.1.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "com.github.fge.jackson-coreutils-1.8.0.redhat-00002.jar",
"product": {
"name": "com.github.fge.jackson-coreutils-1.8.0.redhat-00002.jar",
"product_id": "com.github.fge.jackson-coreutils-1.8.0.redhat-00002.jar",
"product_identification_helper": {
"purl": "pkg:maven/com.github.fge/jackson-coreutils@1.8.0.redhat-00002?type=jar"
}
}
},
{
"category": "product_version",
"name": "com.github.fge.msg-simple-1.1.0.redhat-00007.jar",
"product": {
"name": "com.github.fge.msg-simple-1.1.0.redhat-00007.jar",
"product_id": "com.github.fge.msg-simple-1.1.0.redhat-00007.jar",
"product_identification_helper": {
"purl": "pkg:maven/com.github.fge/msg-simple@1.1.0.redhat-00007?type=jar"
}
}
},
{
"category": "product_version",
"name": "com.github.fge.btf-1.2.0.redhat-00007.jar",
"product": {
"name": "com.github.fge.btf-1.2.0.redhat-00007.jar",
"product_id": "com.github.fge.btf-1.2.0.redhat-00007.jar",
"product_identification_helper": {
"purl": "pkg:maven/com.github.fge/btf@1.2.0.redhat-00007?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.activemq.activemq-artemis-native-1.0.2.redhat-00001.jar",
"product": {
"name": "org.apache.activemq.activemq-artemis-native-1.0.2.redhat-00001.jar",
"product_id": "org.apache.activemq.activemq-artemis-native-1.0.2.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.activemq/activemq-artemis-native@1.0.2.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.activemq.activemq-artemis-native-1.0.2.redhat-00001.pom",
"product": {
"name": "org.apache.activemq.activemq-artemis-native-1.0.2.redhat-00001.pom",
"product_id": "org.apache.activemq.activemq-artemis-native-1.0.2.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.activemq/activemq-artemis-native@1.0.2.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "com.squareup.protoparser-4.0.3.redhat-00001.pom",
"product": {
"name": "com.squareup.protoparser-4.0.3.redhat-00001.pom",
"product_id": "com.squareup.protoparser-4.0.3.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/com.squareup/protoparser@4.0.3.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.reactivestreams.reactive-streams-1.0.3.redhat-00003.jar",
"product": {
"name": "org.reactivestreams.reactive-streams-1.0.3.redhat-00003.jar",
"product_id": "org.reactivestreams.reactive-streams-1.0.3.redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.reactivestreams/reactive-streams@1.0.3.redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "com.googlecode.javaewah.JavaEWAH-1.1.7.redhat-00001.jar",
"product": {
"name": "com.googlecode.javaewah.JavaEWAH-1.1.7.redhat-00001.jar",
"product_id": "com.googlecode.javaewah.JavaEWAH-1.1.7.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/com.googlecode.javaewah/JavaEWAH@1.1.7.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "com.googlecode.javaewah.JavaEWAH-1.1.7.redhat-00001.pom",
"product": {
"name": "com.googlecode.javaewah.JavaEWAH-1.1.7.redhat-00001.pom",
"product_id": "com.googlecode.javaewah.JavaEWAH-1.1.7.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/com.googlecode.javaewah/JavaEWAH@1.1.7.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.codehaus.woodstox.stax2-api-4.2.1.redhat-00001.jar",
"product": {
"name": "org.codehaus.woodstox.stax2-api-4.2.1.redhat-00001.jar",
"product_id": "org.codehaus.woodstox.stax2-api-4.2.1.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.codehaus.woodstox/stax2-api@4.2.1.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.codehaus.woodstox.stax2-api-4.2.1.redhat-00001.pom",
"product": {
"name": "org.codehaus.woodstox.stax2-api-4.2.1.redhat-00001.pom",
"product_id": "org.codehaus.woodstox.stax2-api-4.2.1.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.codehaus.woodstox/stax2-api@4.2.1.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.ws.xmlschema.xmlschema-core-2.2.5.redhat-00001.jar",
"product": {
"name": "org.apache.ws.xmlschema.xmlschema-core-2.2.5.redhat-00001.jar",
"product_id": "org.apache.ws.xmlschema.xmlschema-core-2.2.5.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.ws.xmlschema/xmlschema-core@2.2.5.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.ws.xmlschema.xmlschema-core-2.2.5.redhat-00001.pom",
"product": {
"name": "org.apache.ws.xmlschema.xmlschema-core-2.2.5.redhat-00001.pom",
"product_id": "org.apache.ws.xmlschema.xmlschema-core-2.2.5.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.ws.xmlschema/xmlschema-core@2.2.5.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.threads.jboss-threads-2.4.0.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.threads.jboss-threads-2.4.0.Final-redhat-00001.pom",
"product_id": "org.jboss.threads.jboss-threads-2.4.0.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.threads/jboss-threads@2.4.0.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.threads.jboss-threads-2.4.0.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.threads.jboss-threads-2.4.0.Final-redhat-00001.jar",
"product_id": "org.jboss.threads.jboss-threads-2.4.0.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.threads/jboss-threads@2.4.0.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.weld.weld-spi-3.1.0.SP3-redhat-00001.pom",
"product": {
"name": "org.jboss.weld.weld-spi-3.1.0.SP3-redhat-00001.pom",
"product_id": "org.jboss.weld.weld-spi-3.1.0.SP3-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.weld/weld-spi@3.1.0.SP3-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.weld.weld-api-3.1.0.SP3-redhat-00001.jar",
"product": {
"name": "org.jboss.weld.weld-api-3.1.0.SP3-redhat-00001.jar",
"product_id": "org.jboss.weld.weld-api-3.1.0.SP3-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.weld/weld-api@3.1.0.SP3-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.weld.weld-api-3.1.0.SP3-redhat-00001.pom",
"product": {
"name": "org.jboss.weld.weld-api-3.1.0.SP3-redhat-00001.pom",
"product_id": "org.jboss.weld.weld-api-3.1.0.SP3-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.weld/weld-api@3.1.0.SP3-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.weld.weld-spi-3.1.0.SP3-redhat-00001.jar",
"product": {
"name": "org.jboss.weld.weld-spi-3.1.0.SP3-redhat-00001.jar",
"product_id": "org.jboss.weld.weld-spi-3.1.0.SP3-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.weld/weld-spi@3.1.0.SP3-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "com.google.protobuf.protobuf-java-3.12.2.redhat-00002.pom",
"product": {
"name": "com.google.protobuf.protobuf-java-3.12.2.redhat-00002.pom",
"product_id": "com.google.protobuf.protobuf-java-3.12.2.redhat-00002.pom",
"product_identification_helper": {
"purl": "pkg:maven/com.google.protobuf/protobuf-java@3.12.2.redhat-00002?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.msc.jboss-msc-1.4.12.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.msc.jboss-msc-1.4.12.Final-redhat-00001.jar",
"product_id": "org.jboss.msc.jboss-msc-1.4.12.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.msc/jboss-msc@1.4.12.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.msc.jboss-msc-1.4.12.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.msc.jboss-msc-1.4.12.Final-redhat-00001.pom",
"product_id": "org.jboss.msc.jboss-msc-1.4.12.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.msc/jboss-msc@1.4.12.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jasypt.jasypt-1.9.3.redhat-00002.jar",
"product": {
"name": "org.jasypt.jasypt-1.9.3.redhat-00002.jar",
"product_id": "org.jasypt.jasypt-1.9.3.redhat-00002.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jasypt/jasypt@1.9.3.redhat-00002?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jasypt.jasypt-1.9.3.redhat-00002.pom",
"product": {
"name": "org.jasypt.jasypt-1.9.3.redhat-00002.pom",
"product_id": "org.jasypt.jasypt-1.9.3.redhat-00002.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jasypt/jasypt@1.9.3.redhat-00002?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.ws.jbossws-common-3.3.3.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.ws.jbossws-common-3.3.3.Final-redhat-00001.jar",
"product_id": "org.jboss.ws.jbossws-common-3.3.3.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.ws/jbossws-common@3.3.3.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.ws.jbossws-common-3.3.3.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.ws.jbossws-common-3.3.3.Final-redhat-00001.pom",
"product_id": "org.jboss.ws.jbossws-common-3.3.3.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.ws/jbossws-common@3.3.3.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.javassist.javassist-3.26.0.GA-redhat-00001.pom",
"product": {
"name": "org.javassist.javassist-3.26.0.GA-redhat-00001.pom",
"product_id": "org.javassist.javassist-3.26.0.GA-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.javassist/javassist@3.26.0.GA-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jctools.jctools-core-3.1.0.redhat-00001.pom",
"product": {
"name": "org.jctools.jctools-core-3.1.0.redhat-00001.pom",
"product_id": "org.jctools.jctools-core-3.1.0.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jctools/jctools-core@3.1.0.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.httpcomponents.httpclient-4.5.13.redhat-00001.jar",
"product": {
"name": "org.apache.httpcomponents.httpclient-4.5.13.redhat-00001.jar",
"product_id": "org.apache.httpcomponents.httpclient-4.5.13.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.5.13.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.httpcomponents.httpclient-4.5.13.redhat-00001.pom",
"product": {
"name": "org.apache.httpcomponents.httpclient-4.5.13.redhat-00001.pom",
"product_id": "org.apache.httpcomponents.httpclient-4.5.13.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.5.13.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.httpcomponents.httpmime-4.5.13.redhat-00001.jar",
"product": {
"name": "org.apache.httpcomponents.httpmime-4.5.13.redhat-00001.jar",
"product_id": "org.apache.httpcomponents.httpmime-4.5.13.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.httpcomponents/httpmime@4.5.13.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.httpcomponents.httpmime-4.5.13.redhat-00001.pom",
"product": {
"name": "org.apache.httpcomponents.httpmime-4.5.13.redhat-00001.pom",
"product_id": "org.apache.httpcomponents.httpmime-4.5.13.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.httpcomponents/httpmime@4.5.13.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "com.fasterxml.jackson.core.jackson-annotations-2.11.3.redhat-00001.pom",
"product": {
"name": "com.fasterxml.jackson.core.jackson-annotations-2.11.3.redhat-00001.pom",
"product_id": "com.fasterxml.jackson.core.jackson-annotations-2.11.3.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/com.fasterxml.jackson.core/jackson-annotations@2.11.3.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "com.fasterxml.jackson.core.jackson-core-2.11.3.redhat-00001.pom",
"product": {
"name": "com.fasterxml.jackson.core.jackson-core-2.11.3.redhat-00001.pom",
"product_id": "com.fasterxml.jackson.core.jackson-core-2.11.3.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/com.fasterxml.jackson.core/jackson-core@2.11.3.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "com.fasterxml.jackson.core.jackson-databind-2.11.3.redhat-00001.pom",
"product": {
"name": "com.fasterxml.jackson.core.jackson-databind-2.11.3.redhat-00001.pom",
"product_id": "com.fasterxml.jackson.core.jackson-databind-2.11.3.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.11.3.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "jakarta.inject.jakarta.inject-api-1.0.3.redhat-00001.jar",
"product": {
"name": "jakarta.inject.jakarta.inject-api-1.0.3.redhat-00001.jar",
"product_id": "jakarta.inject.jakarta.inject-api-1.0.3.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/jakarta.inject/jakarta.inject-api@1.0.3.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "jakarta.inject.jakarta.inject-api-1.0.3.redhat-00001.pom",
"product": {
"name": "jakarta.inject.jakarta.inject-api-1.0.3.redhat-00001.pom",
"product_id": "jakarta.inject.jakarta.inject-api-1.0.3.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/jakarta.inject/jakarta.inject-api@1.0.3.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.slf4j.slf4j-jboss-logmanager-1.1.0.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.slf4j.slf4j-jboss-logmanager-1.1.0.Final-redhat-00001.jar",
"product_id": "org.jboss.slf4j.slf4j-jboss-logmanager-1.1.0.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.slf4j/slf4j-jboss-logmanager@1.1.0.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.slf4j.slf4j-jboss-logmanager-1.1.0.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.slf4j.slf4j-jboss-logmanager-1.1.0.Final-redhat-00001.pom",
"product_id": "org.jboss.slf4j.slf4j-jboss-logmanager-1.1.0.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.slf4j/slf4j-jboss-logmanager@1.1.0.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "commons-codec.commons-codec-1.15.0.redhat-00001.jar",
"product": {
"name": "commons-codec.commons-codec-1.15.0.redhat-00001.jar",
"product_id": "commons-codec.commons-codec-1.15.0.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/commons-codec/commons-codec@1.15.0.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "commons-codec.commons-codec-1.15.0.redhat-00001.pom",
"product": {
"name": "commons-codec.commons-codec-1.15.0.redhat-00001.pom",
"product_id": "commons-codec.commons-codec-1.15.0.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/commons-codec/commons-codec@1.15.0.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.ws.jbossws-spi-3.3.1.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.ws.jbossws-spi-3.3.1.Final-redhat-00001.jar",
"product_id": "org.jboss.ws.jbossws-spi-3.3.1.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.ws/jbossws-spi@3.3.1.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.ws.jbossws-spi-3.3.1.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.ws.jbossws-spi-3.3.1.Final-redhat-00001.pom",
"product_id": "org.jboss.ws.jbossws-spi-3.3.1.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.ws/jbossws-spi@3.3.1.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.spec.javax.xml.bind.jboss-jaxb-api_2.3_spec-2.0.1.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.spec.javax.xml.bind.jboss-jaxb-api_2.3_spec-2.0.1.Final-redhat-00001.jar",
"product_id": "org.jboss.spec.javax.xml.bind.jboss-jaxb-api_2.3_spec-2.0.1.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.spec.javax.xml.bind/jboss-jaxb-api_2.3_spec@2.0.1.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.spec.javax.xml.bind.jboss-jaxb-api_2.3_spec-2.0.1.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.spec.javax.xml.bind.jboss-jaxb-api_2.3_spec-2.0.1.Final-redhat-00001.pom",
"product_id": "org.jboss.spec.javax.xml.bind.jboss-jaxb-api_2.3_spec-2.0.1.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.spec.javax.xml.bind/jboss-jaxb-api_2.3_spec@2.0.1.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.logmanager.log4j2-jboss-logmanager-1.0.0.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.logmanager.log4j2-jboss-logmanager-1.0.0.Final-redhat-00001.jar",
"product_id": "org.jboss.logmanager.log4j2-jboss-logmanager-1.0.0.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.logmanager/log4j2-jboss-logmanager@1.0.0.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.logmanager.log4j2-jboss-logmanager-1.0.0.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.logmanager.log4j2-jboss-logmanager-1.0.0.Final-redhat-00001.pom",
"product_id": "org.jboss.logmanager.log4j2-jboss-logmanager-1.0.0.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.logmanager/log4j2-jboss-logmanager@1.0.0.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "com.sun.activation.jakarta.activation-1.2.2.redhat-00001.jar",
"product": {
"name": "com.sun.activation.jakarta.activation-1.2.2.redhat-00001.jar",
"product_id": "com.sun.activation.jakarta.activation-1.2.2.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/com.sun.activation/jakarta.activation@1.2.2.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "com.sun.activation.jakarta.activation-1.2.2.redhat-00001.pom",
"product": {
"name": "com.sun.activation.jakarta.activation-1.2.2.redhat-00001.pom",
"product_id": "com.sun.activation.jakarta.activation-1.2.2.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/com.sun.activation/jakarta.activation@1.2.2.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jctools.jctools-core-2.1.2.redhat-00003.jar",
"product": {
"name": "org.jctools.jctools-core-2.1.2.redhat-00003.jar",
"product_id": "org.jctools.jctools-core-2.1.2.redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jctools/jctools-core@2.1.2.redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jctools.jctools-core-2.1.2.redhat-00003.pom",
"product": {
"name": "org.jctools.jctools-core-2.1.2.redhat-00003.pom",
"product_id": "org.jctools.jctools-core-2.1.2.redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jctools/jctools-core@2.1.2.redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.commons.commons-lang3-3.11.0.redhat-00001.jar",
"product": {
"name": "org.apache.commons.commons-lang3-3.11.0.redhat-00001.jar",
"product_id": "org.apache.commons.commons-lang3-3.11.0.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.commons/commons-lang3@3.11.0.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.commons.commons-lang3-3.11.0.redhat-00001.pom",
"product": {
"name": "org.apache.commons.commons-lang3-3.11.0.redhat-00001.pom",
"product_id": "org.apache.commons.commons-lang3-3.11.0.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.commons/commons-lang3@3.11.0.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.httpcomponents.httpcore-nio-4.4.14.redhat-00001.jar",
"product": {
"name": "org.apache.httpcomponents.httpcore-nio-4.4.14.redhat-00001.jar",
"product_id": "org.apache.httpcomponents.httpcore-nio-4.4.14.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.httpcomponents/httpcore-nio@4.4.14.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.httpcomponents.httpcore-nio-4.4.14.redhat-00001.pom",
"product": {
"name": "org.apache.httpcomponents.httpcore-nio-4.4.14.redhat-00001.pom",
"product_id": "org.apache.httpcomponents.httpcore-nio-4.4.14.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.httpcomponents/httpcore-nio@4.4.14.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.httpcomponents.httpcore-4.4.14.redhat-00001.jar",
"product": {
"name": "org.apache.httpcomponents.httpcore-4.4.14.redhat-00001.jar",
"product_id": "org.apache.httpcomponents.httpcore-4.4.14.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.httpcomponents/httpcore@4.4.14.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.httpcomponents.httpcore-4.4.14.redhat-00001.pom",
"product": {
"name": "org.apache.httpcomponents.httpcore-4.4.14.redhat-00001.pom",
"product_id": "org.apache.httpcomponents.httpcore-4.4.14.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.httpcomponents/httpcore@4.4.14.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "com.github.ben-manes.caffeine.caffeine-2.8.8.redhat-00001.jar",
"product": {
"name": "com.github.ben-manes.caffeine.caffeine-2.8.8.redhat-00001.jar",
"product_id": "com.github.ben-manes.caffeine.caffeine-2.8.8.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/com.github.ben-manes.caffeine/caffeine@2.8.8.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "commons-io.commons-io-2.8.0.redhat-00001.pom",
"product": {
"name": "commons-io.commons-io-2.8.0.redhat-00001.pom",
"product_id": "commons-io.commons-io-2.8.0.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/commons-io/commons-io@2.8.0.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.wildfly-naming-client-1.0.14.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.wildfly-naming-client-1.0.14.Final-redhat-00001.jar",
"product_id": "org.wildfly.wildfly-naming-client-1.0.14.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly/wildfly-naming-client@1.0.14.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.wildfly-naming-client-1.0.14.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.wildfly-naming-client-1.0.14.Final-redhat-00001.pom",
"product_id": "org.wildfly.wildfly-naming-client-1.0.14.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly/wildfly-naming-client@1.0.14.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "io.reactivex.rxjava2.rxjava-2.2.20.redhat-00001.jar",
"product": {
"name": "io.reactivex.rxjava2.rxjava-2.2.20.redhat-00001.jar",
"product_id": "io.reactivex.rxjava2.rxjava-2.2.20.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/io.reactivex.rxjava2/rxjava@2.2.20.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "com.google.guava.guava-30.1.0.redhat-00001.jar",
"product": {
"name": "com.google.guava.guava-30.1.0.redhat-00001.jar",
"product_id": "com.google.guava.guava-30.1.0.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/com.google.guava/guava@30.1.0.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "com.google.guava.guava-30.1.0.redhat-00001.pom",
"product": {
"name": "com.google.guava.guava-30.1.0.redhat-00001.pom",
"product_id": "com.google.guava.guava-30.1.0.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/com.google.guava/guava@30.1.0.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "com.google.guava.failureaccess-1.0.1.redhat-00002.jar",
"product": {
"name": "com.google.guava.failureaccess-1.0.1.redhat-00002.jar",
"product_id": "com.google.guava.failureaccess-1.0.1.redhat-00002.jar",
"product_identification_helper": {
"purl": "pkg:maven/com.google.guava/failureaccess@1.0.1.redhat-00002?type=jar"
}
}
},
{
"category": "product_version",
"name": "com.google.guava.failureaccess-1.0.1.redhat-00002.pom",
"product": {
"name": "com.google.guava.failureaccess-1.0.1.redhat-00002.pom",
"product_id": "com.google.guava.failureaccess-1.0.1.redhat-00002.pom",
"product_identification_helper": {
"purl": "pkg:maven/com.google.guava/failureaccess@1.0.1.redhat-00002?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.logmanager.jboss-logmanager-2.1.18.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.logmanager.jboss-logmanager-2.1.18.Final-redhat-00001.jar",
"product_id": "org.jboss.logmanager.jboss-logmanager-2.1.18.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.logmanager/jboss-logmanager@2.1.18.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.logmanager.jboss-logmanager-2.1.18.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.logmanager.jboss-logmanager-2.1.18.Final-redhat-00001.pom",
"product_id": "org.jboss.logmanager.jboss-logmanager-2.1.18.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.logmanager/jboss-logmanager@2.1.18.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.cxf.xjc-utils.cxf-xjc-runtime-3.3.1.redhat-00001.jar",
"product": {
"name": "org.apache.cxf.xjc-utils.cxf-xjc-runtime-3.3.1.redhat-00001.jar",
"product_id": "org.apache.cxf.xjc-utils.cxf-xjc-runtime-3.3.1.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.cxf.xjc-utils/cxf-xjc-runtime@3.3.1.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.cxf.xjc-utils.cxf-xjc-runtime-3.3.1.redhat-00001.pom",
"product": {
"name": "org.apache.cxf.xjc-utils.cxf-xjc-runtime-3.3.1.redhat-00001.pom",
"product_id": "org.apache.cxf.xjc-utils.cxf-xjc-runtime-3.3.1.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.cxf.xjc-utils/cxf-xjc-runtime@3.3.1.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.cxf.xjcplugins.cxf-xjc-boolean-3.3.1.redhat-00001.jar",
"product": {
"name": "org.apache.cxf.xjcplugins.cxf-xjc-boolean-3.3.1.redhat-00001.jar",
"product_id": "org.apache.cxf.xjcplugins.cxf-xjc-boolean-3.3.1.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.cxf.xjcplugins/cxf-xjc-boolean@3.3.1.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.cxf.xjcplugins.cxf-xjc-boolean-3.3.1.redhat-00001.pom",
"product": {
"name": "org.apache.cxf.xjcplugins.cxf-xjc-boolean-3.3.1.redhat-00001.pom",
"product_id": "org.apache.cxf.xjcplugins.cxf-xjc-boolean-3.3.1.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.cxf.xjcplugins/cxf-xjc-boolean@3.3.1.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.cxf.xjcplugins.cxf-xjc-bug986-3.3.1.redhat-00001.jar",
"product": {
"name": "org.apache.cxf.xjcplugins.cxf-xjc-bug986-3.3.1.redhat-00001.jar",
"product_id": "org.apache.cxf.xjcplugins.cxf-xjc-bug986-3.3.1.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.cxf.xjcplugins/cxf-xjc-bug986@3.3.1.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.cxf.xjcplugins.cxf-xjc-bug986-3.3.1.redhat-00001.pom",
"product": {
"name": "org.apache.cxf.xjcplugins.cxf-xjc-bug986-3.3.1.redhat-00001.pom",
"product_id": "org.apache.cxf.xjcplugins.cxf-xjc-bug986-3.3.1.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.cxf.xjcplugins/cxf-xjc-bug986@3.3.1.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.cxf.xjcplugins.cxf-xjc-dv-3.3.1.redhat-00001.jar",
"product": {
"name": "org.apache.cxf.xjcplugins.cxf-xjc-dv-3.3.1.redhat-00001.jar",
"product_id": "org.apache.cxf.xjcplugins.cxf-xjc-dv-3.3.1.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.cxf.xjcplugins/cxf-xjc-dv@3.3.1.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.cxf.xjcplugins.cxf-xjc-dv-3.3.1.redhat-00001.pom",
"product": {
"name": "org.apache.cxf.xjcplugins.cxf-xjc-dv-3.3.1.redhat-00001.pom",
"product_id": "org.apache.cxf.xjcplugins.cxf-xjc-dv-3.3.1.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.cxf.xjcplugins/cxf-xjc-dv@3.3.1.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.cxf.xjcplugins.cxf-xjc-ts-3.3.1.redhat-00001.jar",
"product": {
"name": "org.apache.cxf.xjcplugins.cxf-xjc-ts-3.3.1.redhat-00001.jar",
"product_id": "org.apache.cxf.xjcplugins.cxf-xjc-ts-3.3.1.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.cxf.xjcplugins/cxf-xjc-ts@3.3.1.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.cxf.xjcplugins.cxf-xjc-ts-3.3.1.redhat-00001.pom",
"product": {
"name": "org.apache.cxf.xjcplugins.cxf-xjc-ts-3.3.1.redhat-00001.pom",
"product_id": "org.apache.cxf.xjcplugins.cxf-xjc-ts-3.3.1.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.cxf.xjcplugins/cxf-xjc-ts@3.3.1.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.aesh.readline-2.2.0.redhat-00001.jar",
"product": {
"name": "org.aesh.readline-2.2.0.redhat-00001.jar",
"product_id": "org.aesh.readline-2.2.0.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.aesh/readline@2.2.0.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.aesh.readline-2.2.0.redhat-00001.pom",
"product": {
"name": "org.aesh.readline-2.2.0.redhat-00001.pom",
"product_id": "org.aesh.readline-2.2.0.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.aesh/readline@2.2.0.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.aesh.terminal-api-2.2.0.redhat-00001.pom",
"product": {
"name": "org.aesh.terminal-api-2.2.0.redhat-00001.pom",
"product_id": "org.aesh.terminal-api-2.2.0.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.aesh/terminal-api@2.2.0.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.genericjms.generic-jms-ra-jar-2.0.9.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.genericjms.generic-jms-ra-jar-2.0.9.Final-redhat-00001.jar",
"product_id": "org.jboss.genericjms.generic-jms-ra-jar-2.0.9.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.genericjms/generic-jms-ra-jar@2.0.9.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.genericjms.generic-jms-ra-jar-2.0.9.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.genericjms.generic-jms-ra-jar-2.0.9.Final-redhat-00001.pom",
"product_id": "org.jboss.genericjms.generic-jms-ra-jar-2.0.9.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.genericjms/generic-jms-ra-jar@2.0.9.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "io.reactivex.rxjava3.rxjava-3.0.9.redhat-00001.jar",
"product": {
"name": "io.reactivex.rxjava3.rxjava-3.0.9.redhat-00001.jar",
"product_id": "io.reactivex.rxjava3.rxjava-3.0.9.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/io.reactivex.rxjava3/rxjava@3.0.9.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jvnet.staxex.stax-ex-1.8.3.redhat-00002.jar",
"product": {
"name": "org.jvnet.staxex.stax-ex-1.8.3.redhat-00002.jar",
"product_id": "org.jvnet.staxex.stax-ex-1.8.3.redhat-00002.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jvnet.staxex/stax-ex@1.8.3.redhat-00002?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jvnet.staxex.stax-ex-1.8.3.redhat-00002.pom",
"product": {
"name": "org.jvnet.staxex.stax-ex-1.8.3.redhat-00002.pom",
"product_id": "org.jvnet.staxex.stax-ex-1.8.3.redhat-00002.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jvnet.staxex/stax-ex@1.8.3.redhat-00002?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.infinispan.protostream.protostream-4.3.5.Final-redhat-00001.jar",
"product": {
"name": "org.infinispan.protostream.protostream-4.3.5.Final-redhat-00001.jar",
"product_id": "org.infinispan.protostream.protostream-4.3.5.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.infinispan.protostream/protostream@4.3.5.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.infinispan.protostream.protostream-4.3.5.Final-redhat-00001.pom",
"product": {
"name": "org.infinispan.protostream.protostream-4.3.5.Final-redhat-00001.pom",
"product_id": "org.infinispan.protostream.protostream-4.3.5.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.infinispan.protostream/protostream@4.3.5.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.weld.module.weld-ejb-3.1.6.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.weld.module.weld-ejb-3.1.6.Final-redhat-00001.jar",
"product_id": "org.jboss.weld.module.weld-ejb-3.1.6.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.weld.module/weld-ejb@3.1.6.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.weld.module.weld-ejb-3.1.6.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.weld.module.weld-ejb-3.1.6.Final-redhat-00001.pom",
"product_id": "org.jboss.weld.module.weld-ejb-3.1.6.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.weld.module/weld-ejb@3.1.6.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.weld.module.weld-jsf-3.1.6.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.weld.module.weld-jsf-3.1.6.Final-redhat-00001.jar",
"product_id": "org.jboss.weld.module.weld-jsf-3.1.6.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.weld.module/weld-jsf@3.1.6.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.weld.module.weld-jsf-3.1.6.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.weld.module.weld-jsf-3.1.6.Final-redhat-00001.pom",
"product_id": "org.jboss.weld.module.weld-jsf-3.1.6.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.weld.module/weld-jsf@3.1.6.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.weld.module.weld-jta-3.1.6.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.weld.module.weld-jta-3.1.6.Final-redhat-00001.jar",
"product_id": "org.jboss.weld.module.weld-jta-3.1.6.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.weld.module/weld-jta@3.1.6.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.weld.module.weld-jta-3.1.6.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.weld.module.weld-jta-3.1.6.Final-redhat-00001.pom",
"product_id": "org.jboss.weld.module.weld-jta-3.1.6.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.weld.module/weld-jta@3.1.6.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.weld.module.weld-web-3.1.6.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.weld.module.weld-web-3.1.6.Final-redhat-00001.jar",
"product_id": "org.jboss.weld.module.weld-web-3.1.6.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.weld.module/weld-web@3.1.6.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.weld.module.weld-web-3.1.6.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.weld.module.weld-web-3.1.6.Final-redhat-00001.pom",
"product_id": "org.jboss.weld.module.weld-web-3.1.6.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.weld.module/weld-web@3.1.6.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.weld.probe.weld-probe-core-3.1.6.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.weld.probe.weld-probe-core-3.1.6.Final-redhat-00001.jar",
"product_id": "org.jboss.weld.probe.weld-probe-core-3.1.6.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.weld.probe/weld-probe-core@3.1.6.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.weld.probe.weld-probe-core-3.1.6.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.weld.probe.weld-probe-core-3.1.6.Final-redhat-00001.pom",
"product_id": "org.jboss.weld.probe.weld-probe-core-3.1.6.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.weld.probe/weld-probe-core@3.1.6.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.weld.weld-core-impl-3.1.6.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.weld.weld-core-impl-3.1.6.Final-redhat-00001.jar",
"product_id": "org.jboss.weld.weld-core-impl-3.1.6.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.weld/weld-core-impl@3.1.6.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.weld.weld-core-impl-3.1.6.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.weld.weld-core-impl-3.1.6.Final-redhat-00001.pom",
"product_id": "org.jboss.weld.weld-core-impl-3.1.6.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.weld/weld-core-impl@3.1.6.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "xalan.serializer-2.7.1.redhat-00013.jar",
"product": {
"name": "xalan.serializer-2.7.1.redhat-00013.jar",
"product_id": "xalan.serializer-2.7.1.redhat-00013.jar",
"product_identification_helper": {
"purl": "pkg:maven/xalan/serializer@2.7.1.redhat-00013?type=jar"
}
}
},
{
"category": "product_version",
"name": "xalan.serializer-2.7.1.redhat-00013.pom",
"product": {
"name": "xalan.serializer-2.7.1.redhat-00013.pom",
"product_id": "xalan.serializer-2.7.1.redhat-00013.pom",
"product_identification_helper": {
"purl": "pkg:maven/xalan/serializer@2.7.1.redhat-00013?type=pom"
}
}
},
{
"category": "product_version",
"name": "xalan.xalan-2.7.1.redhat-00013.jar",
"product": {
"name": "xalan.xalan-2.7.1.redhat-00013.jar",
"product_id": "xalan.xalan-2.7.1.redhat-00013.jar",
"product_identification_helper": {
"purl": "pkg:maven/xalan/xalan@2.7.1.redhat-00013?type=jar"
}
}
},
{
"category": "product_version",
"name": "xalan.xalan-2.7.1.redhat-00013.pom",
"product": {
"name": "xalan.xalan-2.7.1.redhat-00013.pom",
"product_id": "xalan.xalan-2.7.1.redhat-00013.pom",
"product_identification_helper": {
"purl": "pkg:maven/xalan/xalan@2.7.1.redhat-00013?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.velocity.velocity-engine-core-2.3.0.redhat-00001.jar",
"product": {
"name": "org.apache.velocity.velocity-engine-core-2.3.0.redhat-00001.jar",
"product_id": "org.apache.velocity.velocity-engine-core-2.3.0.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.velocity/velocity-engine-core@2.3.0.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jgroups.kubernetes.jgroups-kubernetes-1.0.16.Final-redhat-00001.jar",
"product": {
"name": "org.jgroups.kubernetes.jgroups-kubernetes-1.0.16.Final-redhat-00001.jar",
"product_id": "org.jgroups.kubernetes.jgroups-kubernetes-1.0.16.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jgroups.kubernetes/jgroups-kubernetes@1.0.16.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jgroups.kubernetes.jgroups-kubernetes-1.0.16.Final-redhat-00001.pom",
"product": {
"name": "org.jgroups.kubernetes.jgroups-kubernetes-1.0.16.Final-redhat-00001.pom",
"product_id": "org.jgroups.kubernetes.jgroups-kubernetes-1.0.16.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jgroups.kubernetes/jgroups-kubernetes@1.0.16.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.activemq.artemis.integration.artemis-wildfly-integration-1.0.4.redhat-00001.jar",
"product": {
"name": "org.jboss.activemq.artemis.integration.artemis-wildfly-integration-1.0.4.redhat-00001.jar",
"product_id": "org.jboss.activemq.artemis.integration.artemis-wildfly-integration-1.0.4.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.activemq.artemis.integration/artemis-wildfly-integration@1.0.4.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.activemq.artemis.integration.artemis-wildfly-integration-1.0.4.redhat-00001.pom",
"product": {
"name": "org.jboss.activemq.artemis.integration.artemis-wildfly-integration-1.0.4.redhat-00001.pom",
"product_id": "org.jboss.activemq.artemis.integration.artemis-wildfly-integration-1.0.4.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.activemq.artemis.integration/artemis-wildfly-integration@1.0.4.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.bouncycastle.bcpg-jdk15on-1.68.0.redhat-00005.jar",
"product": {
"name": "org.bouncycastle.bcpg-jdk15on-1.68.0.redhat-00005.jar",
"product_id": "org.bouncycastle.bcpg-jdk15on-1.68.0.redhat-00005.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.bouncycastle/bcpg-jdk15on@1.68.0.redhat-00005?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.bouncycastle.bcpg-jdk15on-1.68.0.redhat-00005.pom",
"product": {
"name": "org.bouncycastle.bcpg-jdk15on-1.68.0.redhat-00005.pom",
"product_id": "org.bouncycastle.bcpg-jdk15on-1.68.0.redhat-00005.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.bouncycastle/bcpg-jdk15on@1.68.0.redhat-00005?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.bouncycastle.bcpkix-jdk15on-1.68.0.redhat-00005.jar",
"product": {
"name": "org.bouncycastle.bcpkix-jdk15on-1.68.0.redhat-00005.jar",
"product_id": "org.bouncycastle.bcpkix-jdk15on-1.68.0.redhat-00005.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.bouncycastle/bcpkix-jdk15on@1.68.0.redhat-00005?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.bouncycastle.bcpkix-jdk15on-1.68.0.redhat-00005.pom",
"product": {
"name": "org.bouncycastle.bcpkix-jdk15on-1.68.0.redhat-00005.pom",
"product_id": "org.bouncycastle.bcpkix-jdk15on-1.68.0.redhat-00005.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.bouncycastle/bcpkix-jdk15on@1.68.0.redhat-00005?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.bouncycastle.bcprov-jdk15on-1.68.0.redhat-00005.jar",
"product": {
"name": "org.bouncycastle.bcprov-jdk15on-1.68.0.redhat-00005.jar",
"product_id": "org.bouncycastle.bcprov-jdk15on-1.68.0.redhat-00005.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.bouncycastle/bcprov-jdk15on@1.68.0.redhat-00005?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.bouncycastle.bcprov-jdk15on-1.68.0.redhat-00005.pom",
"product": {
"name": "org.bouncycastle.bcprov-jdk15on-1.68.0.redhat-00005.pom",
"product_id": "org.bouncycastle.bcprov-jdk15on-1.68.0.redhat-00005.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.bouncycastle/bcprov-jdk15on@1.68.0.redhat-00005?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.bouncycastle.bcmail-jdk15on-1.68.0.redhat-00005.jar",
"product": {
"name": "org.bouncycastle.bcmail-jdk15on-1.68.0.redhat-00005.jar",
"product_id": "org.bouncycastle.bcmail-jdk15on-1.68.0.redhat-00005.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.bouncycastle/bcmail-jdk15on@1.68.0.redhat-00005?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.bouncycastle.bcmail-jdk15on-1.68.0.redhat-00005.pom",
"product": {
"name": "org.bouncycastle.bcmail-jdk15on-1.68.0.redhat-00005.pom",
"product_id": "org.bouncycastle.bcmail-jdk15on-1.68.0.redhat-00005.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.bouncycastle/bcmail-jdk15on@1.68.0.redhat-00005?type=pom"
}
}
},
{
"category": "product_version",
"name": "commons-io.commons-io-2.10.0.redhat-00001.jar",
"product": {
"name": "commons-io.commons-io-2.10.0.redhat-00001.jar",
"product_id": "commons-io.commons-io-2.10.0.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/commons-io/commons-io@2.10.0.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "commons-io.commons-io-2.10.0.redhat-00001.pom",
"product": {
"name": "commons-io.commons-io-2.10.0.redhat-00001.pom",
"product_id": "commons-io.commons-io-2.10.0.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/commons-io/commons-io@2.10.0.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.marshalling.jboss-marshalling-river-2.0.12.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.marshalling.jboss-marshalling-river-2.0.12.Final-redhat-00001.jar",
"product_id": "org.jboss.marshalling.jboss-marshalling-river-2.0.12.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.marshalling/jboss-marshalling-river@2.0.12.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.marshalling.jboss-marshalling-river-2.0.12.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.marshalling.jboss-marshalling-river-2.0.12.Final-redhat-00001.pom",
"product_id": "org.jboss.marshalling.jboss-marshalling-river-2.0.12.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.marshalling/jboss-marshalling-river@2.0.12.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.marshalling.jboss-marshalling-2.0.12.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.marshalling.jboss-marshalling-2.0.12.Final-redhat-00001.jar",
"product_id": "org.jboss.marshalling.jboss-marshalling-2.0.12.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.marshalling/jboss-marshalling@2.0.12.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.marshalling.jboss-marshalling-2.0.12.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.marshalling.jboss-marshalling-2.0.12.Final-redhat-00001.pom",
"product_id": "org.jboss.marshalling.jboss-marshalling-2.0.12.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.marshalling/jboss-marshalling@2.0.12.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jgroups.jgroups-4.2.15.Final-redhat-00001.jar",
"product": {
"name": "org.jgroups.jgroups-4.2.15.Final-redhat-00001.jar",
"product_id": "org.jgroups.jgroups-4.2.15.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jgroups/jgroups@4.2.15.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jgroups.jgroups-4.2.15.Final-redhat-00001.pom",
"product": {
"name": "org.jgroups.jgroups-4.2.15.Final-redhat-00001.pom",
"product_id": "org.jgroups.jgroups-4.2.15.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jgroups/jgroups@4.2.15.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.classfilewriter.jboss-classfilewriter-1.2.5.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.classfilewriter.jboss-classfilewriter-1.2.5.Final-redhat-00001.jar",
"product_id": "org.jboss.classfilewriter.jboss-classfilewriter-1.2.5.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.classfilewriter/jboss-classfilewriter@1.2.5.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.classfilewriter.jboss-classfilewriter-1.2.5.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.classfilewriter.jboss-classfilewriter-1.2.5.Final-redhat-00001.pom",
"product_id": "org.jboss.classfilewriter.jboss-classfilewriter-1.2.5.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.classfilewriter/jboss-classfilewriter@1.2.5.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.invocation.jboss-invocation-1.6.3.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.invocation.jboss-invocation-1.6.3.Final-redhat-00001.jar",
"product_id": "org.jboss.invocation.jboss-invocation-1.6.3.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.invocation/jboss-invocation@1.6.3.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.invocation.jboss-invocation-1.6.3.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.invocation.jboss-invocation-1.6.3.Final-redhat-00001.pom",
"product_id": "org.jboss.invocation.jboss-invocation-1.6.3.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.invocation/jboss-invocation@1.6.3.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.modules.jboss-modules-1.12.0.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.modules.jboss-modules-1.12.0.Final-redhat-00001.jar",
"product_id": "org.jboss.modules.jboss-modules-1.12.0.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.modules/jboss-modules@1.12.0.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.modules.jboss-modules-1.12.0.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.modules.jboss-modules-1.12.0.Final-redhat-00001.pom",
"product_id": "org.jboss.modules.jboss-modules-1.12.0.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.modules/jboss-modules@1.12.0.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.javassist.javassist-3.27.0.GA-redhat-00001.jar",
"product": {
"name": "org.javassist.javassist-3.27.0.GA-redhat-00001.jar",
"product_id": "org.javassist.javassist-3.27.0.GA-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.javassist/javassist@3.27.0.GA-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.javassist.javassist-3.27.0.GA-redhat-00001.pom",
"product": {
"name": "org.javassist.javassist-3.27.0.GA-redhat-00001.pom",
"product_id": "org.javassist.javassist-3.27.0.GA-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.javassist/javassist@3.27.0.GA-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.ws.cxf.jbossws-cxf-client-5.4.4.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.ws.cxf.jbossws-cxf-client-5.4.4.Final-redhat-00001.jar",
"product_id": "org.jboss.ws.cxf.jbossws-cxf-client-5.4.4.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.ws.cxf/jbossws-cxf-client@5.4.4.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.ws.cxf.jbossws-cxf-client-5.4.4.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.ws.cxf.jbossws-cxf-client-5.4.4.Final-redhat-00001.pom",
"product_id": "org.jboss.ws.cxf.jbossws-cxf-client-5.4.4.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.ws.cxf/jbossws-cxf-client@5.4.4.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.ws.cxf.jbossws-cxf-factories-5.4.4.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.ws.cxf.jbossws-cxf-factories-5.4.4.Final-redhat-00001.jar",
"product_id": "org.jboss.ws.cxf.jbossws-cxf-factories-5.4.4.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.ws.cxf/jbossws-cxf-factories@5.4.4.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.ws.cxf.jbossws-cxf-factories-5.4.4.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.ws.cxf.jbossws-cxf-factories-5.4.4.Final-redhat-00001.pom",
"product_id": "org.jboss.ws.cxf.jbossws-cxf-factories-5.4.4.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.ws.cxf/jbossws-cxf-factories@5.4.4.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.ws.cxf.jbossws-cxf-jaspi-5.4.4.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.ws.cxf.jbossws-cxf-jaspi-5.4.4.Final-redhat-00001.jar",
"product_id": "org.jboss.ws.cxf.jbossws-cxf-jaspi-5.4.4.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.ws.cxf/jbossws-cxf-jaspi@5.4.4.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.ws.cxf.jbossws-cxf-jaspi-5.4.4.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.ws.cxf.jbossws-cxf-jaspi-5.4.4.Final-redhat-00001.pom",
"product_id": "org.jboss.ws.cxf.jbossws-cxf-jaspi-5.4.4.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.ws.cxf/jbossws-cxf-jaspi@5.4.4.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.ws.cxf.jbossws-cxf-resources-5.4.4.Final-redhat-00001-wildfly2000.jar",
"product": {
"name": "org.jboss.ws.cxf.jbossws-cxf-resources-5.4.4.Final-redhat-00001-wildfly2000.jar",
"product_id": "org.jboss.ws.cxf.jbossws-cxf-resources-5.4.4.Final-redhat-00001-wildfly2000.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.ws.cxf/jbossws-cxf-resources@5.4.4.Final-redhat-00001?classifier=wildfly2000\u0026type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.ws.cxf.jbossws-cxf-resources-5.4.4.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.ws.cxf.jbossws-cxf-resources-5.4.4.Final-redhat-00001.pom",
"product_id": "org.jboss.ws.cxf.jbossws-cxf-resources-5.4.4.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.ws.cxf/jbossws-cxf-resources@5.4.4.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.ws.cxf.jbossws-cxf-server-5.4.4.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.ws.cxf.jbossws-cxf-server-5.4.4.Final-redhat-00001.jar",
"product_id": "org.jboss.ws.cxf.jbossws-cxf-server-5.4.4.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.ws.cxf/jbossws-cxf-server@5.4.4.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.ws.cxf.jbossws-cxf-server-5.4.4.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.ws.cxf.jbossws-cxf-server-5.4.4.Final-redhat-00001.pom",
"product_id": "org.jboss.ws.cxf.jbossws-cxf-server-5.4.4.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.ws.cxf/jbossws-cxf-server@5.4.4.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.ws.cxf.jbossws-cxf-transports-udp-5.4.4.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.ws.cxf.jbossws-cxf-transports-udp-5.4.4.Final-redhat-00001.jar",
"product_id": "org.jboss.ws.cxf.jbossws-cxf-transports-udp-5.4.4.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.ws.cxf/jbossws-cxf-transports-udp@5.4.4.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.ws.cxf.jbossws-cxf-transports-udp-5.4.4.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.ws.cxf.jbossws-cxf-transports-udp-5.4.4.Final-redhat-00001.pom",
"product_id": "org.jboss.ws.cxf.jbossws-cxf-transports-udp-5.4.4.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.ws.cxf/jbossws-cxf-transports-udp@5.4.4.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.ws.cxf.jbossws-cxf-transports-undertow-5.4.4.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.ws.cxf.jbossws-cxf-transports-undertow-5.4.4.Final-redhat-00001.jar",
"product_id": "org.jboss.ws.cxf.jbossws-cxf-transports-undertow-5.4.4.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.ws.cxf/jbossws-cxf-transports-undertow@5.4.4.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.ws.cxf.jbossws-cxf-transports-undertow-5.4.4.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.ws.cxf.jbossws-cxf-transports-undertow-5.4.4.Final-redhat-00001.pom",
"product_id": "org.jboss.ws.cxf.jbossws-cxf-transports-undertow-5.4.4.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.ws.cxf/jbossws-cxf-transports-undertow@5.4.4.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.glassfish.jakarta.el-3.0.3.redhat-00007.jar",
"product": {
"name": "org.glassfish.jakarta.el-3.0.3.redhat-00007.jar",
"product_id": "org.glassfish.jakarta.el-3.0.3.redhat-00007.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.glassfish/jakarta.el@3.0.3.redhat-00007?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.glassfish.jakarta.el-3.0.3.redhat-00007.pom",
"product": {
"name": "org.glassfish.jakarta.el-3.0.3.redhat-00007.pom",
"product_id": "org.glassfish.jakarta.el-3.0.3.redhat-00007.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.glassfish/jakarta.el@3.0.3.redhat-00007?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jsoup.jsoup-1.14.2.redhat-00002.jar",
"product": {
"name": "org.jsoup.jsoup-1.14.2.redhat-00002.jar",
"product_id": "org.jsoup.jsoup-1.14.2.redhat-00002.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jsoup/jsoup@1.14.2.redhat-00002?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jsoup.jsoup-1.14.2.redhat-00002.pom",
"product": {
"name": "org.jsoup.jsoup-1.14.2.redhat-00002.pom",
"product_id": "org.jsoup.jsoup-1.14.2.redhat-00002.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jsoup/jsoup@1.14.2.redhat-00002?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.eclipse.jgit.org.eclipse.jgit.ssh.apache-5.13.0.202109080827-r-redhat-00001.jar",
"product": {
"name": "org.eclipse.jgit.org.eclipse.jgit.ssh.apache-5.13.0.202109080827-r-redhat-00001.jar",
"product_id": "org.eclipse.jgit.org.eclipse.jgit.ssh.apache-5.13.0.202109080827-r-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.eclipse.jgit/org.eclipse.jgit.ssh.apache@5.13.0.202109080827-r-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.eclipse.jgit.org.eclipse.jgit.ssh.apache-5.13.0.202109080827-r-redhat-00001.pom",
"product": {
"name": "org.eclipse.jgit.org.eclipse.jgit.ssh.apache-5.13.0.202109080827-r-redhat-00001.pom",
"product_id": "org.eclipse.jgit.org.eclipse.jgit.ssh.apache-5.13.0.202109080827-r-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.eclipse.jgit/org.eclipse.jgit.ssh.apache@5.13.0.202109080827-r-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.eclipse.jgit.org.eclipse.jgit-5.13.0.202109080827-r-redhat-00001.jar",
"product": {
"name": "org.eclipse.jgit.org.eclipse.jgit-5.13.0.202109080827-r-redhat-00001.jar",
"product_id": "org.eclipse.jgit.org.eclipse.jgit-5.13.0.202109080827-r-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.eclipse.jgit/org.eclipse.jgit@5.13.0.202109080827-r-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.eclipse.jgit.org.eclipse.jgit-5.13.0.202109080827-r-redhat-00001.pom",
"product": {
"name": "org.eclipse.jgit.org.eclipse.jgit-5.13.0.202109080827-r-redhat-00001.pom",
"product_id": "org.eclipse.jgit.org.eclipse.jgit-5.13.0.202109080827-r-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.eclipse.jgit/org.eclipse.jgit@5.13.0.202109080827-r-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.sshd.sshd-common-2.7.0.redhat-00001.jar",
"product": {
"name": "org.apache.sshd.sshd-common-2.7.0.redhat-00001.jar",
"product_id": "org.apache.sshd.sshd-common-2.7.0.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.sshd/sshd-common@2.7.0.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.sshd.sshd-common-2.7.0.redhat-00001.pom",
"product": {
"name": "org.apache.sshd.sshd-common-2.7.0.redhat-00001.pom",
"product_id": "org.apache.sshd.sshd-common-2.7.0.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.sshd/sshd-common@2.7.0.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.sshd.sshd-core-2.7.0.redhat-00001.jar",
"product": {
"name": "org.apache.sshd.sshd-core-2.7.0.redhat-00001.jar",
"product_id": "org.apache.sshd.sshd-core-2.7.0.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.sshd/sshd-core@2.7.0.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.sshd.sshd-core-2.7.0.redhat-00001.pom",
"product": {
"name": "org.apache.sshd.sshd-core-2.7.0.redhat-00001.pom",
"product_id": "org.apache.sshd.sshd-core-2.7.0.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.sshd/sshd-core@2.7.0.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.bitbucket.b_c.jose4j-0.7.5.redhat-00001.pom",
"product": {
"name": "org.bitbucket.b_c.jose4j-0.7.5.redhat-00001.pom",
"product_id": "org.bitbucket.b_c.jose4j-0.7.5.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.bitbucket.b_c/jose4j@0.7.5.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.santuario.xmlsec-2.1.7.redhat-00001.jar",
"product": {
"name": "org.apache.santuario.xmlsec-2.1.7.redhat-00001.jar",
"product_id": "org.apache.santuario.xmlsec-2.1.7.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.santuario/xmlsec@2.1.7.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.santuario.xmlsec-2.1.7.redhat-00001.pom",
"product": {
"name": "org.apache.santuario.xmlsec-2.1.7.redhat-00001.pom",
"product_id": "org.apache.santuario.xmlsec-2.1.7.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.santuario/xmlsec@2.1.7.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.wss4j.wss4j-bindings-2.2.7.redhat-00001.jar",
"product": {
"name": "org.apache.wss4j.wss4j-bindings-2.2.7.redhat-00001.jar",
"product_id": "org.apache.wss4j.wss4j-bindings-2.2.7.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.wss4j/wss4j-bindings@2.2.7.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.wss4j.wss4j-bindings-2.2.7.redhat-00001.pom",
"product": {
"name": "org.apache.wss4j.wss4j-bindings-2.2.7.redhat-00001.pom",
"product_id": "org.apache.wss4j.wss4j-bindings-2.2.7.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.wss4j/wss4j-bindings@2.2.7.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.wss4j.wss4j-policy-2.2.7.redhat-00001.jar",
"product": {
"name": "org.apache.wss4j.wss4j-policy-2.2.7.redhat-00001.jar",
"product_id": "org.apache.wss4j.wss4j-policy-2.2.7.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.wss4j/wss4j-policy@2.2.7.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.wss4j.wss4j-policy-2.2.7.redhat-00001.pom",
"product": {
"name": "org.apache.wss4j.wss4j-policy-2.2.7.redhat-00001.pom",
"product_id": "org.apache.wss4j.wss4j-policy-2.2.7.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.wss4j/wss4j-policy@2.2.7.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.wss4j.wss4j-ws-security-common-2.2.7.redhat-00001.jar",
"product": {
"name": "org.apache.wss4j.wss4j-ws-security-common-2.2.7.redhat-00001.jar",
"product_id": "org.apache.wss4j.wss4j-ws-security-common-2.2.7.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.wss4j/wss4j-ws-security-common@2.2.7.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.wss4j.wss4j-ws-security-common-2.2.7.redhat-00001.pom",
"product": {
"name": "org.apache.wss4j.wss4j-ws-security-common-2.2.7.redhat-00001.pom",
"product_id": "org.apache.wss4j.wss4j-ws-security-common-2.2.7.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.wss4j/wss4j-ws-security-common@2.2.7.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.wss4j.wss4j-ws-security-dom-2.2.7.redhat-00001.jar",
"product": {
"name": "org.apache.wss4j.wss4j-ws-security-dom-2.2.7.redhat-00001.jar",
"product_id": "org.apache.wss4j.wss4j-ws-security-dom-2.2.7.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.wss4j/wss4j-ws-security-dom@2.2.7.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.wss4j.wss4j-ws-security-dom-2.2.7.redhat-00001.pom",
"product": {
"name": "org.apache.wss4j.wss4j-ws-security-dom-2.2.7.redhat-00001.pom",
"product_id": "org.apache.wss4j.wss4j-ws-security-dom-2.2.7.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.wss4j/wss4j-ws-security-dom@2.2.7.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.wss4j.wss4j-ws-security-policy-stax-2.2.7.redhat-00001.jar",
"product": {
"name": "org.apache.wss4j.wss4j-ws-security-policy-stax-2.2.7.redhat-00001.jar",
"product_id": "org.apache.wss4j.wss4j-ws-security-policy-stax-2.2.7.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.wss4j/wss4j-ws-security-policy-stax@2.2.7.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.wss4j.wss4j-ws-security-policy-stax-2.2.7.redhat-00001.pom",
"product": {
"name": "org.apache.wss4j.wss4j-ws-security-policy-stax-2.2.7.redhat-00001.pom",
"product_id": "org.apache.wss4j.wss4j-ws-security-policy-stax-2.2.7.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.wss4j/wss4j-ws-security-policy-stax@2.2.7.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.wss4j.wss4j-ws-security-stax-2.2.7.redhat-00001.jar",
"product": {
"name": "org.apache.wss4j.wss4j-ws-security-stax-2.2.7.redhat-00001.jar",
"product_id": "org.apache.wss4j.wss4j-ws-security-stax-2.2.7.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.wss4j/wss4j-ws-security-stax@2.2.7.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.wss4j.wss4j-ws-security-stax-2.2.7.redhat-00001.pom",
"product": {
"name": "org.apache.wss4j.wss4j-ws-security-stax-2.2.7.redhat-00001.pom",
"product_id": "org.apache.wss4j.wss4j-ws-security-stax-2.2.7.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.wss4j/wss4j-ws-security-stax@2.2.7.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "net.bytebuddy.byte-buddy-dep-1.11.12.redhat-00002.pom",
"product": {
"name": "net.bytebuddy.byte-buddy-dep-1.11.12.redhat-00002.pom",
"product_id": "net.bytebuddy.byte-buddy-dep-1.11.12.redhat-00002.pom",
"product_identification_helper": {
"purl": "pkg:maven/net.bytebuddy/byte-buddy-dep@1.11.12.redhat-00002?type=pom"
}
}
},
{
"category": "product_version",
"name": "net.bytebuddy.byte-buddy-1.11.12.redhat-00002.jar",
"product": {
"name": "net.bytebuddy.byte-buddy-1.11.12.redhat-00002.jar",
"product_id": "net.bytebuddy.byte-buddy-1.11.12.redhat-00002.jar",
"product_identification_helper": {
"purl": "pkg:maven/net.bytebuddy/byte-buddy@1.11.12.redhat-00002?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.eclipse.jdt.ecj-3.26.0.redhat-00002.jar",
"product": {
"name": "org.eclipse.jdt.ecj-3.26.0.redhat-00002.jar",
"product_id": "org.eclipse.jdt.ecj-3.26.0.redhat-00002.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.eclipse.jdt/ecj@3.26.0.redhat-00002?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.eclipse.jdt.ecj-3.26.0.redhat-00002.pom",
"product": {
"name": "org.eclipse.jdt.ecj-3.26.0.redhat-00002.pom",
"product_id": "org.eclipse.jdt.ecj-3.26.0.redhat-00002.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.eclipse.jdt/ecj@3.26.0.redhat-00002?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.hornetq.hornetq-commons-2.4.8.Final-redhat-00001.jar",
"product": {
"name": "org.hornetq.hornetq-commons-2.4.8.Final-redhat-00001.jar",
"product_id": "org.hornetq.hornetq-commons-2.4.8.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.hornetq/hornetq-commons@2.4.8.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.hornetq.hornetq-commons-2.4.8.Final-redhat-00001.pom",
"product": {
"name": "org.hornetq.hornetq-commons-2.4.8.Final-redhat-00001.pom",
"product_id": "org.hornetq.hornetq-commons-2.4.8.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.hornetq/hornetq-commons@2.4.8.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.hornetq.hornetq-core-client-2.4.8.Final-redhat-00001.jar",
"product": {
"name": "org.hornetq.hornetq-core-client-2.4.8.Final-redhat-00001.jar",
"product_id": "org.hornetq.hornetq-core-client-2.4.8.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.hornetq/hornetq-core-client@2.4.8.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.hornetq.hornetq-core-client-2.4.8.Final-redhat-00001.pom",
"product": {
"name": "org.hornetq.hornetq-core-client-2.4.8.Final-redhat-00001.pom",
"product_id": "org.hornetq.hornetq-core-client-2.4.8.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.hornetq/hornetq-core-client@2.4.8.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.hornetq.hornetq-jms-client-2.4.8.Final-redhat-00001.jar",
"product": {
"name": "org.hornetq.hornetq-jms-client-2.4.8.Final-redhat-00001.jar",
"product_id": "org.hornetq.hornetq-jms-client-2.4.8.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.hornetq/hornetq-jms-client@2.4.8.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.hornetq.hornetq-jms-client-2.4.8.Final-redhat-00001.pom",
"product": {
"name": "org.hornetq.hornetq-jms-client-2.4.8.Final-redhat-00001.pom",
"product_id": "org.hornetq.hornetq-jms-client-2.4.8.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.hornetq/hornetq-jms-client@2.4.8.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.mod_cluster.mod_cluster-container-spi-1.4.4.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.mod_cluster.mod_cluster-container-spi-1.4.4.Final-redhat-00001.jar",
"product_id": "org.jboss.mod_cluster.mod_cluster-container-spi-1.4.4.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.mod_cluster/mod_cluster-container-spi@1.4.4.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.mod_cluster.mod_cluster-container-spi-1.4.4.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.mod_cluster.mod_cluster-container-spi-1.4.4.Final-redhat-00001.pom",
"product_id": "org.jboss.mod_cluster.mod_cluster-container-spi-1.4.4.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.mod_cluster/mod_cluster-container-spi@1.4.4.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.mod_cluster.mod_cluster-core-1.4.4.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.mod_cluster.mod_cluster-core-1.4.4.Final-redhat-00001.jar",
"product_id": "org.jboss.mod_cluster.mod_cluster-core-1.4.4.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.mod_cluster/mod_cluster-core@1.4.4.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.mod_cluster.mod_cluster-core-1.4.4.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.mod_cluster.mod_cluster-core-1.4.4.Final-redhat-00001.pom",
"product_id": "org.jboss.mod_cluster.mod_cluster-core-1.4.4.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.mod_cluster/mod_cluster-core@1.4.4.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.mod_cluster.mod_cluster-load-spi-1.4.4.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.mod_cluster.mod_cluster-load-spi-1.4.4.Final-redhat-00001.jar",
"product_id": "org.jboss.mod_cluster.mod_cluster-load-spi-1.4.4.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.mod_cluster/mod_cluster-load-spi@1.4.4.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.mod_cluster.mod_cluster-load-spi-1.4.4.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.mod_cluster.mod_cluster-load-spi-1.4.4.Final-redhat-00001.pom",
"product_id": "org.jboss.mod_cluster.mod_cluster-load-spi-1.4.4.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.mod_cluster/mod_cluster-load-spi@1.4.4.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jgroups.azure.jgroups-azure-1.3.1.Final-redhat-00001.jar",
"product": {
"name": "org.jgroups.azure.jgroups-azure-1.3.1.Final-redhat-00001.jar",
"product_id": "org.jgroups.azure.jgroups-azure-1.3.1.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jgroups.azure/jgroups-azure@1.3.1.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jgroups.azure.jgroups-azure-1.3.1.Final-redhat-00001.pom",
"product": {
"name": "org.jgroups.azure.jgroups-azure-1.3.1.Final-redhat-00001.pom",
"product_id": "org.jgroups.azure.jgroups-azure-1.3.1.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jgroups.azure/jgroups-azure@1.3.1.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "com.microsoft.azure.azure-storage-8.6.6.redhat-00001.jar",
"product": {
"name": "com.microsoft.azure.azure-storage-8.6.6.redhat-00001.jar",
"product_id": "com.microsoft.azure.azure-storage-8.6.6.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/com.microsoft.azure/azure-storage@8.6.6.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "com.microsoft.azure.azure-storage-8.6.6.redhat-00001.pom",
"product": {
"name": "com.microsoft.azure.azure-storage-8.6.6.redhat-00001.pom",
"product_id": "com.microsoft.azure.azure-storage-8.6.6.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/com.microsoft.azure/azure-storage@8.6.6.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.elytron-web.undertow-server-servlet-1.9.2.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.security.elytron-web.undertow-server-servlet-1.9.2.Final-redhat-00001.jar",
"product_id": "org.wildfly.security.elytron-web.undertow-server-servlet-1.9.2.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security.elytron-web/undertow-server-servlet@1.9.2.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.elytron-web.undertow-server-servlet-1.9.2.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.security.elytron-web.undertow-server-servlet-1.9.2.Final-redhat-00001.pom",
"product_id": "org.wildfly.security.elytron-web.undertow-server-servlet-1.9.2.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security.elytron-web/undertow-server-servlet@1.9.2.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.elytron-web.undertow-server-1.9.2.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.security.elytron-web.undertow-server-1.9.2.Final-redhat-00001.jar",
"product_id": "org.wildfly.security.elytron-web.undertow-server-1.9.2.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security.elytron-web/undertow-server@1.9.2.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.elytron-web.undertow-server-1.9.2.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.security.elytron-web.undertow-server-1.9.2.Final-redhat-00001.pom",
"product_id": "org.wildfly.security.elytron-web.undertow-server-1.9.2.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security.elytron-web/undertow-server@1.9.2.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.eclipse.yasson-1.0.10.redhat-00001.jar",
"product": {
"name": "org.eclipse.yasson-1.0.10.redhat-00001.jar",
"product_id": "org.eclipse.yasson-1.0.10.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.eclipse/yasson@1.0.10.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.eclipse.yasson-1.0.10.redhat-00001.pom",
"product": {
"name": "org.eclipse.yasson-1.0.10.redhat-00001.pom",
"product_id": "org.eclipse.yasson-1.0.10.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.eclipse/yasson@1.0.10.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.logging.log4j.log4j-api-2.17.1.redhat-00002.jar",
"product": {
"name": "org.apache.logging.log4j.log4j-api-2.17.1.redhat-00002.jar",
"product_id": "org.apache.logging.log4j.log4j-api-2.17.1.redhat-00002.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.logging.log4j/log4j-api@2.17.1.redhat-00002?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.logging.log4j.log4j-api-2.17.1.redhat-00002.pom",
"product": {
"name": "org.apache.logging.log4j.log4j-api-2.17.1.redhat-00002.pom",
"product_id": "org.apache.logging.log4j.log4j-api-2.17.1.redhat-00002.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.logging.log4j/log4j-api@2.17.1.redhat-00002?type=pom"
}
}
},
{
"category": "product_version",
"name": "com.fasterxml.jackson.core.jackson-annotations-2.12.6.redhat-00001.jar",
"product": {
"name": "com.fasterxml.jackson.core.jackson-annotations-2.12.6.redhat-00001.jar",
"product_id": "com.fasterxml.jackson.core.jackson-annotations-2.12.6.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/com.fasterxml.jackson.core/jackson-annotations@2.12.6.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "com.fasterxml.jackson.core.jackson-annotations-2.12.6.redhat-00001.pom",
"product": {
"name": "com.fasterxml.jackson.core.jackson-annotations-2.12.6.redhat-00001.pom",
"product_id": "com.fasterxml.jackson.core.jackson-annotations-2.12.6.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/com.fasterxml.jackson.core/jackson-annotations@2.12.6.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "com.fasterxml.jackson.core.jackson-core-2.12.6.redhat-00001.jar",
"product": {
"name": "com.fasterxml.jackson.core.jackson-core-2.12.6.redhat-00001.jar",
"product_id": "com.fasterxml.jackson.core.jackson-core-2.12.6.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/com.fasterxml.jackson.core/jackson-core@2.12.6.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "com.fasterxml.jackson.core.jackson-core-2.12.6.redhat-00001.pom",
"product": {
"name": "com.fasterxml.jackson.core.jackson-core-2.12.6.redhat-00001.pom",
"product_id": "com.fasterxml.jackson.core.jackson-core-2.12.6.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/com.fasterxml.jackson.core/jackson-core@2.12.6.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "com.fasterxml.jackson.module.jackson-module-jaxb-annotations-2.12.6.redhat-00001.jar",
"product": {
"name": "com.fasterxml.jackson.module.jackson-module-jaxb-annotations-2.12.6.redhat-00001.jar",
"product_id": "com.fasterxml.jackson.module.jackson-module-jaxb-annotations-2.12.6.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/com.fasterxml.jackson.module/jackson-module-jaxb-annotations@2.12.6.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "com.fasterxml.jackson.module.jackson-module-jaxb-annotations-2.12.6.redhat-00001.pom",
"product": {
"name": "com.fasterxml.jackson.module.jackson-module-jaxb-annotations-2.12.6.redhat-00001.pom",
"product_id": "com.fasterxml.jackson.module.jackson-module-jaxb-annotations-2.12.6.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/com.fasterxml.jackson.module/jackson-module-jaxb-annotations@2.12.6.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "com.fasterxml.jackson.datatype.jackson-datatype-jdk8-2.12.6.redhat-00001.jar",
"product": {
"name": "com.fasterxml.jackson.datatype.jackson-datatype-jdk8-2.12.6.redhat-00001.jar",
"product_id": "com.fasterxml.jackson.datatype.jackson-datatype-jdk8-2.12.6.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/com.fasterxml.jackson.datatype/jackson-datatype-jdk8@2.12.6.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "com.fasterxml.jackson.datatype.jackson-datatype-jdk8-2.12.6.redhat-00001.pom",
"product": {
"name": "com.fasterxml.jackson.datatype.jackson-datatype-jdk8-2.12.6.redhat-00001.pom",
"product_id": "com.fasterxml.jackson.datatype.jackson-datatype-jdk8-2.12.6.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/com.fasterxml.jackson.datatype/jackson-datatype-jdk8@2.12.6.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "com.fasterxml.jackson.datatype.jackson-datatype-jsr310-2.12.6.redhat-00001.jar",
"product": {
"name": "com.fasterxml.jackson.datatype.jackson-datatype-jsr310-2.12.6.redhat-00001.jar",
"product_id": "com.fasterxml.jackson.datatype.jackson-datatype-jsr310-2.12.6.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/com.fasterxml.jackson.datatype/jackson-datatype-jsr310@2.12.6.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "com.fasterxml.jackson.datatype.jackson-datatype-jsr310-2.12.6.redhat-00001.pom",
"product": {
"name": "com.fasterxml.jackson.datatype.jackson-datatype-jsr310-2.12.6.redhat-00001.pom",
"product_id": "com.fasterxml.jackson.datatype.jackson-datatype-jsr310-2.12.6.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/com.fasterxml.jackson.datatype/jackson-datatype-jsr310@2.12.6.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "com.fasterxml.jackson.jaxrs.jackson-jaxrs-base-2.12.6.redhat-00001.jar",
"product": {
"name": "com.fasterxml.jackson.jaxrs.jackson-jaxrs-base-2.12.6.redhat-00001.jar",
"product_id": "com.fasterxml.jackson.jaxrs.jackson-jaxrs-base-2.12.6.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/com.fasterxml.jackson.jaxrs/jackson-jaxrs-base@2.12.6.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "com.fasterxml.jackson.jaxrs.jackson-jaxrs-base-2.12.6.redhat-00001.pom",
"product": {
"name": "com.fasterxml.jackson.jaxrs.jackson-jaxrs-base-2.12.6.redhat-00001.pom",
"product_id": "com.fasterxml.jackson.jaxrs.jackson-jaxrs-base-2.12.6.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/com.fasterxml.jackson.jaxrs/jackson-jaxrs-base@2.12.6.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "com.fasterxml.jackson.jaxrs.jackson-jaxrs-json-provider-2.12.6.redhat-00001.jar",
"product": {
"name": "com.fasterxml.jackson.jaxrs.jackson-jaxrs-json-provider-2.12.6.redhat-00001.jar",
"product_id": "com.fasterxml.jackson.jaxrs.jackson-jaxrs-json-provider-2.12.6.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/com.fasterxml.jackson.jaxrs/jackson-jaxrs-json-provider@2.12.6.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "com.fasterxml.jackson.jaxrs.jackson-jaxrs-json-provider-2.12.6.redhat-00001.pom",
"product": {
"name": "com.fasterxml.jackson.jaxrs.jackson-jaxrs-json-provider-2.12.6.redhat-00001.pom",
"product_id": "com.fasterxml.jackson.jaxrs.jackson-jaxrs-json-provider-2.12.6.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/com.fasterxml.jackson.jaxrs/jackson-jaxrs-json-provider@2.12.6.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "com.google.code.gson.gson-2.8.9.redhat-00001.jar",
"product": {
"name": "com.google.code.gson.gson-2.8.9.redhat-00001.jar",
"product_id": "com.google.code.gson.gson-2.8.9.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/com.google.code.gson/gson@2.8.9.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "com.google.code.gson.gson-2.8.9.redhat-00001.pom",
"product": {
"name": "com.google.code.gson.gson-2.8.9.redhat-00001.pom",
"product_id": "com.google.code.gson.gson-2.8.9.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/com.google.code.gson/gson@2.8.9.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.logmanager.log4j-jboss-logmanager-1.2.2.Final-redhat-00002.jar",
"product": {
"name": "org.jboss.logmanager.log4j-jboss-logmanager-1.2.2.Final-redhat-00002.jar",
"product_id": "org.jboss.logmanager.log4j-jboss-logmanager-1.2.2.Final-redhat-00002.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.logmanager/log4j-jboss-logmanager@1.2.2.Final-redhat-00002?type=jar"
}
}
},
{
"category": "product_version",
"name": "xom.xom-1.3.7.redhat-00001.jar",
"product": {
"name": "xom.xom-1.3.7.redhat-00001.jar",
"product_id": "xom.xom-1.3.7.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/xom/xom@1.3.7.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "xom.xom-1.3.7.redhat-00001.pom",
"product": {
"name": "xom.xom-1.3.7.redhat-00001.pom",
"product_id": "xom.xom-1.3.7.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/xom/xom@1.3.7.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.narayana.arjunacore.arjuna-5.11.4.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.narayana.arjunacore.arjuna-5.11.4.Final-redhat-00001.pom",
"product_id": "org.jboss.narayana.arjunacore.arjuna-5.11.4.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.narayana.arjunacore/arjuna@5.11.4.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.narayana.arjunacore.txoj-5.11.4.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.narayana.arjunacore.txoj-5.11.4.Final-redhat-00001.pom",
"product_id": "org.jboss.narayana.arjunacore.txoj-5.11.4.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.narayana.arjunacore/txoj@5.11.4.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.narayana.compensations.compensations-5.11.4.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.narayana.compensations.compensations-5.11.4.Final-redhat-00001.jar",
"product_id": "org.jboss.narayana.compensations.compensations-5.11.4.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.narayana.compensations/compensations@5.11.4.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.narayana.compensations.compensations-5.11.4.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.narayana.compensations.compensations-5.11.4.Final-redhat-00001.pom",
"product_id": "org.jboss.narayana.compensations.compensations-5.11.4.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.narayana.compensations/compensations@5.11.4.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.narayana.jta.cdi-5.11.4.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.narayana.jta.cdi-5.11.4.Final-redhat-00001.pom",
"product_id": "org.jboss.narayana.jta.cdi-5.11.4.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.narayana.jta/cdi@5.11.4.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.narayana.jta.jdbc-5.11.4.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.narayana.jta.jdbc-5.11.4.Final-redhat-00001.pom",
"product_id": "org.jboss.narayana.jta.jdbc-5.11.4.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.narayana.jta/jdbc@5.11.4.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.narayana.jta.jms-5.11.4.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.narayana.jta.jms-5.11.4.Final-redhat-00001.pom",
"product_id": "org.jboss.narayana.jta.jms-5.11.4.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.narayana.jta/jms@5.11.4.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.narayana.jta.jta-5.11.4.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.narayana.jta.jta-5.11.4.Final-redhat-00001.pom",
"product_id": "org.jboss.narayana.jta.jta-5.11.4.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.narayana.jta/jta@5.11.4.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.narayana.jts.idlj-idl-jdk8-5.11.4.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.narayana.jts.idlj-idl-jdk8-5.11.4.Final-redhat-00001.pom",
"product_id": "org.jboss.narayana.jts.idlj-idl-jdk8-5.11.4.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.narayana.jts/idlj-idl-jdk8@5.11.4.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.narayana.jts.jtax-5.11.4.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.narayana.jts.jtax-5.11.4.Final-redhat-00001.pom",
"product_id": "org.jboss.narayana.jts.jtax-5.11.4.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.narayana.jts/jtax@5.11.4.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.narayana.jts.jts-5.11.4.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.narayana.jts.jts-5.11.4.Final-redhat-00001.pom",
"product_id": "org.jboss.narayana.jts.jts-5.11.4.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.narayana.jts/jts@5.11.4.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.narayana.jts.narayana-jts-idlj-5.11.4.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.narayana.jts.narayana-jts-idlj-5.11.4.Final-redhat-00001.jar",
"product_id": "org.jboss.narayana.jts.narayana-jts-idlj-5.11.4.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.narayana.jts/narayana-jts-idlj@5.11.4.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.narayana.jts.narayana-jts-integration-5.11.4.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.narayana.jts.narayana-jts-integration-5.11.4.Final-redhat-00001.jar",
"product_id": "org.jboss.narayana.jts.narayana-jts-integration-5.11.4.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.narayana.jts/narayana-jts-integration@5.11.4.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.narayana.jts.narayana-jts-integration-5.11.4.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.narayana.jts.narayana-jts-integration-5.11.4.Final-redhat-00001.pom",
"product_id": "org.jboss.narayana.jts.narayana-jts-integration-5.11.4.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.narayana.jts/narayana-jts-integration@5.11.4.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.narayana.jts.orbportability-5.11.4.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.narayana.jts.orbportability-5.11.4.Final-redhat-00001.pom",
"product_id": "org.jboss.narayana.jts.orbportability-5.11.4.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.narayana.jts/orbportability@5.11.4.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.narayana.rts.restat-api-5.11.4.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.narayana.rts.restat-api-5.11.4.Final-redhat-00001.jar",
"product_id": "org.jboss.narayana.rts.restat-api-5.11.4.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.narayana.rts/restat-api@5.11.4.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.narayana.rts.restat-api-5.11.4.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.narayana.rts.restat-api-5.11.4.Final-redhat-00001.pom",
"product_id": "org.jboss.narayana.rts.restat-api-5.11.4.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.narayana.rts/restat-api@5.11.4.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.narayana.rts.restat-bridge-5.11.4.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.narayana.rts.restat-bridge-5.11.4.Final-redhat-00001.jar",
"product_id": "org.jboss.narayana.rts.restat-bridge-5.11.4.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.narayana.rts/restat-bridge@5.11.4.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.narayana.rts.restat-bridge-5.11.4.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.narayana.rts.restat-bridge-5.11.4.Final-redhat-00001.pom",
"product_id": "org.jboss.narayana.rts.restat-bridge-5.11.4.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.narayana.rts/restat-bridge@5.11.4.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.narayana.rts.restat-integration-5.11.4.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.narayana.rts.restat-integration-5.11.4.Final-redhat-00001.jar",
"product_id": "org.jboss.narayana.rts.restat-integration-5.11.4.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.narayana.rts/restat-integration@5.11.4.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.narayana.rts.restat-integration-5.11.4.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.narayana.rts.restat-integration-5.11.4.Final-redhat-00001.pom",
"product_id": "org.jboss.narayana.rts.restat-integration-5.11.4.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.narayana.rts/restat-integration@5.11.4.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.narayana.rts.restat-util-5.11.4.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.narayana.rts.restat-util-5.11.4.Final-redhat-00001.jar",
"product_id": "org.jboss.narayana.rts.restat-util-5.11.4.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.narayana.rts/restat-util@5.11.4.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.narayana.rts.restat-util-5.11.4.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.narayana.rts.restat-util-5.11.4.Final-redhat-00001.pom",
"product_id": "org.jboss.narayana.rts.restat-util-5.11.4.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.narayana.rts/restat-util@5.11.4.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.narayana.txframework.txframework-5.11.4.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.narayana.txframework.txframework-5.11.4.Final-redhat-00001.jar",
"product_id": "org.jboss.narayana.txframework.txframework-5.11.4.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.narayana.txframework/txframework@5.11.4.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.narayana.txframework.txframework-5.11.4.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.narayana.txframework.txframework-5.11.4.Final-redhat-00001.pom",
"product_id": "org.jboss.narayana.txframework.txframework-5.11.4.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.narayana.txframework/txframework@5.11.4.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.narayana.xts.bridge-5.11.4.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.narayana.xts.bridge-5.11.4.Final-redhat-00001.pom",
"product_id": "org.jboss.narayana.xts.bridge-5.11.4.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.narayana.xts/bridge@5.11.4.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.narayana.xts.jbossxts-5.11.4.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.narayana.xts.jbossxts-5.11.4.Final-redhat-00001.jar",
"product_id": "org.jboss.narayana.xts.jbossxts-5.11.4.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.narayana.xts/jbossxts@5.11.4.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.narayana.xts.jbossxts-5.11.4.Final-redhat-00001-api.jar",
"product": {
"name": "org.jboss.narayana.xts.jbossxts-5.11.4.Final-redhat-00001-api.jar",
"product_id": "org.jboss.narayana.xts.jbossxts-5.11.4.Final-redhat-00001-api.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.narayana.xts/jbossxts@5.11.4.Final-redhat-00001?classifier=api\u0026type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.narayana.xts.recovery-5.11.4.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.narayana.xts.recovery-5.11.4.Final-redhat-00001.pom",
"product_id": "org.jboss.narayana.xts.recovery-5.11.4.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.narayana.xts/recovery@5.11.4.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.narayana.xts.service-5.11.4.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.narayana.xts.service-5.11.4.Final-redhat-00001.pom",
"product_id": "org.jboss.narayana.xts.service-5.11.4.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.narayana.xts/service@5.11.4.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.narayana.xts.ws-c11-5.11.4.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.narayana.xts.ws-c11-5.11.4.Final-redhat-00001.pom",
"product_id": "org.jboss.narayana.xts.ws-c11-5.11.4.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.narayana.xts/ws-c11@5.11.4.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.narayana.xts.ws-t11-5.11.4.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.narayana.xts.ws-t11-5.11.4.Final-redhat-00001.pom",
"product_id": "org.jboss.narayana.xts.ws-t11-5.11.4.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.narayana.xts/ws-t11@5.11.4.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.narayana.xts.wsas-5.11.4.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.narayana.xts.wsas-5.11.4.Final-redhat-00001.pom",
"product_id": "org.jboss.narayana.xts.wsas-5.11.4.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.narayana.xts/wsas@5.11.4.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.narayana.xts.wscf11-5.11.4.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.narayana.xts.wscf11-5.11.4.Final-redhat-00001.pom",
"product_id": "org.jboss.narayana.xts.wscf11-5.11.4.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.narayana.xts/wscf11@5.11.4.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.narayana.xts.wstx11-5.11.4.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.narayana.xts.wstx11-5.11.4.Final-redhat-00001.pom",
"product_id": "org.jboss.narayana.xts.wstx11-5.11.4.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.narayana.xts/wstx11@5.11.4.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.narayana.common-5.11.4.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.narayana.common-5.11.4.Final-redhat-00001.pom",
"product_id": "org.jboss.narayana.common-5.11.4.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.narayana/common@5.11.4.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.narayana.jbosstxbridge-5.11.4.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.narayana.jbosstxbridge-5.11.4.Final-redhat-00001.jar",
"product_id": "org.jboss.narayana.jbosstxbridge-5.11.4.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.narayana/jbosstxbridge@5.11.4.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.narayana.jbosstxbridge-5.11.4.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.narayana.jbosstxbridge-5.11.4.Final-redhat-00001.pom",
"product_id": "org.jboss.narayana.jbosstxbridge-5.11.4.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.narayana/jbosstxbridge@5.11.4.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.slf4j.jcl-over-slf4j-1.7.30.redhat-00004.pom",
"product": {
"name": "org.slf4j.jcl-over-slf4j-1.7.30.redhat-00004.pom",
"product_id": "org.slf4j.jcl-over-slf4j-1.7.30.redhat-00004.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.slf4j/jcl-over-slf4j@1.7.30.redhat-00004?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.slf4j.slf4j-api-1.7.30.redhat-00004.pom",
"product": {
"name": "org.slf4j.slf4j-api-1.7.30.redhat-00004.pom",
"product_id": "org.slf4j.slf4j-api-1.7.30.redhat-00004.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.slf4j/slf4j-api@1.7.30.redhat-00004?type=pom"
}
}
},
{
"category": "product_version",
"name": "commons-logging.commons-logging-1.2.0.redhat-00004.pom",
"product": {
"name": "commons-logging.commons-logging-1.2.0.redhat-00004.pom",
"product_id": "commons-logging.commons-logging-1.2.0.redhat-00004.pom",
"product_identification_helper": {
"purl": "pkg:maven/commons-logging/commons-logging@1.2.0.redhat-00004?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.infinispan.infinispan-cachestore-jdbc-11.0.15.Final-redhat-00001.jar",
"product": {
"name": "org.infinispan.infinispan-cachestore-jdbc-11.0.15.Final-redhat-00001.jar",
"product_id": "org.infinispan.infinispan-cachestore-jdbc-11.0.15.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.infinispan/infinispan-cachestore-jdbc@11.0.15.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.infinispan.infinispan-cachestore-jdbc-11.0.15.Final-redhat-00001.pom",
"product": {
"name": "org.infinispan.infinispan-cachestore-jdbc-11.0.15.Final-redhat-00001.pom",
"product_id": "org.infinispan.infinispan-cachestore-jdbc-11.0.15.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.infinispan/infinispan-cachestore-jdbc@11.0.15.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.infinispan.infinispan-cachestore-remote-11.0.15.Final-redhat-00001.jar",
"product": {
"name": "org.infinispan.infinispan-cachestore-remote-11.0.15.Final-redhat-00001.jar",
"product_id": "org.infinispan.infinispan-cachestore-remote-11.0.15.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.infinispan/infinispan-cachestore-remote@11.0.15.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.infinispan.infinispan-cachestore-remote-11.0.15.Final-redhat-00001.pom",
"product": {
"name": "org.infinispan.infinispan-cachestore-remote-11.0.15.Final-redhat-00001.pom",
"product_id": "org.infinispan.infinispan-cachestore-remote-11.0.15.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.infinispan/infinispan-cachestore-remote@11.0.15.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.infinispan.infinispan-client-hotrod-11.0.15.Final-redhat-00001.jar",
"product": {
"name": "org.infinispan.infinispan-client-hotrod-11.0.15.Final-redhat-00001.jar",
"product_id": "org.infinispan.infinispan-client-hotrod-11.0.15.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.infinispan/infinispan-client-hotrod@11.0.15.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.infinispan.infinispan-client-hotrod-11.0.15.Final-redhat-00001.pom",
"product": {
"name": "org.infinispan.infinispan-client-hotrod-11.0.15.Final-redhat-00001.pom",
"product_id": "org.infinispan.infinispan-client-hotrod-11.0.15.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.infinispan/infinispan-client-hotrod@11.0.15.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.infinispan.infinispan-commons-11.0.15.Final-redhat-00001.jar",
"product": {
"name": "org.infinispan.infinispan-commons-11.0.15.Final-redhat-00001.jar",
"product_id": "org.infinispan.infinispan-commons-11.0.15.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.infinispan/infinispan-commons@11.0.15.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.infinispan.infinispan-commons-11.0.15.Final-redhat-00001.pom",
"product": {
"name": "org.infinispan.infinispan-commons-11.0.15.Final-redhat-00001.pom",
"product_id": "org.infinispan.infinispan-commons-11.0.15.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.infinispan/infinispan-commons@11.0.15.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.infinispan.infinispan-component-annotations-11.0.15.Final-redhat-00001.jar",
"product": {
"name": "org.infinispan.infinispan-component-annotations-11.0.15.Final-redhat-00001.jar",
"product_id": "org.infinispan.infinispan-component-annotations-11.0.15.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.infinispan/infinispan-component-annotations@11.0.15.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.infinispan.infinispan-component-annotations-11.0.15.Final-redhat-00001.pom",
"product": {
"name": "org.infinispan.infinispan-component-annotations-11.0.15.Final-redhat-00001.pom",
"product_id": "org.infinispan.infinispan-component-annotations-11.0.15.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.infinispan/infinispan-component-annotations@11.0.15.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.infinispan.infinispan-core-11.0.15.Final-redhat-00001.jar",
"product": {
"name": "org.infinispan.infinispan-core-11.0.15.Final-redhat-00001.jar",
"product_id": "org.infinispan.infinispan-core-11.0.15.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.infinispan/infinispan-core@11.0.15.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.infinispan.infinispan-core-11.0.15.Final-redhat-00001.pom",
"product": {
"name": "org.infinispan.infinispan-core-11.0.15.Final-redhat-00001.pom",
"product_id": "org.infinispan.infinispan-core-11.0.15.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.infinispan/infinispan-core@11.0.15.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.infinispan.infinispan-hibernate-cache-commons-11.0.15.Final-redhat-00001.jar",
"product": {
"name": "org.infinispan.infinispan-hibernate-cache-commons-11.0.15.Final-redhat-00001.jar",
"product_id": "org.infinispan.infinispan-hibernate-cache-commons-11.0.15.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.infinispan/infinispan-hibernate-cache-commons@11.0.15.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.infinispan.infinispan-hibernate-cache-commons-11.0.15.Final-redhat-00001.pom",
"product": {
"name": "org.infinispan.infinispan-hibernate-cache-commons-11.0.15.Final-redhat-00001.pom",
"product_id": "org.infinispan.infinispan-hibernate-cache-commons-11.0.15.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.infinispan/infinispan-hibernate-cache-commons@11.0.15.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.infinispan.infinispan-hibernate-cache-spi-11.0.15.Final-redhat-00001.jar",
"product": {
"name": "org.infinispan.infinispan-hibernate-cache-spi-11.0.15.Final-redhat-00001.jar",
"product_id": "org.infinispan.infinispan-hibernate-cache-spi-11.0.15.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.infinispan/infinispan-hibernate-cache-spi@11.0.15.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.infinispan.infinispan-hibernate-cache-spi-11.0.15.Final-redhat-00001.pom",
"product": {
"name": "org.infinispan.infinispan-hibernate-cache-spi-11.0.15.Final-redhat-00001.pom",
"product_id": "org.infinispan.infinispan-hibernate-cache-spi-11.0.15.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.infinispan/infinispan-hibernate-cache-spi@11.0.15.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.infinispan.infinispan-hibernate-cache-v51-11.0.15.Final-redhat-00001.jar",
"product": {
"name": "org.infinispan.infinispan-hibernate-cache-v51-11.0.15.Final-redhat-00001.jar",
"product_id": "org.infinispan.infinispan-hibernate-cache-v51-11.0.15.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.infinispan/infinispan-hibernate-cache-v51@11.0.15.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.infinispan.infinispan-hibernate-cache-v51-11.0.15.Final-redhat-00001.pom",
"product": {
"name": "org.infinispan.infinispan-hibernate-cache-v51-11.0.15.Final-redhat-00001.pom",
"product_id": "org.infinispan.infinispan-hibernate-cache-v51-11.0.15.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.infinispan/infinispan-hibernate-cache-v51@11.0.15.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.infinispan.infinispan-hibernate-cache-v53-11.0.15.Final-redhat-00001.jar",
"product": {
"name": "org.infinispan.infinispan-hibernate-cache-v53-11.0.15.Final-redhat-00001.jar",
"product_id": "org.infinispan.infinispan-hibernate-cache-v53-11.0.15.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.infinispan/infinispan-hibernate-cache-v53@11.0.15.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.infinispan.infinispan-hibernate-cache-v53-11.0.15.Final-redhat-00001.pom",
"product": {
"name": "org.infinispan.infinispan-hibernate-cache-v53-11.0.15.Final-redhat-00001.pom",
"product_id": "org.infinispan.infinispan-hibernate-cache-v53-11.0.15.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.infinispan/infinispan-hibernate-cache-v53@11.0.15.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.ow2.asm.asm-util-9.1.0.redhat-00002.jar",
"product": {
"name": "org.ow2.asm.asm-util-9.1.0.redhat-00002.jar",
"product_id": "org.ow2.asm.asm-util-9.1.0.redhat-00002.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.ow2.asm/asm-util@9.1.0.redhat-00002?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.ow2.asm.asm-9.1.0.redhat-00002.jar",
"product": {
"name": "org.ow2.asm.asm-9.1.0.redhat-00002.jar",
"product_id": "org.ow2.asm.asm-9.1.0.redhat-00002.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.ow2.asm/asm@9.1.0.redhat-00002?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.hibernate.validator.hibernate-validator-cdi-6.0.23.Final-redhat-00001.jar",
"product": {
"name": "org.hibernate.validator.hibernate-validator-cdi-6.0.23.Final-redhat-00001.jar",
"product_id": "org.hibernate.validator.hibernate-validator-cdi-6.0.23.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.hibernate.validator/hibernate-validator-cdi@6.0.23.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.hibernate.validator.hibernate-validator-6.0.23.Final-redhat-00001.pom",
"product": {
"name": "org.hibernate.validator.hibernate-validator-6.0.23.Final-redhat-00001.pom",
"product_id": "org.hibernate.validator.hibernate-validator-6.0.23.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.hibernate.validator/hibernate-validator@6.0.23.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.hibernate.validator.hibernate-validator-cdi-6.0.23.Final-redhat-00001.pom",
"product": {
"name": "org.hibernate.validator.hibernate-validator-cdi-6.0.23.Final-redhat-00001.pom",
"product_id": "org.hibernate.validator.hibernate-validator-cdi-6.0.23.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.hibernate.validator/hibernate-validator-cdi@6.0.23.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.hibernate.validator.hibernate-validator-6.0.23.Final-redhat-00001.jar",
"product": {
"name": "org.hibernate.validator.hibernate-validator-6.0.23.Final-redhat-00001.jar",
"product_id": "org.hibernate.validator.hibernate-validator-6.0.23.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.hibernate.validator/hibernate-validator@6.0.23.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.jandex-2.4.2.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.jandex-2.4.2.Final-redhat-00001.pom",
"product_id": "org.jboss.jandex-2.4.2.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss/jandex@2.4.2.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.jandex-2.4.2.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.jandex-2.4.2.Final-redhat-00001.jar",
"product_id": "org.jboss.jandex-2.4.2.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss/jandex@2.4.2.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "com.h2database.h2-1.4.197.redhat-00004.pom",
"product": {
"name": "com.h2database.h2-1.4.197.redhat-00004.pom",
"product_id": "com.h2database.h2-1.4.197.redhat-00004.pom",
"product_identification_helper": {
"purl": "pkg:maven/com.h2database/h2@1.4.197.redhat-00004?type=pom"
}
}
},
{
"category": "product_version",
"name": "com.h2database.h2-1.4.197.redhat-00004.jar",
"product": {
"name": "com.h2database.h2-1.4.197.redhat-00004.jar",
"product_id": "com.h2database.h2-1.4.197.redhat-00004.jar",
"product_identification_helper": {
"purl": "pkg:maven/com.h2database/h2@1.4.197.redhat-00004?type=jar"
}
}
},
{
"category": "product_version",
"name": "com.h2database.h2-1.4.197.redhat-00004.zip",
"product": {
"name": "com.h2database.h2-1.4.197.redhat-00004.zip",
"product_id": "com.h2database.h2-1.4.197.redhat-00004.zip",
"product_identification_helper": {
"purl": "pkg:maven/com.h2database/h2@1.4.197.redhat-00004?type=zip"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.transaction.wildfly-transaction-client-1.1.15.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.transaction.wildfly-transaction-client-1.1.15.Final-redhat-00001.jar",
"product_id": "org.wildfly.transaction.wildfly-transaction-client-1.1.15.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.transaction/wildfly-transaction-client@1.1.15.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.transaction.wildfly-transaction-client-1.1.15.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.transaction.wildfly-transaction-client-1.1.15.Final-redhat-00001.pom",
"product_id": "org.wildfly.transaction.wildfly-transaction-client-1.1.15.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.transaction/wildfly-transaction-client@1.1.15.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "xerces.xercesImpl-2.12.0.SP04-redhat-00001.pom",
"product": {
"name": "xerces.xercesImpl-2.12.0.SP04-redhat-00001.pom",
"product_id": "xerces.xercesImpl-2.12.0.SP04-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/xerces/xercesImpl@2.12.0.SP04-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "xerces.xercesImpl-2.12.0.SP04-redhat-00001.jar",
"product": {
"name": "xerces.xercesImpl-2.12.0.SP04-redhat-00001.jar",
"product_id": "xerces.xercesImpl-2.12.0.SP04-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/xerces/xercesImpl@2.12.0.SP04-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.xnio.xnio-nio-3.8.7.SP1-redhat-00001.pom",
"product": {
"name": "org.jboss.xnio.xnio-nio-3.8.7.SP1-redhat-00001.pom",
"product_id": "org.jboss.xnio.xnio-nio-3.8.7.SP1-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.xnio/xnio-nio@3.8.7.SP1-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.xnio.xnio-api-3.8.7.SP1-redhat-00001.jar",
"product": {
"name": "org.jboss.xnio.xnio-api-3.8.7.SP1-redhat-00001.jar",
"product_id": "org.jboss.xnio.xnio-api-3.8.7.SP1-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.xnio/xnio-api@3.8.7.SP1-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.xnio.xnio-api-3.8.7.SP1-redhat-00001.pom",
"product": {
"name": "org.jboss.xnio.xnio-api-3.8.7.SP1-redhat-00001.pom",
"product_id": "org.jboss.xnio.xnio-api-3.8.7.SP1-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.xnio/xnio-api@3.8.7.SP1-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.xnio.xnio-nio-3.8.7.SP1-redhat-00001.jar",
"product": {
"name": "org.jboss.xnio.xnio-nio-3.8.7.SP1-redhat-00001.jar",
"product_id": "org.jboss.xnio.xnio-nio-3.8.7.SP1-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.xnio/xnio-nio@3.8.7.SP1-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jberet.jberet-core-1.3.9.SP2-redhat-00001.pom",
"product": {
"name": "org.jberet.jberet-core-1.3.9.SP2-redhat-00001.pom",
"product_id": "org.jberet.jberet-core-1.3.9.SP2-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jberet/jberet-core@1.3.9.SP2-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jberet.jberet-core-1.3.9.SP2-redhat-00001.jar",
"product": {
"name": "org.jberet.jberet-core-1.3.9.SP2-redhat-00001.jar",
"product_id": "org.jberet.jberet-core-1.3.9.SP2-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jberet/jberet-core@1.3.9.SP2-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.cxf.cxf-rt-ws-security-3.3.13.redhat-00001.jar",
"product": {
"name": "org.apache.cxf.cxf-rt-ws-security-3.3.13.redhat-00001.jar",
"product_id": "org.apache.cxf.cxf-rt-ws-security-3.3.13.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.3.13.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.cxf.cxf-tools-common-3.3.13.redhat-00001.pom",
"product": {
"name": "org.apache.cxf.cxf-tools-common-3.3.13.redhat-00001.pom",
"product_id": "org.apache.cxf.cxf-tools-common-3.3.13.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.cxf/cxf-tools-common@3.3.13.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.cxf.cxf-rt-features-clustering-3.3.13.redhat-00001.jar",
"product": {
"name": "org.apache.cxf.cxf-rt-features-clustering-3.3.13.redhat-00001.jar",
"product_id": "org.apache.cxf.cxf-rt-features-clustering-3.3.13.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.3.13.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.cxf.cxf-rt-transports-local-3.3.13.redhat-00001.jar",
"product": {
"name": "org.apache.cxf.cxf-rt-transports-local-3.3.13.redhat-00001.jar",
"product_id": "org.apache.cxf.cxf-rt-transports-local-3.3.13.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.cxf/cxf-rt-transports-local@3.3.13.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.cxf.cxf-rt-transports-http-hc-3.3.13.redhat-00001.pom",
"product": {
"name": "org.apache.cxf.cxf-rt-transports-http-hc-3.3.13.redhat-00001.pom",
"product_id": "org.apache.cxf.cxf-rt-transports-http-hc-3.3.13.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.3.13.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.cxf.cxf-rt-ws-policy-3.3.13.redhat-00001.jar",
"product": {
"name": "org.apache.cxf.cxf-rt-ws-policy-3.3.13.redhat-00001.jar",
"product_id": "org.apache.cxf.cxf-rt-ws-policy-3.3.13.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.3.13.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.cxf.cxf-tools-validator-3.3.13.redhat-00001.jar",
"product": {
"name": "org.apache.cxf.cxf-tools-validator-3.3.13.redhat-00001.jar",
"product_id": "org.apache.cxf.cxf-tools-validator-3.3.13.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.cxf/cxf-tools-validator@3.3.13.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.cxf.cxf-tools-wsdlto-core-3.3.13.redhat-00001.jar",
"product": {
"name": "org.apache.cxf.cxf-tools-wsdlto-core-3.3.13.redhat-00001.jar",
"product_id": "org.apache.cxf.cxf-tools-wsdlto-core-3.3.13.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-core@3.3.13.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.cxf.cxf-rt-bindings-xml-3.3.13.redhat-00001.pom",
"product": {
"name": "org.apache.cxf.cxf-rt-bindings-xml-3.3.13.redhat-00001.pom",
"product_id": "org.apache.cxf.cxf-rt-bindings-xml-3.3.13.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.3.13.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.cxf.cxf-rt-databinding-jaxb-3.3.13.redhat-00001.pom",
"product": {
"name": "org.apache.cxf.cxf-rt-databinding-jaxb-3.3.13.redhat-00001.pom",
"product_id": "org.apache.cxf.cxf-rt-databinding-jaxb-3.3.13.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.cxf/cxf-rt-databinding-jaxb@3.3.13.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.cxf.cxf-rt-ws-rm-3.3.13.redhat-00001.jar",
"product": {
"name": "org.apache.cxf.cxf-rt-ws-rm-3.3.13.redhat-00001.jar",
"product_id": "org.apache.cxf.cxf-rt-ws-rm-3.3.13.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.cxf/cxf-rt-ws-rm@3.3.13.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.cxf.cxf-rt-bindings-soap-3.3.13.redhat-00001.jar",
"product": {
"name": "org.apache.cxf.cxf-rt-bindings-soap-3.3.13.redhat-00001.jar",
"product_id": "org.apache.cxf.cxf-rt-bindings-soap-3.3.13.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.cxf/cxf-rt-bindings-soap@3.3.13.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.cxf.cxf-rt-bindings-coloc-3.3.13.redhat-00001.jar",
"product": {
"name": "org.apache.cxf.cxf-rt-bindings-coloc-3.3.13.redhat-00001.jar",
"product_id": "org.apache.cxf.cxf-rt-bindings-coloc-3.3.13.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.cxf/cxf-rt-bindings-coloc@3.3.13.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.cxf.cxf-core-3.3.13.redhat-00001.pom",
"product": {
"name": "org.apache.cxf.cxf-core-3.3.13.redhat-00001.pom",
"product_id": "org.apache.cxf.cxf-core-3.3.13.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.cxf/cxf-core@3.3.13.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.cxf.cxf-rt-management-3.3.13.redhat-00001.pom",
"product": {
"name": "org.apache.cxf.cxf-rt-management-3.3.13.redhat-00001.pom",
"product_id": "org.apache.cxf.cxf-rt-management-3.3.13.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.cxf/cxf-rt-management@3.3.13.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.cxf.cxf-rt-ws-mex-3.3.13.redhat-00001.jar",
"product": {
"name": "org.apache.cxf.cxf-rt-ws-mex-3.3.13.redhat-00001.jar",
"product_id": "org.apache.cxf.cxf-rt-ws-mex-3.3.13.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.cxf/cxf-rt-ws-mex@3.3.13.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.cxf.cxf-tools-java2ws-3.3.13.redhat-00001.jar",
"product": {
"name": "org.apache.cxf.cxf-tools-java2ws-3.3.13.redhat-00001.jar",
"product_id": "org.apache.cxf.cxf-tools-java2ws-3.3.13.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.3.13.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.cxf.cxf-rt-transports-http-3.3.13.redhat-00001.jar",
"product": {
"name": "org.apache.cxf.cxf-rt-transports-http-3.3.13.redhat-00001.jar",
"product_id": "org.apache.cxf.cxf-rt-transports-http-3.3.13.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.3.13.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.cxf.cxf-rt-bindings-soap-3.3.13.redhat-00001.pom",
"product": {
"name": "org.apache.cxf.cxf-rt-bindings-soap-3.3.13.redhat-00001.pom",
"product_id": "org.apache.cxf.cxf-rt-bindings-soap-3.3.13.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.cxf/cxf-rt-bindings-soap@3.3.13.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.cxf.cxf-rt-management-3.3.13.redhat-00001.jar",
"product": {
"name": "org.apache.cxf.cxf-rt-management-3.3.13.redhat-00001.jar",
"product_id": "org.apache.cxf.cxf-rt-management-3.3.13.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.cxf/cxf-rt-management@3.3.13.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.cxf.services.sts.cxf-services-sts-core-3.3.13.redhat-00001.pom",
"product": {
"name": "org.apache.cxf.services.sts.cxf-services-sts-core-3.3.13.redhat-00001.pom",
"product_id": "org.apache.cxf.services.sts.cxf-services-sts-core-3.3.13.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.cxf.services.sts/cxf-services-sts-core@3.3.13.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.cxf.cxf-rt-ws-addr-3.3.13.redhat-00001.pom",
"product": {
"name": "org.apache.cxf.cxf-rt-ws-addr-3.3.13.redhat-00001.pom",
"product_id": "org.apache.cxf.cxf-rt-ws-addr-3.3.13.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.cxf/cxf-rt-ws-addr@3.3.13.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.cxf.cxf-rt-databinding-aegis-3.3.13.redhat-00001.pom",
"product": {
"name": "org.apache.cxf.cxf-rt-databinding-aegis-3.3.13.redhat-00001.pom",
"product_id": "org.apache.cxf.cxf-rt-databinding-aegis-3.3.13.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.cxf/cxf-rt-databinding-aegis@3.3.13.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.cxf.cxf-rt-transports-jms-3.3.13.redhat-00001.pom",
"product": {
"name": "org.apache.cxf.cxf-rt-transports-jms-3.3.13.redhat-00001.pom",
"product_id": "org.apache.cxf.cxf-rt-transports-jms-3.3.13.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.cxf/cxf-rt-transports-jms@3.3.13.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.cxf.cxf-rt-wsdl-3.3.13.redhat-00001.pom",
"product": {
"name": "org.apache.cxf.cxf-rt-wsdl-3.3.13.redhat-00001.pom",
"product_id": "org.apache.cxf.cxf-rt-wsdl-3.3.13.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.cxf/cxf-rt-wsdl@3.3.13.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.cxf.cxf-rt-frontend-jaxws-3.3.13.redhat-00001.pom",
"product": {
"name": "org.apache.cxf.cxf-rt-frontend-jaxws-3.3.13.redhat-00001.pom",
"product_id": "org.apache.cxf.cxf-rt-frontend-jaxws-3.3.13.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxws@3.3.13.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.cxf.cxf-rt-security-3.3.13.redhat-00001.jar",
"product": {
"name": "org.apache.cxf.cxf-rt-security-3.3.13.redhat-00001.jar",
"product_id": "org.apache.cxf.cxf-rt-security-3.3.13.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.cxf/cxf-rt-security@3.3.13.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.cxf.cxf-rt-frontend-simple-3.3.13.redhat-00001.pom",
"product": {
"name": "org.apache.cxf.cxf-rt-frontend-simple-3.3.13.redhat-00001.pom",
"product_id": "org.apache.cxf.cxf-rt-frontend-simple-3.3.13.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.cxf/cxf-rt-frontend-simple@3.3.13.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.cxf.cxf-rt-features-logging-3.3.13.redhat-00001.jar",
"product": {
"name": "org.apache.cxf.cxf-rt-features-logging-3.3.13.redhat-00001.jar",
"product_id": "org.apache.cxf.cxf-rt-features-logging-3.3.13.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.3.13.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.cxf.cxf-tools-wsdlto-frontend-jaxws-3.3.13.redhat-00001.pom",
"product": {
"name": "org.apache.cxf.cxf-tools-wsdlto-frontend-jaxws-3.3.13.redhat-00001.pom",
"product_id": "org.apache.cxf.cxf-tools-wsdlto-frontend-jaxws-3.3.13.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-frontend-jaxws@3.3.13.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.cxf.services.ws-discovery.cxf-services-ws-discovery-api-3.3.13.redhat-00001.pom",
"product": {
"name": "org.apache.cxf.services.ws-discovery.cxf-services-ws-discovery-api-3.3.13.redhat-00001.pom",
"product_id": "org.apache.cxf.services.ws-discovery.cxf-services-ws-discovery-api-3.3.13.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-api@3.3.13.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.cxf.cxf-rt-security-saml-3.3.13.redhat-00001.jar",
"product": {
"name": "org.apache.cxf.cxf-rt-security-saml-3.3.13.redhat-00001.jar",
"product_id": "org.apache.cxf.cxf-rt-security-saml-3.3.13.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.3.13.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.cxf.cxf-tools-wsdlto-databinding-jaxb-3.3.13.redhat-00001.pom",
"product": {
"name": "org.apache.cxf.cxf-tools-wsdlto-databinding-jaxb-3.3.13.redhat-00001.pom",
"product_id": "org.apache.cxf.cxf-tools-wsdlto-databinding-jaxb-3.3.13.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.3.13.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.cxf.cxf-tools-wsdlto-core-3.3.13.redhat-00001.pom",
"product": {
"name": "org.apache.cxf.cxf-tools-wsdlto-core-3.3.13.redhat-00001.pom",
"product_id": "org.apache.cxf.cxf-tools-wsdlto-core-3.3.13.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-core@3.3.13.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.cxf.cxf-rt-features-clustering-3.3.13.redhat-00001.pom",
"product": {
"name": "org.apache.cxf.cxf-rt-features-clustering-3.3.13.redhat-00001.pom",
"product_id": "org.apache.cxf.cxf-rt-features-clustering-3.3.13.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.3.13.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.cxf.cxf-rt-transports-local-3.3.13.redhat-00001.pom",
"product": {
"name": "org.apache.cxf.cxf-rt-transports-local-3.3.13.redhat-00001.pom",
"product_id": "org.apache.cxf.cxf-rt-transports-local-3.3.13.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.cxf/cxf-rt-transports-local@3.3.13.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.cxf.cxf-tools-common-3.3.13.redhat-00001.jar",
"product": {
"name": "org.apache.cxf.cxf-tools-common-3.3.13.redhat-00001.jar",
"product_id": "org.apache.cxf.cxf-tools-common-3.3.13.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.cxf/cxf-tools-common@3.3.13.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.cxf.cxf-rt-ws-policy-3.3.13.redhat-00001.pom",
"product": {
"name": "org.apache.cxf.cxf-rt-ws-policy-3.3.13.redhat-00001.pom",
"product_id": "org.apache.cxf.cxf-rt-ws-policy-3.3.13.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.cxf/cxf-rt-ws-policy@3.3.13.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.cxf.cxf-rt-databinding-jaxb-3.3.13.redhat-00001.jar",
"product": {
"name": "org.apache.cxf.cxf-rt-databinding-jaxb-3.3.13.redhat-00001.jar",
"product_id": "org.apache.cxf.cxf-rt-databinding-jaxb-3.3.13.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.cxf/cxf-rt-databinding-jaxb@3.3.13.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.cxf.cxf-rt-bindings-coloc-3.3.13.redhat-00001.pom",
"product": {
"name": "org.apache.cxf.cxf-rt-bindings-coloc-3.3.13.redhat-00001.pom",
"product_id": "org.apache.cxf.cxf-rt-bindings-coloc-3.3.13.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.cxf/cxf-rt-bindings-coloc@3.3.13.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.cxf.cxf-tools-validator-3.3.13.redhat-00001.pom",
"product": {
"name": "org.apache.cxf.cxf-tools-validator-3.3.13.redhat-00001.pom",
"product_id": "org.apache.cxf.cxf-tools-validator-3.3.13.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.cxf/cxf-tools-validator@3.3.13.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.cxf.cxf-rt-frontend-jaxws-3.3.13.redhat-00001.jar",
"product": {
"name": "org.apache.cxf.cxf-rt-frontend-jaxws-3.3.13.redhat-00001.jar",
"product_id": "org.apache.cxf.cxf-rt-frontend-jaxws-3.3.13.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.cxf/cxf-rt-frontend-jaxws@3.3.13.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.cxf.services.sts.cxf-services-sts-core-3.3.13.redhat-00001.jar",
"product": {
"name": "org.apache.cxf.services.sts.cxf-services-sts-core-3.3.13.redhat-00001.jar",
"product_id": "org.apache.cxf.services.sts.cxf-services-sts-core-3.3.13.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.cxf.services.sts/cxf-services-sts-core@3.3.13.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.cxf.cxf-rt-ws-rm-3.3.13.redhat-00001.pom",
"product": {
"name": "org.apache.cxf.cxf-rt-ws-rm-3.3.13.redhat-00001.pom",
"product_id": "org.apache.cxf.cxf-rt-ws-rm-3.3.13.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.cxf/cxf-rt-ws-rm@3.3.13.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.cxf.cxf-tools-java2ws-3.3.13.redhat-00001.pom",
"product": {
"name": "org.apache.cxf.cxf-tools-java2ws-3.3.13.redhat-00001.pom",
"product_id": "org.apache.cxf.cxf-tools-java2ws-3.3.13.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.cxf/cxf-tools-java2ws@3.3.13.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.cxf.cxf-rt-transports-http-3.3.13.redhat-00001.pom",
"product": {
"name": "org.apache.cxf.cxf-rt-transports-http-3.3.13.redhat-00001.pom",
"product_id": "org.apache.cxf.cxf-rt-transports-http-3.3.13.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.3.13.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.cxf.cxf-rt-ws-mex-3.3.13.redhat-00001.pom",
"product": {
"name": "org.apache.cxf.cxf-rt-ws-mex-3.3.13.redhat-00001.pom",
"product_id": "org.apache.cxf.cxf-rt-ws-mex-3.3.13.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.cxf/cxf-rt-ws-mex@3.3.13.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.cxf.cxf-rt-wsdl-3.3.13.redhat-00001.jar",
"product": {
"name": "org.apache.cxf.cxf-rt-wsdl-3.3.13.redhat-00001.jar",
"product_id": "org.apache.cxf.cxf-rt-wsdl-3.3.13.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.cxf/cxf-rt-wsdl@3.3.13.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.cxf.cxf-rt-security-saml-3.3.13.redhat-00001.pom",
"product": {
"name": "org.apache.cxf.cxf-rt-security-saml-3.3.13.redhat-00001.pom",
"product_id": "org.apache.cxf.cxf-rt-security-saml-3.3.13.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.cxf/cxf-rt-security-saml@3.3.13.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.cxf.cxf-core-3.3.13.redhat-00001.jar",
"product": {
"name": "org.apache.cxf.cxf-core-3.3.13.redhat-00001.jar",
"product_id": "org.apache.cxf.cxf-core-3.3.13.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.cxf/cxf-core@3.3.13.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.cxf.cxf-rt-databinding-aegis-3.3.13.redhat-00001.jar",
"product": {
"name": "org.apache.cxf.cxf-rt-databinding-aegis-3.3.13.redhat-00001.jar",
"product_id": "org.apache.cxf.cxf-rt-databinding-aegis-3.3.13.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.cxf/cxf-rt-databinding-aegis@3.3.13.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.cxf.cxf-rt-features-logging-3.3.13.redhat-00001.pom",
"product": {
"name": "org.apache.cxf.cxf-rt-features-logging-3.3.13.redhat-00001.pom",
"product_id": "org.apache.cxf.cxf-rt-features-logging-3.3.13.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.cxf/cxf-rt-features-logging@3.3.13.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.cxf.cxf-rt-ws-addr-3.3.13.redhat-00001.jar",
"product": {
"name": "org.apache.cxf.cxf-rt-ws-addr-3.3.13.redhat-00001.jar",
"product_id": "org.apache.cxf.cxf-rt-ws-addr-3.3.13.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.cxf/cxf-rt-ws-addr@3.3.13.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.cxf.cxf-rt-security-3.3.13.redhat-00001.pom",
"product": {
"name": "org.apache.cxf.cxf-rt-security-3.3.13.redhat-00001.pom",
"product_id": "org.apache.cxf.cxf-rt-security-3.3.13.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.cxf/cxf-rt-security@3.3.13.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.cxf.cxf-rt-bindings-xml-3.3.13.redhat-00001.jar",
"product": {
"name": "org.apache.cxf.cxf-rt-bindings-xml-3.3.13.redhat-00001.jar",
"product_id": "org.apache.cxf.cxf-rt-bindings-xml-3.3.13.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.3.13.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.cxf.cxf-rt-transports-jms-3.3.13.redhat-00001.jar",
"product": {
"name": "org.apache.cxf.cxf-rt-transports-jms-3.3.13.redhat-00001.jar",
"product_id": "org.apache.cxf.cxf-rt-transports-jms-3.3.13.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.cxf/cxf-rt-transports-jms@3.3.13.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.cxf.cxf-rt-transports-http-hc-3.3.13.redhat-00001.jar",
"product": {
"name": "org.apache.cxf.cxf-rt-transports-http-hc-3.3.13.redhat-00001.jar",
"product_id": "org.apache.cxf.cxf-rt-transports-http-hc-3.3.13.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.3.13.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.cxf.cxf-rt-frontend-simple-3.3.13.redhat-00001.jar",
"product": {
"name": "org.apache.cxf.cxf-rt-frontend-simple-3.3.13.redhat-00001.jar",
"product_id": "org.apache.cxf.cxf-rt-frontend-simple-3.3.13.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.cxf/cxf-rt-frontend-simple@3.3.13.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.cxf.cxf-rt-ws-security-3.3.13.redhat-00001.pom",
"product": {
"name": "org.apache.cxf.cxf-rt-ws-security-3.3.13.redhat-00001.pom",
"product_id": "org.apache.cxf.cxf-rt-ws-security-3.3.13.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.cxf/cxf-rt-ws-security@3.3.13.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.cxf.cxf-tools-wsdlto-frontend-jaxws-3.3.13.redhat-00001.jar",
"product": {
"name": "org.apache.cxf.cxf-tools-wsdlto-frontend-jaxws-3.3.13.redhat-00001.jar",
"product_id": "org.apache.cxf.cxf-tools-wsdlto-frontend-jaxws-3.3.13.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-frontend-jaxws@3.3.13.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.cxf.cxf-tools-wsdlto-databinding-jaxb-3.3.13.redhat-00001.jar",
"product": {
"name": "org.apache.cxf.cxf-tools-wsdlto-databinding-jaxb-3.3.13.redhat-00001.jar",
"product_id": "org.apache.cxf.cxf-tools-wsdlto-databinding-jaxb-3.3.13.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.cxf/cxf-tools-wsdlto-databinding-jaxb@3.3.13.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.cxf.services.ws-discovery.cxf-services-ws-discovery-api-3.3.13.redhat-00001.jar",
"product": {
"name": "org.apache.cxf.services.ws-discovery.cxf-services-ws-discovery-api-3.3.13.redhat-00001.jar",
"product_id": "org.apache.cxf.services.ws-discovery.cxf-services-ws-discovery-api-3.3.13.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-api@3.3.13.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "io.netty.netty-tcnative-classes-2.0.52.Final-redhat-00001.jar",
"product": {
"name": "io.netty.netty-tcnative-classes-2.0.52.Final-redhat-00001.jar",
"product_id": "io.netty.netty-tcnative-classes-2.0.52.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/io.netty/netty-tcnative-classes@2.0.52.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "io.netty.netty-tcnative-classes-2.0.52.Final-redhat-00001.pom",
"product": {
"name": "io.netty.netty-tcnative-classes-2.0.52.Final-redhat-00001.pom",
"product_id": "io.netty.netty-tcnative-classes-2.0.52.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/io.netty/netty-tcnative-classes@2.0.52.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "io.netty.netty-codec-http-4.1.77.Final-redhat-00001.pom",
"product": {
"name": "io.netty.netty-codec-http-4.1.77.Final-redhat-00001.pom",
"product_id": "io.netty.netty-codec-http-4.1.77.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/io.netty/netty-codec-http@4.1.77.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "io.netty.netty-transport-udt-4.1.77.Final-redhat-00001.jar",
"product": {
"name": "io.netty.netty-transport-udt-4.1.77.Final-redhat-00001.jar",
"product_id": "io.netty.netty-transport-udt-4.1.77.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/io.netty/netty-transport-udt@4.1.77.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "io.netty.netty-transport-rxtx-4.1.77.Final-redhat-00001.jar",
"product": {
"name": "io.netty.netty-transport-rxtx-4.1.77.Final-redhat-00001.jar",
"product_id": "io.netty.netty-transport-rxtx-4.1.77.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/io.netty/netty-transport-rxtx@4.1.77.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "io.netty.netty-codec-dns-4.1.77.Final-redhat-00001.pom",
"product": {
"name": "io.netty.netty-codec-dns-4.1.77.Final-redhat-00001.pom",
"product_id": "io.netty.netty-codec-dns-4.1.77.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/io.netty/netty-codec-dns@4.1.77.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "io.netty.netty-transport-native-epoll-4.1.77.Final-redhat-00001.pom",
"product": {
"name": "io.netty.netty-transport-native-epoll-4.1.77.Final-redhat-00001.pom",
"product_id": "io.netty.netty-transport-native-epoll-4.1.77.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/io.netty/netty-transport-native-epoll@4.1.77.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "io.netty.netty-handler-proxy-4.1.77.Final-redhat-00001.jar",
"product": {
"name": "io.netty.netty-handler-proxy-4.1.77.Final-redhat-00001.jar",
"product_id": "io.netty.netty-handler-proxy-4.1.77.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/io.netty/netty-handler-proxy@4.1.77.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "io.netty.netty-codec-smtp-4.1.77.Final-redhat-00001.pom",
"product": {
"name": "io.netty.netty-codec-smtp-4.1.77.Final-redhat-00001.pom",
"product_id": "io.netty.netty-codec-smtp-4.1.77.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/io.netty/netty-codec-smtp@4.1.77.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "io.netty.netty-handler-proxy-4.1.77.Final-redhat-00001.pom",
"product": {
"name": "io.netty.netty-handler-proxy-4.1.77.Final-redhat-00001.pom",
"product_id": "io.netty.netty-handler-proxy-4.1.77.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/io.netty/netty-handler-proxy@4.1.77.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "io.netty.netty-transport-classes-epoll-4.1.77.Final-redhat-00001.pom",
"product": {
"name": "io.netty.netty-transport-classes-epoll-4.1.77.Final-redhat-00001.pom",
"product_id": "io.netty.netty-transport-classes-epoll-4.1.77.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/io.netty/netty-transport-classes-epoll@4.1.77.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "io.netty.netty-transport-4.1.77.Final-redhat-00001.pom",
"product": {
"name": "io.netty.netty-transport-4.1.77.Final-redhat-00001.pom",
"product_id": "io.netty.netty-transport-4.1.77.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/io.netty/netty-transport@4.1.77.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "io.netty.netty-transport-native-unix-common-4.1.77.Final-redhat-00001.jar",
"product": {
"name": "io.netty.netty-transport-native-unix-common-4.1.77.Final-redhat-00001.jar",
"product_id": "io.netty.netty-transport-native-unix-common-4.1.77.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/io.netty/netty-transport-native-unix-common@4.1.77.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "io.netty.netty-codec-http2-4.1.77.Final-redhat-00001.pom",
"product": {
"name": "io.netty.netty-codec-http2-4.1.77.Final-redhat-00001.pom",
"product_id": "io.netty.netty-codec-http2-4.1.77.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/io.netty/netty-codec-http2@4.1.77.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "io.netty.netty-transport-4.1.77.Final-redhat-00001.jar",
"product": {
"name": "io.netty.netty-transport-4.1.77.Final-redhat-00001.jar",
"product_id": "io.netty.netty-transport-4.1.77.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/io.netty/netty-transport@4.1.77.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "io.netty.netty-transport-classes-kqueue-4.1.77.Final-redhat-00001.jar",
"product": {
"name": "io.netty.netty-transport-classes-kqueue-4.1.77.Final-redhat-00001.jar",
"product_id": "io.netty.netty-transport-classes-kqueue-4.1.77.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/io.netty/netty-transport-classes-kqueue@4.1.77.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "io.netty.netty-transport-rxtx-4.1.77.Final-redhat-00001.pom",
"product": {
"name": "io.netty.netty-transport-rxtx-4.1.77.Final-redhat-00001.pom",
"product_id": "io.netty.netty-transport-rxtx-4.1.77.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/io.netty/netty-transport-rxtx@4.1.77.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "io.netty.netty-codec-haproxy-4.1.77.Final-redhat-00001.jar",
"product": {
"name": "io.netty.netty-codec-haproxy-4.1.77.Final-redhat-00001.jar",
"product_id": "io.netty.netty-codec-haproxy-4.1.77.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/io.netty/netty-codec-haproxy@4.1.77.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "io.netty.netty-codec-dns-4.1.77.Final-redhat-00001.jar",
"product": {
"name": "io.netty.netty-codec-dns-4.1.77.Final-redhat-00001.jar",
"product_id": "io.netty.netty-codec-dns-4.1.77.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/io.netty/netty-codec-dns@4.1.77.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "io.netty.netty-buffer-4.1.77.Final-redhat-00001.pom",
"product": {
"name": "io.netty.netty-buffer-4.1.77.Final-redhat-00001.pom",
"product_id": "io.netty.netty-buffer-4.1.77.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/io.netty/netty-buffer@4.1.77.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "io.netty.netty-handler-4.1.77.Final-redhat-00001.jar",
"product": {
"name": "io.netty.netty-handler-4.1.77.Final-redhat-00001.jar",
"product_id": "io.netty.netty-handler-4.1.77.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/io.netty/netty-handler@4.1.77.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "io.netty.netty-codec-socks-4.1.77.Final-redhat-00001.jar",
"product": {
"name": "io.netty.netty-codec-socks-4.1.77.Final-redhat-00001.jar",
"product_id": "io.netty.netty-codec-socks-4.1.77.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/io.netty/netty-codec-socks@4.1.77.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "io.netty.netty-codec-socks-4.1.77.Final-redhat-00001.pom",
"product": {
"name": "io.netty.netty-codec-socks-4.1.77.Final-redhat-00001.pom",
"product_id": "io.netty.netty-codec-socks-4.1.77.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/io.netty/netty-codec-socks@4.1.77.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "io.netty.netty-codec-haproxy-4.1.77.Final-redhat-00001.pom",
"product": {
"name": "io.netty.netty-codec-haproxy-4.1.77.Final-redhat-00001.pom",
"product_id": "io.netty.netty-codec-haproxy-4.1.77.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/io.netty/netty-codec-haproxy@4.1.77.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "io.netty.netty-transport-udt-4.1.77.Final-redhat-00001.pom",
"product": {
"name": "io.netty.netty-transport-udt-4.1.77.Final-redhat-00001.pom",
"product_id": "io.netty.netty-transport-udt-4.1.77.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/io.netty/netty-transport-udt@4.1.77.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "io.netty.netty-transport-sctp-4.1.77.Final-redhat-00001.pom",
"product": {
"name": "io.netty.netty-transport-sctp-4.1.77.Final-redhat-00001.pom",
"product_id": "io.netty.netty-transport-sctp-4.1.77.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/io.netty/netty-transport-sctp@4.1.77.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "io.netty.netty-codec-mqtt-4.1.77.Final-redhat-00001.jar",
"product": {
"name": "io.netty.netty-codec-mqtt-4.1.77.Final-redhat-00001.jar",
"product_id": "io.netty.netty-codec-mqtt-4.1.77.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/io.netty/netty-codec-mqtt@4.1.77.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "io.netty.netty-codec-4.1.77.Final-redhat-00001.pom",
"product": {
"name": "io.netty.netty-codec-4.1.77.Final-redhat-00001.pom",
"product_id": "io.netty.netty-codec-4.1.77.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/io.netty/netty-codec@4.1.77.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "io.netty.netty-resolver-dns-4.1.77.Final-redhat-00001.jar",
"product": {
"name": "io.netty.netty-resolver-dns-4.1.77.Final-redhat-00001.jar",
"product_id": "io.netty.netty-resolver-dns-4.1.77.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/io.netty/netty-resolver-dns@4.1.77.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "io.netty.netty-transport-classes-kqueue-4.1.77.Final-redhat-00001.pom",
"product": {
"name": "io.netty.netty-transport-classes-kqueue-4.1.77.Final-redhat-00001.pom",
"product_id": "io.netty.netty-transport-classes-kqueue-4.1.77.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/io.netty/netty-transport-classes-kqueue@4.1.77.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "io.netty.netty-resolver-dns-classes-macos-4.1.77.Final-redhat-00001.jar",
"product": {
"name": "io.netty.netty-resolver-dns-classes-macos-4.1.77.Final-redhat-00001.jar",
"product_id": "io.netty.netty-resolver-dns-classes-macos-4.1.77.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/io.netty/netty-resolver-dns-classes-macos@4.1.77.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "io.netty.netty-codec-http2-4.1.77.Final-redhat-00001.jar",
"product": {
"name": "io.netty.netty-codec-http2-4.1.77.Final-redhat-00001.jar",
"product_id": "io.netty.netty-codec-http2-4.1.77.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/io.netty/netty-codec-http2@4.1.77.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "io.netty.netty-resolver-4.1.77.Final-redhat-00001.pom",
"product": {
"name": "io.netty.netty-resolver-4.1.77.Final-redhat-00001.pom",
"product_id": "io.netty.netty-resolver-4.1.77.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/io.netty/netty-resolver@4.1.77.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "io.netty.netty-common-4.1.77.Final-redhat-00001.jar",
"product": {
"name": "io.netty.netty-common-4.1.77.Final-redhat-00001.jar",
"product_id": "io.netty.netty-common-4.1.77.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/io.netty/netty-common@4.1.77.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "io.netty.netty-resolver-4.1.77.Final-redhat-00001.jar",
"product": {
"name": "io.netty.netty-resolver-4.1.77.Final-redhat-00001.jar",
"product_id": "io.netty.netty-resolver-4.1.77.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/io.netty/netty-resolver@4.1.77.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "io.netty.netty-codec-xml-4.1.77.Final-redhat-00001.pom",
"product": {
"name": "io.netty.netty-codec-xml-4.1.77.Final-redhat-00001.pom",
"product_id": "io.netty.netty-codec-xml-4.1.77.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/io.netty/netty-codec-xml@4.1.77.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "io.netty.netty-buffer-4.1.77.Final-redhat-00001.jar",
"product": {
"name": "io.netty.netty-buffer-4.1.77.Final-redhat-00001.jar",
"product_id": "io.netty.netty-buffer-4.1.77.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/io.netty/netty-buffer@4.1.77.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "io.netty.netty-codec-stomp-4.1.77.Final-redhat-00001.jar",
"product": {
"name": "io.netty.netty-codec-stomp-4.1.77.Final-redhat-00001.jar",
"product_id": "io.netty.netty-codec-stomp-4.1.77.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/io.netty/netty-codec-stomp@4.1.77.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "io.netty.netty-codec-xml-4.1.77.Final-redhat-00001.jar",
"product": {
"name": "io.netty.netty-codec-xml-4.1.77.Final-redhat-00001.jar",
"product_id": "io.netty.netty-codec-xml-4.1.77.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/io.netty/netty-codec-xml@4.1.77.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "io.netty.netty-handler-4.1.77.Final-redhat-00001.pom",
"product": {
"name": "io.netty.netty-handler-4.1.77.Final-redhat-00001.pom",
"product_id": "io.netty.netty-handler-4.1.77.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/io.netty/netty-handler@4.1.77.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "io.netty.netty-codec-smtp-4.1.77.Final-redhat-00001.jar",
"product": {
"name": "io.netty.netty-codec-smtp-4.1.77.Final-redhat-00001.jar",
"product_id": "io.netty.netty-codec-smtp-4.1.77.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/io.netty/netty-codec-smtp@4.1.77.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "io.netty.netty-codec-mqtt-4.1.77.Final-redhat-00001.pom",
"product": {
"name": "io.netty.netty-codec-mqtt-4.1.77.Final-redhat-00001.pom",
"product_id": "io.netty.netty-codec-mqtt-4.1.77.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/io.netty/netty-codec-mqtt@4.1.77.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "io.netty.netty-codec-memcache-4.1.77.Final-redhat-00001.pom",
"product": {
"name": "io.netty.netty-codec-memcache-4.1.77.Final-redhat-00001.pom",
"product_id": "io.netty.netty-codec-memcache-4.1.77.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/io.netty/netty-codec-memcache@4.1.77.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "io.netty.netty-transport-native-unix-common-4.1.77.Final-redhat-00001.pom",
"product": {
"name": "io.netty.netty-transport-native-unix-common-4.1.77.Final-redhat-00001.pom",
"product_id": "io.netty.netty-transport-native-unix-common-4.1.77.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/io.netty/netty-transport-native-unix-common@4.1.77.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "io.netty.netty-codec-memcache-4.1.77.Final-redhat-00001.jar",
"product": {
"name": "io.netty.netty-codec-memcache-4.1.77.Final-redhat-00001.jar",
"product_id": "io.netty.netty-codec-memcache-4.1.77.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/io.netty/netty-codec-memcache@4.1.77.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "io.netty.netty-resolver-dns-4.1.77.Final-redhat-00001.pom",
"product": {
"name": "io.netty.netty-resolver-dns-4.1.77.Final-redhat-00001.pom",
"product_id": "io.netty.netty-resolver-dns-4.1.77.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/io.netty/netty-resolver-dns@4.1.77.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "io.netty.netty-transport-sctp-4.1.77.Final-redhat-00001.jar",
"product": {
"name": "io.netty.netty-transport-sctp-4.1.77.Final-redhat-00001.jar",
"product_id": "io.netty.netty-transport-sctp-4.1.77.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/io.netty/netty-transport-sctp@4.1.77.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "io.netty.netty-transport-classes-epoll-4.1.77.Final-redhat-00001.jar",
"product": {
"name": "io.netty.netty-transport-classes-epoll-4.1.77.Final-redhat-00001.jar",
"product_id": "io.netty.netty-transport-classes-epoll-4.1.77.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/io.netty/netty-transport-classes-epoll@4.1.77.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "io.netty.netty-resolver-dns-classes-macos-4.1.77.Final-redhat-00001.pom",
"product": {
"name": "io.netty.netty-resolver-dns-classes-macos-4.1.77.Final-redhat-00001.pom",
"product_id": "io.netty.netty-resolver-dns-classes-macos-4.1.77.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/io.netty/netty-resolver-dns-classes-macos@4.1.77.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "io.netty.netty-codec-4.1.77.Final-redhat-00001.jar",
"product": {
"name": "io.netty.netty-codec-4.1.77.Final-redhat-00001.jar",
"product_id": "io.netty.netty-codec-4.1.77.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/io.netty/netty-codec@4.1.77.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "io.netty.netty-codec-http-4.1.77.Final-redhat-00001.jar",
"product": {
"name": "io.netty.netty-codec-http-4.1.77.Final-redhat-00001.jar",
"product_id": "io.netty.netty-codec-http-4.1.77.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/io.netty/netty-codec-http@4.1.77.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "io.netty.netty-codec-stomp-4.1.77.Final-redhat-00001.pom",
"product": {
"name": "io.netty.netty-codec-stomp-4.1.77.Final-redhat-00001.pom",
"product_id": "io.netty.netty-codec-stomp-4.1.77.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/io.netty/netty-codec-stomp@4.1.77.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "io.netty.netty-transport-native-epoll-4.1.77.Final-redhat-00001-linux-x86_64.jar",
"product": {
"name": "io.netty.netty-transport-native-epoll-4.1.77.Final-redhat-00001-linux-x86_64.jar",
"product_id": "io.netty.netty-transport-native-epoll-4.1.77.Final-redhat-00001-linux-x86_64.jar",
"product_identification_helper": {
"purl": "pkg:maven/io.netty/netty-transport-native-epoll@4.1.77.Final-redhat-00001?classifier=linux-x86_64\u0026type=jar"
}
}
},
{
"category": "product_version",
"name": "io.netty.netty-codec-redis-4.1.77.Final-redhat-00001.pom",
"product": {
"name": "io.netty.netty-codec-redis-4.1.77.Final-redhat-00001.pom",
"product_id": "io.netty.netty-codec-redis-4.1.77.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/io.netty/netty-codec-redis@4.1.77.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "io.netty.netty-codec-redis-4.1.77.Final-redhat-00001.jar",
"product": {
"name": "io.netty.netty-codec-redis-4.1.77.Final-redhat-00001.jar",
"product_id": "io.netty.netty-codec-redis-4.1.77.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/io.netty/netty-codec-redis@4.1.77.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.picketlink.picketlink-impl-2.5.5.SP12-redhat-00011.jar",
"product": {
"name": "org.picketlink.picketlink-impl-2.5.5.SP12-redhat-00011.jar",
"product_id": "org.picketlink.picketlink-impl-2.5.5.SP12-redhat-00011.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.picketlink/picketlink-impl@2.5.5.SP12-redhat-00011?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.picketlink.picketlink-idm-impl-2.5.5.SP12-redhat-00011.pom",
"product": {
"name": "org.picketlink.picketlink-idm-impl-2.5.5.SP12-redhat-00011.pom",
"product_id": "org.picketlink.picketlink-idm-impl-2.5.5.SP12-redhat-00011.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.picketlink/picketlink-idm-impl@2.5.5.SP12-redhat-00011?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.picketlink.picketlink-common-2.5.5.SP12-redhat-00011.jar",
"product": {
"name": "org.picketlink.picketlink-common-2.5.5.SP12-redhat-00011.jar",
"product_id": "org.picketlink.picketlink-common-2.5.5.SP12-redhat-00011.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.picketlink/picketlink-common@2.5.5.SP12-redhat-00011?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.picketlink.picketlink-idm-simple-schema-2.5.5.SP12-redhat-00011.jar",
"product": {
"name": "org.picketlink.picketlink-idm-simple-schema-2.5.5.SP12-redhat-00011.jar",
"product_id": "org.picketlink.picketlink-idm-simple-schema-2.5.5.SP12-redhat-00011.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.picketlink/picketlink-idm-simple-schema@2.5.5.SP12-redhat-00011?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.picketlink.picketlink-idm-simple-schema-2.5.5.SP12-redhat-00011.pom",
"product": {
"name": "org.picketlink.picketlink-idm-simple-schema-2.5.5.SP12-redhat-00011.pom",
"product_id": "org.picketlink.picketlink-idm-simple-schema-2.5.5.SP12-redhat-00011.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.picketlink/picketlink-idm-simple-schema@2.5.5.SP12-redhat-00011?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.picketlink.picketlink-common-2.5.5.SP12-redhat-00011.pom",
"product": {
"name": "org.picketlink.picketlink-common-2.5.5.SP12-redhat-00011.pom",
"product_id": "org.picketlink.picketlink-common-2.5.5.SP12-redhat-00011.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.picketlink/picketlink-common@2.5.5.SP12-redhat-00011?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.picketlink.picketlink-idm-impl-2.5.5.SP12-redhat-00011.jar",
"product": {
"name": "org.picketlink.picketlink-idm-impl-2.5.5.SP12-redhat-00011.jar",
"product_id": "org.picketlink.picketlink-idm-impl-2.5.5.SP12-redhat-00011.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.picketlink/picketlink-idm-impl@2.5.5.SP12-redhat-00011?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.picketlink.picketlink-federation-2.5.5.SP12-redhat-00011.jar",
"product": {
"name": "org.picketlink.picketlink-federation-2.5.5.SP12-redhat-00011.jar",
"product_id": "org.picketlink.picketlink-federation-2.5.5.SP12-redhat-00011.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.picketlink/picketlink-federation@2.5.5.SP12-redhat-00011?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.picketlink.picketlink-config-2.5.5.SP12-redhat-00011.jar",
"product": {
"name": "org.picketlink.picketlink-config-2.5.5.SP12-redhat-00011.jar",
"product_id": "org.picketlink.picketlink-config-2.5.5.SP12-redhat-00011.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.picketlink/picketlink-config@2.5.5.SP12-redhat-00011?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.picketlink.picketlink-impl-2.5.5.SP12-redhat-00011.pom",
"product": {
"name": "org.picketlink.picketlink-impl-2.5.5.SP12-redhat-00011.pom",
"product_id": "org.picketlink.picketlink-impl-2.5.5.SP12-redhat-00011.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.picketlink/picketlink-impl@2.5.5.SP12-redhat-00011?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.picketlink.picketlink-api-2.5.5.SP12-redhat-00011.pom",
"product": {
"name": "org.picketlink.picketlink-api-2.5.5.SP12-redhat-00011.pom",
"product_id": "org.picketlink.picketlink-api-2.5.5.SP12-redhat-00011.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.picketlink/picketlink-api@2.5.5.SP12-redhat-00011?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.picketlink.picketlink-idm-api-2.5.5.SP12-redhat-00011.jar",
"product": {
"name": "org.picketlink.picketlink-idm-api-2.5.5.SP12-redhat-00011.jar",
"product_id": "org.picketlink.picketlink-idm-api-2.5.5.SP12-redhat-00011.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.picketlink/picketlink-idm-api@2.5.5.SP12-redhat-00011?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.picketlink.picketlink-api-2.5.5.SP12-redhat-00011.jar",
"product": {
"name": "org.picketlink.picketlink-api-2.5.5.SP12-redhat-00011.jar",
"product_id": "org.picketlink.picketlink-api-2.5.5.SP12-redhat-00011.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.picketlink/picketlink-api@2.5.5.SP12-redhat-00011?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.picketlink.picketlink-idm-api-2.5.5.SP12-redhat-00011.pom",
"product": {
"name": "org.picketlink.picketlink-idm-api-2.5.5.SP12-redhat-00011.pom",
"product_id": "org.picketlink.picketlink-idm-api-2.5.5.SP12-redhat-00011.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.picketlink/picketlink-idm-api@2.5.5.SP12-redhat-00011?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.picketlink.picketlink-config-2.5.5.SP12-redhat-00011.pom",
"product": {
"name": "org.picketlink.picketlink-config-2.5.5.SP12-redhat-00011.pom",
"product_id": "org.picketlink.picketlink-config-2.5.5.SP12-redhat-00011.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.picketlink/picketlink-config@2.5.5.SP12-redhat-00011?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.picketlink.picketlink-federation-2.5.5.SP12-redhat-00011.pom",
"product": {
"name": "org.picketlink.picketlink-federation-2.5.5.SP12-redhat-00011.pom",
"product_id": "org.picketlink.picketlink-federation-2.5.5.SP12-redhat-00011.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.picketlink/picketlink-federation@2.5.5.SP12-redhat-00011?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.picketlink.distribution.picketlink-wildfly8-2.5.5.SP12-redhat-00014.jar",
"product": {
"name": "org.picketlink.distribution.picketlink-wildfly8-2.5.5.SP12-redhat-00014.jar",
"product_id": "org.picketlink.distribution.picketlink-wildfly8-2.5.5.SP12-redhat-00014.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.picketlink.distribution/picketlink-wildfly8@2.5.5.SP12-redhat-00014?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.spec.javax.faces.jboss-jsf-api_2.3_spec-3.0.0.SP06-redhat-00001.jar",
"product": {
"name": "org.jboss.spec.javax.faces.jboss-jsf-api_2.3_spec-3.0.0.SP06-redhat-00001.jar",
"product_id": "org.jboss.spec.javax.faces.jboss-jsf-api_2.3_spec-3.0.0.SP06-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.spec.javax.faces/jboss-jsf-api_2.3_spec@3.0.0.SP06-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.spec.javax.faces.jboss-jsf-api_2.3_spec-3.0.0.SP06-redhat-00001.pom",
"product": {
"name": "org.jboss.spec.javax.faces.jboss-jsf-api_2.3_spec-3.0.0.SP06-redhat-00001.pom",
"product_id": "org.jboss.spec.javax.faces.jboss-jsf-api_2.3_spec-3.0.0.SP06-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.spec.javax.faces/jboss-jsf-api_2.3_spec@3.0.0.SP06-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "com.fasterxml.jackson.core.jackson-databind-2.12.6.1-redhat-00004.jar",
"product": {
"name": "com.fasterxml.jackson.core.jackson-databind-2.12.6.1-redhat-00004.jar",
"product_id": "com.fasterxml.jackson.core.jackson-databind-2.12.6.1-redhat-00004.jar",
"product_identification_helper": {
"purl": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.12.6.1-redhat-00004?type=jar"
}
}
},
{
"category": "product_version",
"name": "com.fasterxml.jackson.core.jackson-databind-2.12.6.1-redhat-00004.pom",
"product": {
"name": "com.fasterxml.jackson.core.jackson-databind-2.12.6.1-redhat-00004.pom",
"product_id": "com.fasterxml.jackson.core.jackson-databind-2.12.6.1-redhat-00004.pom",
"product_identification_helper": {
"purl": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.12.6.1-redhat-00004?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.picketbox.picketbox-infinispan-5.0.3.Final-redhat-00009.jar",
"product": {
"name": "org.picketbox.picketbox-infinispan-5.0.3.Final-redhat-00009.jar",
"product_id": "org.picketbox.picketbox-infinispan-5.0.3.Final-redhat-00009.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.picketbox/picketbox-infinispan@5.0.3.Final-redhat-00009?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.picketbox.picketbox-spi-bare-5.0.3.Final-redhat-00009.pom",
"product": {
"name": "org.picketbox.picketbox-spi-bare-5.0.3.Final-redhat-00009.pom",
"product_id": "org.picketbox.picketbox-spi-bare-5.0.3.Final-redhat-00009.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.picketbox/picketbox-spi-bare@5.0.3.Final-redhat-00009?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.picketbox.picketbox-acl-impl-5.0.3.Final-redhat-00009.pom",
"product": {
"name": "org.picketbox.picketbox-acl-impl-5.0.3.Final-redhat-00009.pom",
"product_id": "org.picketbox.picketbox-acl-impl-5.0.3.Final-redhat-00009.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.picketbox/picketbox-acl-impl@5.0.3.Final-redhat-00009?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.picketbox.jbosssx-5.0.3.Final-redhat-00009.pom",
"product": {
"name": "org.picketbox.jbosssx-5.0.3.Final-redhat-00009.pom",
"product_id": "org.picketbox.jbosssx-5.0.3.Final-redhat-00009.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.picketbox/jbosssx@5.0.3.Final-redhat-00009?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.picketbox.common-spi-5.0.3.Final-redhat-00009.pom",
"product": {
"name": "org.picketbox.common-spi-5.0.3.Final-redhat-00009.pom",
"product_id": "org.picketbox.common-spi-5.0.3.Final-redhat-00009.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.picketbox/common-spi@5.0.3.Final-redhat-00009?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.picketbox.picketbox-5.0.3.Final-redhat-00009.jar",
"product": {
"name": "org.picketbox.picketbox-5.0.3.Final-redhat-00009.jar",
"product_id": "org.picketbox.picketbox-5.0.3.Final-redhat-00009.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.picketbox/picketbox@5.0.3.Final-redhat-00009?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.picketbox.picketbox-5.0.3.Final-redhat-00009.pom",
"product": {
"name": "org.picketbox.picketbox-5.0.3.Final-redhat-00009.pom",
"product_id": "org.picketbox.picketbox-5.0.3.Final-redhat-00009.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.picketbox/picketbox@5.0.3.Final-redhat-00009?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.picketbox.jboss-security-spi-5.0.3.Final-redhat-00009.pom",
"product": {
"name": "org.picketbox.jboss-security-spi-5.0.3.Final-redhat-00009.pom",
"product_id": "org.picketbox.jboss-security-spi-5.0.3.Final-redhat-00009.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.picketbox/jboss-security-spi@5.0.3.Final-redhat-00009?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.picketbox.picketbox-infinispan-5.0.3.Final-redhat-00009.pom",
"product": {
"name": "org.picketbox.picketbox-infinispan-5.0.3.Final-redhat-00009.pom",
"product_id": "org.picketbox.picketbox-infinispan-5.0.3.Final-redhat-00009.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.picketbox/picketbox-infinispan@5.0.3.Final-redhat-00009?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.picketbox.acl-spi-5.0.3.Final-redhat-00009.pom",
"product": {
"name": "org.picketbox.acl-spi-5.0.3.Final-redhat-00009.pom",
"product_id": "org.picketbox.acl-spi-5.0.3.Final-redhat-00009.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.picketbox/acl-spi@5.0.3.Final-redhat-00009?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.picketbox.picketbox-bare-5.0.3.Final-redhat-00009.pom",
"product": {
"name": "org.picketbox.picketbox-bare-5.0.3.Final-redhat-00009.pom",
"product_id": "org.picketbox.picketbox-bare-5.0.3.Final-redhat-00009.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.picketbox/picketbox-bare@5.0.3.Final-redhat-00009?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.picketbox.identity-spi-5.0.3.Final-redhat-00009.pom",
"product": {
"name": "org.picketbox.identity-spi-5.0.3.Final-redhat-00009.pom",
"product_id": "org.picketbox.identity-spi-5.0.3.Final-redhat-00009.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.picketbox/identity-spi@5.0.3.Final-redhat-00009?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.picketbox.picketbox-identity-impl-5.0.3.Final-redhat-00009.pom",
"product": {
"name": "org.picketbox.picketbox-identity-impl-5.0.3.Final-redhat-00009.pom",
"product_id": "org.picketbox.picketbox-identity-impl-5.0.3.Final-redhat-00009.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.picketbox/picketbox-identity-impl@5.0.3.Final-redhat-00009?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.picketbox.authorization-spi-5.0.3.Final-redhat-00009.pom",
"product": {
"name": "org.picketbox.authorization-spi-5.0.3.Final-redhat-00009.pom",
"product_id": "org.picketbox.authorization-spi-5.0.3.Final-redhat-00009.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.picketbox/authorization-spi@5.0.3.Final-redhat-00009?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.picketbox.jbosssx-bare-5.0.3.Final-redhat-00009.pom",
"product": {
"name": "org.picketbox.jbosssx-bare-5.0.3.Final-redhat-00009.pom",
"product_id": "org.picketbox.jbosssx-bare-5.0.3.Final-redhat-00009.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.picketbox/jbosssx-bare@5.0.3.Final-redhat-00009?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.remoting.jboss-remoting-5.0.25.SP1-redhat-00001.jar",
"product": {
"name": "org.jboss.remoting.jboss-remoting-5.0.25.SP1-redhat-00001.jar",
"product_id": "org.jboss.remoting.jboss-remoting-5.0.25.SP1-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.remoting/jboss-remoting@5.0.25.SP1-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.remoting.jboss-remoting-5.0.25.SP1-redhat-00001.pom",
"product": {
"name": "org.jboss.remoting.jboss-remoting-5.0.25.SP1-redhat-00001.pom",
"product_id": "org.jboss.remoting.jboss-remoting-5.0.25.SP1-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.remoting/jboss-remoting@5.0.25.SP1-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.openssl.wildfly-openssl-java-2.2.3.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.openssl.wildfly-openssl-java-2.2.3.Final-redhat-00001.jar",
"product_id": "org.wildfly.openssl.wildfly-openssl-java-2.2.3.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.openssl/wildfly-openssl-java@2.2.3.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.openssl.wildfly-openssl-java-2.2.3.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.openssl.wildfly-openssl-java-2.2.3.Final-redhat-00001.pom",
"product_id": "org.wildfly.openssl.wildfly-openssl-java-2.2.3.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.openssl/wildfly-openssl-java@2.2.3.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.openssl.wildfly-openssl-linux-ppc64le-2.2.2.Final-redhat-00002.jar",
"product": {
"name": "org.wildfly.openssl.wildfly-openssl-linux-ppc64le-2.2.2.Final-redhat-00002.jar",
"product_id": "org.wildfly.openssl.wildfly-openssl-linux-ppc64le-2.2.2.Final-redhat-00002.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.openssl/wildfly-openssl-linux-ppc64le@2.2.2.Final-redhat-00002?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.openssl.wildfly-openssl-linux-ppc64le-2.2.2.Final-redhat-00002.pom",
"product": {
"name": "org.wildfly.openssl.wildfly-openssl-linux-ppc64le-2.2.2.Final-redhat-00002.pom",
"product_id": "org.wildfly.openssl.wildfly-openssl-linux-ppc64le-2.2.2.Final-redhat-00002.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.openssl/wildfly-openssl-linux-ppc64le@2.2.2.Final-redhat-00002?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.openssl.wildfly-openssl-linux-rhel6-x86_64-2.2.2.Final-redhat-00002.jar",
"product": {
"name": "org.wildfly.openssl.wildfly-openssl-linux-rhel6-x86_64-2.2.2.Final-redhat-00002.jar",
"product_id": "org.wildfly.openssl.wildfly-openssl-linux-rhel6-x86_64-2.2.2.Final-redhat-00002.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.openssl/wildfly-openssl-linux-rhel6-x86_64@2.2.2.Final-redhat-00002?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.openssl.wildfly-openssl-linux-rhel6-x86_64-2.2.2.Final-redhat-00002.pom",
"product": {
"name": "org.wildfly.openssl.wildfly-openssl-linux-rhel6-x86_64-2.2.2.Final-redhat-00002.pom",
"product_id": "org.wildfly.openssl.wildfly-openssl-linux-rhel6-x86_64-2.2.2.Final-redhat-00002.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.openssl/wildfly-openssl-linux-rhel6-x86_64@2.2.2.Final-redhat-00002?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.openssl.wildfly-openssl-linux-rhel7-x86_64-2.2.2.Final-redhat-00002.jar",
"product": {
"name": "org.wildfly.openssl.wildfly-openssl-linux-rhel7-x86_64-2.2.2.Final-redhat-00002.jar",
"product_id": "org.wildfly.openssl.wildfly-openssl-linux-rhel7-x86_64-2.2.2.Final-redhat-00002.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.openssl/wildfly-openssl-linux-rhel7-x86_64@2.2.2.Final-redhat-00002?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.openssl.wildfly-openssl-linux-rhel7-x86_64-2.2.2.Final-redhat-00002.pom",
"product": {
"name": "org.wildfly.openssl.wildfly-openssl-linux-rhel7-x86_64-2.2.2.Final-redhat-00002.pom",
"product_id": "org.wildfly.openssl.wildfly-openssl-linux-rhel7-x86_64-2.2.2.Final-redhat-00002.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.openssl/wildfly-openssl-linux-rhel7-x86_64@2.2.2.Final-redhat-00002?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.openssl.wildfly-openssl-linux-rhel8-x86_64-2.2.2.Final-redhat-00002.jar",
"product": {
"name": "org.wildfly.openssl.wildfly-openssl-linux-rhel8-x86_64-2.2.2.Final-redhat-00002.jar",
"product_id": "org.wildfly.openssl.wildfly-openssl-linux-rhel8-x86_64-2.2.2.Final-redhat-00002.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.openssl/wildfly-openssl-linux-rhel8-x86_64@2.2.2.Final-redhat-00002?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.openssl.wildfly-openssl-linux-rhel8-x86_64-2.2.2.Final-redhat-00002.pom",
"product": {
"name": "org.wildfly.openssl.wildfly-openssl-linux-rhel8-x86_64-2.2.2.Final-redhat-00002.pom",
"product_id": "org.wildfly.openssl.wildfly-openssl-linux-rhel8-x86_64-2.2.2.Final-redhat-00002.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.openssl/wildfly-openssl-linux-rhel8-x86_64@2.2.2.Final-redhat-00002?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.openssl.wildfly-openssl-linux-rhel9-x86_64-2.2.2.Final-redhat-00002.jar",
"product": {
"name": "org.wildfly.openssl.wildfly-openssl-linux-rhel9-x86_64-2.2.2.Final-redhat-00002.jar",
"product_id": "org.wildfly.openssl.wildfly-openssl-linux-rhel9-x86_64-2.2.2.Final-redhat-00002.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.openssl/wildfly-openssl-linux-rhel9-x86_64@2.2.2.Final-redhat-00002?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.openssl.wildfly-openssl-linux-rhel9-x86_64-2.2.2.Final-redhat-00002.pom",
"product": {
"name": "org.wildfly.openssl.wildfly-openssl-linux-rhel9-x86_64-2.2.2.Final-redhat-00002.pom",
"product_id": "org.wildfly.openssl.wildfly-openssl-linux-rhel9-x86_64-2.2.2.Final-redhat-00002.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.openssl/wildfly-openssl-linux-rhel9-x86_64@2.2.2.Final-redhat-00002?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.openssl.wildfly-openssl-linux-s390x-2.2.2.Final-redhat-00002.jar",
"product": {
"name": "org.wildfly.openssl.wildfly-openssl-linux-s390x-2.2.2.Final-redhat-00002.jar",
"product_id": "org.wildfly.openssl.wildfly-openssl-linux-s390x-2.2.2.Final-redhat-00002.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.openssl/wildfly-openssl-linux-s390x@2.2.2.Final-redhat-00002?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.openssl.wildfly-openssl-linux-s390x-2.2.2.Final-redhat-00002.pom",
"product": {
"name": "org.wildfly.openssl.wildfly-openssl-linux-s390x-2.2.2.Final-redhat-00002.pom",
"product_id": "org.wildfly.openssl.wildfly-openssl-linux-s390x-2.2.2.Final-redhat-00002.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.openssl/wildfly-openssl-linux-s390x@2.2.2.Final-redhat-00002?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.openssl.wildfly-openssl-windows-x86_64-2.2.2.Final-redhat-00002.jar",
"product": {
"name": "org.wildfly.openssl.wildfly-openssl-windows-x86_64-2.2.2.Final-redhat-00002.jar",
"product_id": "org.wildfly.openssl.wildfly-openssl-windows-x86_64-2.2.2.Final-redhat-00002.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.openssl/wildfly-openssl-windows-x86_64@2.2.2.Final-redhat-00002?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.activemq.artemis-dto-2.16.0.redhat-00045.jar",
"product": {
"name": "org.apache.activemq.artemis-dto-2.16.0.redhat-00045.jar",
"product_id": "org.apache.activemq.artemis-dto-2.16.0.redhat-00045.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.activemq/artemis-dto@2.16.0.redhat-00045?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.activemq.artemis-cli-2.16.0.redhat-00045.pom",
"product": {
"name": "org.apache.activemq.artemis-cli-2.16.0.redhat-00045.pom",
"product_id": "org.apache.activemq.artemis-cli-2.16.0.redhat-00045.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.activemq/artemis-cli@2.16.0.redhat-00045?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.activemq.artemis-jms-client-2.16.0.redhat-00045.jar",
"product": {
"name": "org.apache.activemq.artemis-jms-client-2.16.0.redhat-00045.jar",
"product_id": "org.apache.activemq.artemis-jms-client-2.16.0.redhat-00045.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.activemq/artemis-jms-client@2.16.0.redhat-00045?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.activemq.artemis-hqclient-protocol-2.16.0.redhat-00045.jar",
"product": {
"name": "org.apache.activemq.artemis-hqclient-protocol-2.16.0.redhat-00045.jar",
"product_id": "org.apache.activemq.artemis-hqclient-protocol-2.16.0.redhat-00045.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.activemq/artemis-hqclient-protocol@2.16.0.redhat-00045?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.activemq.artemis-selector-2.16.0.redhat-00045.pom",
"product": {
"name": "org.apache.activemq.artemis-selector-2.16.0.redhat-00045.pom",
"product_id": "org.apache.activemq.artemis-selector-2.16.0.redhat-00045.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.activemq/artemis-selector@2.16.0.redhat-00045?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.activemq.artemis-service-extensions-2.16.0.redhat-00045.pom",
"product": {
"name": "org.apache.activemq.artemis-service-extensions-2.16.0.redhat-00045.pom",
"product_id": "org.apache.activemq.artemis-service-extensions-2.16.0.redhat-00045.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.activemq/artemis-service-extensions@2.16.0.redhat-00045?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.activemq.artemis-jdbc-store-2.16.0.redhat-00045.jar",
"product": {
"name": "org.apache.activemq.artemis-jdbc-store-2.16.0.redhat-00045.jar",
"product_id": "org.apache.activemq.artemis-jdbc-store-2.16.0.redhat-00045.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.activemq/artemis-jdbc-store@2.16.0.redhat-00045?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.activemq.artemis-tools-2.16.0.redhat-00045.pom",
"product": {
"name": "org.apache.activemq.artemis-tools-2.16.0.redhat-00045.pom",
"product_id": "org.apache.activemq.artemis-tools-2.16.0.redhat-00045.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.activemq/artemis-tools@2.16.0.redhat-00045?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.activemq.artemis-hornetq-protocol-2.16.0.redhat-00045.jar",
"product": {
"name": "org.apache.activemq.artemis-hornetq-protocol-2.16.0.redhat-00045.jar",
"product_id": "org.apache.activemq.artemis-hornetq-protocol-2.16.0.redhat-00045.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.activemq/artemis-hornetq-protocol@2.16.0.redhat-00045?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.activemq.artemis-server-2.16.0.redhat-00045.pom",
"product": {
"name": "org.apache.activemq.artemis-server-2.16.0.redhat-00045.pom",
"product_id": "org.apache.activemq.artemis-server-2.16.0.redhat-00045.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.activemq/artemis-server@2.16.0.redhat-00045?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.activemq.artemis-ra-2.16.0.redhat-00045.jar",
"product": {
"name": "org.apache.activemq.artemis-ra-2.16.0.redhat-00045.jar",
"product_id": "org.apache.activemq.artemis-ra-2.16.0.redhat-00045.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.activemq/artemis-ra@2.16.0.redhat-00045?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.activemq.artemis-core-client-2.16.0.redhat-00045.pom",
"product": {
"name": "org.apache.activemq.artemis-core-client-2.16.0.redhat-00045.pom",
"product_id": "org.apache.activemq.artemis-core-client-2.16.0.redhat-00045.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.activemq/artemis-core-client@2.16.0.redhat-00045?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.activemq.artemis-jms-server-2.16.0.redhat-00045.pom",
"product": {
"name": "org.apache.activemq.artemis-jms-server-2.16.0.redhat-00045.pom",
"product_id": "org.apache.activemq.artemis-jms-server-2.16.0.redhat-00045.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.activemq/artemis-jms-server@2.16.0.redhat-00045?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.activemq.artemis-journal-2.16.0.redhat-00045.jar",
"product": {
"name": "org.apache.activemq.artemis-journal-2.16.0.redhat-00045.jar",
"product_id": "org.apache.activemq.artemis-journal-2.16.0.redhat-00045.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.activemq/artemis-journal@2.16.0.redhat-00045?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.activemq.artemis-commons-2.16.0.redhat-00045.jar",
"product": {
"name": "org.apache.activemq.artemis-commons-2.16.0.redhat-00045.jar",
"product_id": "org.apache.activemq.artemis-commons-2.16.0.redhat-00045.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.activemq/artemis-commons@2.16.0.redhat-00045?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.activemq.artemis-jms-server-2.16.0.redhat-00045.jar",
"product": {
"name": "org.apache.activemq.artemis-jms-server-2.16.0.redhat-00045.jar",
"product_id": "org.apache.activemq.artemis-jms-server-2.16.0.redhat-00045.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.activemq/artemis-jms-server@2.16.0.redhat-00045?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.activemq.artemis-hqclient-protocol-2.16.0.redhat-00045.pom",
"product": {
"name": "org.apache.activemq.artemis-hqclient-protocol-2.16.0.redhat-00045.pom",
"product_id": "org.apache.activemq.artemis-hqclient-protocol-2.16.0.redhat-00045.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.activemq/artemis-hqclient-protocol@2.16.0.redhat-00045?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.activemq.artemis-selector-2.16.0.redhat-00045.jar",
"product": {
"name": "org.apache.activemq.artemis-selector-2.16.0.redhat-00045.jar",
"product_id": "org.apache.activemq.artemis-selector-2.16.0.redhat-00045.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.activemq/artemis-selector@2.16.0.redhat-00045?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.activemq.artemis-cli-2.16.0.redhat-00045.jar",
"product": {
"name": "org.apache.activemq.artemis-cli-2.16.0.redhat-00045.jar",
"product_id": "org.apache.activemq.artemis-cli-2.16.0.redhat-00045.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.activemq/artemis-cli@2.16.0.redhat-00045?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.activemq.artemis-jms-client-2.16.0.redhat-00045.pom",
"product": {
"name": "org.apache.activemq.artemis-jms-client-2.16.0.redhat-00045.pom",
"product_id": "org.apache.activemq.artemis-jms-client-2.16.0.redhat-00045.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.activemq/artemis-jms-client@2.16.0.redhat-00045?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.activemq.artemis-dto-2.16.0.redhat-00045.pom",
"product": {
"name": "org.apache.activemq.artemis-dto-2.16.0.redhat-00045.pom",
"product_id": "org.apache.activemq.artemis-dto-2.16.0.redhat-00045.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.activemq/artemis-dto@2.16.0.redhat-00045?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.activemq.artemis-hornetq-protocol-2.16.0.redhat-00045.pom",
"product": {
"name": "org.apache.activemq.artemis-hornetq-protocol-2.16.0.redhat-00045.pom",
"product_id": "org.apache.activemq.artemis-hornetq-protocol-2.16.0.redhat-00045.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.activemq/artemis-hornetq-protocol@2.16.0.redhat-00045?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.activemq.artemis-service-extensions-2.16.0.redhat-00045.jar",
"product": {
"name": "org.apache.activemq.artemis-service-extensions-2.16.0.redhat-00045.jar",
"product_id": "org.apache.activemq.artemis-service-extensions-2.16.0.redhat-00045.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.activemq/artemis-service-extensions@2.16.0.redhat-00045?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.activemq.artemis-jdbc-store-2.16.0.redhat-00045.pom",
"product": {
"name": "org.apache.activemq.artemis-jdbc-store-2.16.0.redhat-00045.pom",
"product_id": "org.apache.activemq.artemis-jdbc-store-2.16.0.redhat-00045.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.activemq/artemis-jdbc-store@2.16.0.redhat-00045?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.activemq.artemis-tools-2.16.0.redhat-00045.jar",
"product": {
"name": "org.apache.activemq.artemis-tools-2.16.0.redhat-00045.jar",
"product_id": "org.apache.activemq.artemis-tools-2.16.0.redhat-00045.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.activemq/artemis-tools@2.16.0.redhat-00045?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.activemq.artemis-journal-2.16.0.redhat-00045.pom",
"product": {
"name": "org.apache.activemq.artemis-journal-2.16.0.redhat-00045.pom",
"product_id": "org.apache.activemq.artemis-journal-2.16.0.redhat-00045.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.activemq/artemis-journal@2.16.0.redhat-00045?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.activemq.artemis-core-client-2.16.0.redhat-00045.jar",
"product": {
"name": "org.apache.activemq.artemis-core-client-2.16.0.redhat-00045.jar",
"product_id": "org.apache.activemq.artemis-core-client-2.16.0.redhat-00045.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.activemq/artemis-core-client@2.16.0.redhat-00045?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.apache.activemq.artemis-commons-2.16.0.redhat-00045.pom",
"product": {
"name": "org.apache.activemq.artemis-commons-2.16.0.redhat-00045.pom",
"product_id": "org.apache.activemq.artemis-commons-2.16.0.redhat-00045.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.activemq/artemis-commons@2.16.0.redhat-00045?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.activemq.artemis-ra-2.16.0.redhat-00045.pom",
"product": {
"name": "org.apache.activemq.artemis-ra-2.16.0.redhat-00045.pom",
"product_id": "org.apache.activemq.artemis-ra-2.16.0.redhat-00045.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.activemq/artemis-ra@2.16.0.redhat-00045?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.apache.activemq.artemis-server-2.16.0.redhat-00045.jar",
"product": {
"name": "org.apache.activemq.artemis-server-2.16.0.redhat-00045.jar",
"product_id": "org.apache.activemq.artemis-server-2.16.0.redhat-00045.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.apache.activemq/artemis-server@2.16.0.redhat-00045?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.jboss-vfs-3.2.17.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.jboss-vfs-3.2.17.Final-redhat-00001.pom",
"product_id": "org.jboss.jboss-vfs-3.2.17.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss/jboss-vfs@3.2.17.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.jboss-vfs-3.2.17.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.jboss-vfs-3.2.17.Final-redhat-00001.jar",
"product_id": "org.jboss.jboss-vfs-3.2.17.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss/jboss-vfs@3.2.17.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.resteasy.resteasy-validator-provider-3.15.4.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.resteasy.resteasy-validator-provider-3.15.4.Final-redhat-00001.jar",
"product_id": "org.jboss.resteasy.resteasy-validator-provider-3.15.4.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.resteasy/resteasy-validator-provider@3.15.4.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.resteasy.resteasy-jackson2-provider-3.15.4.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.resteasy.resteasy-jackson2-provider-3.15.4.Final-redhat-00001.jar",
"product_id": "org.jboss.resteasy.resteasy-jackson2-provider-3.15.4.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.resteasy/resteasy-jackson2-provider@3.15.4.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.resteasy.resteasy-json-binding-provider-3.15.4.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.resteasy.resteasy-json-binding-provider-3.15.4.Final-redhat-00001.jar",
"product_id": "org.jboss.resteasy.resteasy-json-binding-provider-3.15.4.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.resteasy/resteasy-json-binding-provider@3.15.4.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.resteasy.resteasy-jettison-provider-3.15.4.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.resteasy.resteasy-jettison-provider-3.15.4.Final-redhat-00001.pom",
"product_id": "org.jboss.resteasy.resteasy-jettison-provider-3.15.4.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.resteasy/resteasy-jettison-provider@3.15.4.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.resteasy.resteasy-crypto-3.15.4.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.resteasy.resteasy-crypto-3.15.4.Final-redhat-00001.jar",
"product_id": "org.jboss.resteasy.resteasy-crypto-3.15.4.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.resteasy/resteasy-crypto@3.15.4.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.resteasy.resteasy-spring-3.15.4.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.resteasy.resteasy-spring-3.15.4.Final-redhat-00001.pom",
"product_id": "org.jboss.resteasy.resteasy-spring-3.15.4.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.resteasy/resteasy-spring@3.15.4.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.resteasy.jose-jwt-3.15.4.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.resteasy.jose-jwt-3.15.4.Final-redhat-00001.pom",
"product_id": "org.jboss.resteasy.jose-jwt-3.15.4.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.resteasy/jose-jwt@3.15.4.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.resteasy.resteasy-jsapi-3.15.4.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.resteasy.resteasy-jsapi-3.15.4.Final-redhat-00001.jar",
"product_id": "org.jboss.resteasy.resteasy-jsapi-3.15.4.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.resteasy/resteasy-jsapi@3.15.4.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.resteasy.jose-jwt-3.15.4.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.resteasy.jose-jwt-3.15.4.Final-redhat-00001.jar",
"product_id": "org.jboss.resteasy.jose-jwt-3.15.4.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.resteasy/jose-jwt@3.15.4.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.resteasy.resteasy-spring-3.15.4.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.resteasy.resteasy-spring-3.15.4.Final-redhat-00001.jar",
"product_id": "org.jboss.resteasy.resteasy-spring-3.15.4.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.resteasy/resteasy-spring@3.15.4.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.resteasy.resteasy-jaxb-provider-3.15.4.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.resteasy.resteasy-jaxb-provider-3.15.4.Final-redhat-00001.pom",
"product_id": "org.jboss.resteasy.resteasy-jaxb-provider-3.15.4.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.resteasy/resteasy-jaxb-provider@3.15.4.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.resteasy.resteasy-jsapi-3.15.4.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.resteasy.resteasy-jsapi-3.15.4.Final-redhat-00001.pom",
"product_id": "org.jboss.resteasy.resteasy-jsapi-3.15.4.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.resteasy/resteasy-jsapi@3.15.4.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.resteasy.resteasy-client-3.15.4.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.resteasy.resteasy-client-3.15.4.Final-redhat-00001.pom",
"product_id": "org.jboss.resteasy.resteasy-client-3.15.4.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.resteasy/resteasy-client@3.15.4.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.resteasy.resteasy-client-3.15.4.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.resteasy.resteasy-client-3.15.4.Final-redhat-00001.jar",
"product_id": "org.jboss.resteasy.resteasy-client-3.15.4.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.resteasy/resteasy-client@3.15.4.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.resteasy.resteasy-jaxb-provider-3.15.4.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.resteasy.resteasy-jaxb-provider-3.15.4.Final-redhat-00001.jar",
"product_id": "org.jboss.resteasy.resteasy-jaxb-provider-3.15.4.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.resteasy/resteasy-jaxb-provider@3.15.4.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.resteasy.resteasy-json-p-provider-3.15.4.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.resteasy.resteasy-json-p-provider-3.15.4.Final-redhat-00001.pom",
"product_id": "org.jboss.resteasy.resteasy-json-p-provider-3.15.4.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.resteasy/resteasy-json-p-provider@3.15.4.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.resteasy.resteasy-atom-provider-3.15.4.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.resteasy.resteasy-atom-provider-3.15.4.Final-redhat-00001.jar",
"product_id": "org.jboss.resteasy.resteasy-atom-provider-3.15.4.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.resteasy/resteasy-atom-provider@3.15.4.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.resteasy.resteasy-cdi-3.15.4.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.resteasy.resteasy-cdi-3.15.4.Final-redhat-00001.pom",
"product_id": "org.jboss.resteasy.resteasy-cdi-3.15.4.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.resteasy/resteasy-cdi@3.15.4.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.resteasy.resteasy-rxjava2-3.15.4.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.resteasy.resteasy-rxjava2-3.15.4.Final-redhat-00001.pom",
"product_id": "org.jboss.resteasy.resteasy-rxjava2-3.15.4.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.resteasy/resteasy-rxjava2@3.15.4.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.resteasy.resteasy-rxjava2-3.15.4.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.resteasy.resteasy-rxjava2-3.15.4.Final-redhat-00001.jar",
"product_id": "org.jboss.resteasy.resteasy-rxjava2-3.15.4.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.resteasy/resteasy-rxjava2@3.15.4.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.resteasy.resteasy-json-p-provider-3.15.4.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.resteasy.resteasy-json-p-provider-3.15.4.Final-redhat-00001.jar",
"product_id": "org.jboss.resteasy.resteasy-json-p-provider-3.15.4.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.resteasy/resteasy-json-p-provider@3.15.4.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.resteasy.resteasy-crypto-3.15.4.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.resteasy.resteasy-crypto-3.15.4.Final-redhat-00001.pom",
"product_id": "org.jboss.resteasy.resteasy-crypto-3.15.4.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.resteasy/resteasy-crypto@3.15.4.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.resteasy.resteasy-yaml-provider-3.15.4.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.resteasy.resteasy-yaml-provider-3.15.4.Final-redhat-00001.pom",
"product_id": "org.jboss.resteasy.resteasy-yaml-provider-3.15.4.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.resteasy/resteasy-yaml-provider@3.15.4.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.resteasy.resteasy-jettison-provider-3.15.4.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.resteasy.resteasy-jettison-provider-3.15.4.Final-redhat-00001.jar",
"product_id": "org.jboss.resteasy.resteasy-jettison-provider-3.15.4.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.resteasy/resteasy-jettison-provider@3.15.4.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.resteasy.resteasy-atom-provider-3.15.4.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.resteasy.resteasy-atom-provider-3.15.4.Final-redhat-00001.pom",
"product_id": "org.jboss.resteasy.resteasy-atom-provider-3.15.4.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.resteasy/resteasy-atom-provider@3.15.4.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.resteasy.resteasy-jackson2-provider-3.15.4.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.resteasy.resteasy-jackson2-provider-3.15.4.Final-redhat-00001.pom",
"product_id": "org.jboss.resteasy.resteasy-jackson2-provider-3.15.4.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.resteasy/resteasy-jackson2-provider@3.15.4.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.resteasy.resteasy-json-binding-provider-3.15.4.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.resteasy.resteasy-json-binding-provider-3.15.4.Final-redhat-00001.pom",
"product_id": "org.jboss.resteasy.resteasy-json-binding-provider-3.15.4.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.resteasy/resteasy-json-binding-provider@3.15.4.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.resteasy.resteasy-validator-provider-3.15.4.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.resteasy.resteasy-validator-provider-3.15.4.Final-redhat-00001.pom",
"product_id": "org.jboss.resteasy.resteasy-validator-provider-3.15.4.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.resteasy/resteasy-validator-provider@3.15.4.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.resteasy.resteasy-multipart-provider-3.15.4.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.resteasy.resteasy-multipart-provider-3.15.4.Final-redhat-00001.pom",
"product_id": "org.jboss.resteasy.resteasy-multipart-provider-3.15.4.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.resteasy/resteasy-multipart-provider@3.15.4.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.resteasy.resteasy-jackson-provider-3.15.4.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.resteasy.resteasy-jackson-provider-3.15.4.Final-redhat-00001.jar",
"product_id": "org.jboss.resteasy.resteasy-jackson-provider-3.15.4.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.resteasy/resteasy-jackson-provider@3.15.4.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.resteasy.resteasy-cdi-3.15.4.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.resteasy.resteasy-cdi-3.15.4.Final-redhat-00001.jar",
"product_id": "org.jboss.resteasy.resteasy-cdi-3.15.4.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.resteasy/resteasy-cdi@3.15.4.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.resteasy.resteasy-jaxrs-3.15.4.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.resteasy.resteasy-jaxrs-3.15.4.Final-redhat-00001.pom",
"product_id": "org.jboss.resteasy.resteasy-jaxrs-3.15.4.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.resteasy/resteasy-jaxrs@3.15.4.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.resteasy.resteasy-yaml-provider-3.15.4.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.resteasy.resteasy-yaml-provider-3.15.4.Final-redhat-00001.jar",
"product_id": "org.jboss.resteasy.resteasy-yaml-provider-3.15.4.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.resteasy/resteasy-yaml-provider@3.15.4.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.resteasy.resteasy-multipart-provider-3.15.4.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.resteasy.resteasy-multipart-provider-3.15.4.Final-redhat-00001.jar",
"product_id": "org.jboss.resteasy.resteasy-multipart-provider-3.15.4.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.resteasy/resteasy-multipart-provider@3.15.4.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.resteasy.resteasy-jaxrs-3.15.4.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.resteasy.resteasy-jaxrs-3.15.4.Final-redhat-00001.jar",
"product_id": "org.jboss.resteasy.resteasy-jaxrs-3.15.4.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.resteasy/resteasy-jaxrs@3.15.4.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.resteasy.resteasy-jackson-provider-3.15.4.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.resteasy.resteasy-jackson-provider-3.15.4.Final-redhat-00001.pom",
"product_id": "org.jboss.resteasy.resteasy-jackson-provider-3.15.4.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.resteasy/resteasy-jackson-provider@3.15.4.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "io.undertow.jastow.jastow-2.0.11.Final-redhat-00001.pom",
"product": {
"name": "io.undertow.jastow.jastow-2.0.11.Final-redhat-00001.pom",
"product_id": "io.undertow.jastow.jastow-2.0.11.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/io.undertow.jastow/jastow@2.0.11.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "io.undertow.jastow.jastow-2.0.11.Final-redhat-00001.jar",
"product": {
"name": "io.undertow.jastow.jastow-2.0.11.Final-redhat-00001.jar",
"product_id": "io.undertow.jastow.jastow-2.0.11.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/io.undertow.jastow/jastow@2.0.11.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.hal.hal-console-3.3.14.Final-redhat-00001-resources.jar",
"product": {
"name": "org.jboss.hal.hal-console-3.3.14.Final-redhat-00001-resources.jar",
"product_id": "org.jboss.hal.hal-console-3.3.14.Final-redhat-00001-resources.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.hal/hal-console@3.3.14.Final-redhat-00001?classifier=resources\u0026type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.hal.hal-console-3.3.14.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.hal.hal-console-3.3.14.Final-redhat-00001.pom",
"product_id": "org.jboss.hal.hal-console-3.3.14.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.hal/hal-console@3.3.14.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "com.sun.faces.jsf-impl-2.3.14.SP06-redhat-00001.pom",
"product": {
"name": "com.sun.faces.jsf-impl-2.3.14.SP06-redhat-00001.pom",
"product_id": "com.sun.faces.jsf-impl-2.3.14.SP06-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/com.sun.faces/jsf-impl@2.3.14.SP06-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "com.sun.faces.jsf-impl-2.3.14.SP06-redhat-00001.jar",
"product": {
"name": "com.sun.faces.jsf-impl-2.3.14.SP06-redhat-00001.jar",
"product_id": "com.sun.faces.jsf-impl-2.3.14.SP06-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/com.sun.faces/jsf-impl@2.3.14.SP06-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-realm-1.15.14.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.security.wildfly-elytron-realm-1.15.14.Final-redhat-00001.pom",
"product_id": "org.wildfly.security.wildfly-elytron-realm-1.15.14.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-realm@1.15.14.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-sasl-deprecated-1.15.14.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.security.wildfly-elytron-sasl-deprecated-1.15.14.Final-redhat-00001.pom",
"product_id": "org.wildfly.security.wildfly-elytron-sasl-deprecated-1.15.14.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-sasl-deprecated@1.15.14.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-mechanism-gssapi-1.15.14.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.security.wildfly-elytron-mechanism-gssapi-1.15.14.Final-redhat-00001.jar",
"product_id": "org.wildfly.security.wildfly-elytron-mechanism-gssapi-1.15.14.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-mechanism-gssapi@1.15.14.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-sasl-plain-1.15.14.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.security.wildfly-elytron-sasl-plain-1.15.14.Final-redhat-00001.pom",
"product_id": "org.wildfly.security.wildfly-elytron-sasl-plain-1.15.14.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-sasl-plain@1.15.14.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-sasl-gs2-1.15.14.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.security.wildfly-elytron-sasl-gs2-1.15.14.Final-redhat-00001.pom",
"product_id": "org.wildfly.security.wildfly-elytron-sasl-gs2-1.15.14.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-sasl-gs2@1.15.14.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-mechanism-gssapi-1.15.14.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.security.wildfly-elytron-mechanism-gssapi-1.15.14.Final-redhat-00001.pom",
"product_id": "org.wildfly.security.wildfly-elytron-mechanism-gssapi-1.15.14.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-mechanism-gssapi@1.15.14.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-jacc-1.15.14.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.security.wildfly-elytron-jacc-1.15.14.Final-redhat-00001.jar",
"product_id": "org.wildfly.security.wildfly-elytron-jacc-1.15.14.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-jacc@1.15.14.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-sasl-otp-1.15.14.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.security.wildfly-elytron-sasl-otp-1.15.14.Final-redhat-00001.pom",
"product_id": "org.wildfly.security.wildfly-elytron-sasl-otp-1.15.14.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-sasl-otp@1.15.14.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-x500-1.15.14.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.security.wildfly-elytron-x500-1.15.14.Final-redhat-00001.jar",
"product_id": "org.wildfly.security.wildfly-elytron-x500-1.15.14.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-x500@1.15.14.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-sasl-anonymous-1.15.14.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.security.wildfly-elytron-sasl-anonymous-1.15.14.Final-redhat-00001.jar",
"product_id": "org.wildfly.security.wildfly-elytron-sasl-anonymous-1.15.14.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-sasl-anonymous@1.15.14.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-sasl-plain-1.15.14.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.security.wildfly-elytron-sasl-plain-1.15.14.Final-redhat-00001.jar",
"product_id": "org.wildfly.security.wildfly-elytron-sasl-plain-1.15.14.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-sasl-plain@1.15.14.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-http-1.15.14.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.security.wildfly-elytron-http-1.15.14.Final-redhat-00001.pom",
"product_id": "org.wildfly.security.wildfly-elytron-http-1.15.14.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-http@1.15.14.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-x500-deprecated-1.15.14.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.security.wildfly-elytron-x500-deprecated-1.15.14.Final-redhat-00001.pom",
"product_id": "org.wildfly.security.wildfly-elytron-x500-deprecated-1.15.14.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-x500-deprecated@1.15.14.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-jacc-1.15.14.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.security.wildfly-elytron-jacc-1.15.14.Final-redhat-00001.pom",
"product_id": "org.wildfly.security.wildfly-elytron-jacc-1.15.14.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-jacc@1.15.14.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-x500-1.15.14.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.security.wildfly-elytron-x500-1.15.14.Final-redhat-00001.pom",
"product_id": "org.wildfly.security.wildfly-elytron-x500-1.15.14.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-x500@1.15.14.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-audit-1.15.14.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.security.wildfly-elytron-audit-1.15.14.Final-redhat-00001.pom",
"product_id": "org.wildfly.security.wildfly-elytron-audit-1.15.14.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-audit@1.15.14.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-sasl-scram-1.15.14.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.security.wildfly-elytron-sasl-scram-1.15.14.Final-redhat-00001.jar",
"product_id": "org.wildfly.security.wildfly-elytron-sasl-scram-1.15.14.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-sasl-scram@1.15.14.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-sasl-deprecated-1.15.14.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.security.wildfly-elytron-sasl-deprecated-1.15.14.Final-redhat-00001.jar",
"product_id": "org.wildfly.security.wildfly-elytron-sasl-deprecated-1.15.14.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-sasl-deprecated@1.15.14.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-mechanism-http-1.15.14.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.security.wildfly-elytron-mechanism-http-1.15.14.Final-redhat-00001.jar",
"product_id": "org.wildfly.security.wildfly-elytron-mechanism-http-1.15.14.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-mechanism-http@1.15.14.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-credential-1.15.14.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.security.wildfly-elytron-credential-1.15.14.Final-redhat-00001.pom",
"product_id": "org.wildfly.security.wildfly-elytron-credential-1.15.14.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-credential@1.15.14.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-http-digest-1.15.14.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.security.wildfly-elytron-http-digest-1.15.14.Final-redhat-00001.jar",
"product_id": "org.wildfly.security.wildfly-elytron-http-digest-1.15.14.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-http-digest@1.15.14.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-http-digest-1.15.14.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.security.wildfly-elytron-http-digest-1.15.14.Final-redhat-00001.pom",
"product_id": "org.wildfly.security.wildfly-elytron-http-digest-1.15.14.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-http-digest@1.15.14.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-realm-jdbc-1.15.14.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.security.wildfly-elytron-realm-jdbc-1.15.14.Final-redhat-00001.jar",
"product_id": "org.wildfly.security.wildfly-elytron-realm-jdbc-1.15.14.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-realm-jdbc@1.15.14.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-credential-store-1.15.14.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.security.wildfly-elytron-credential-store-1.15.14.Final-redhat-00001.pom",
"product_id": "org.wildfly.security.wildfly-elytron-credential-store-1.15.14.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-credential-store@1.15.14.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-mechanism-http-1.15.14.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.security.wildfly-elytron-mechanism-http-1.15.14.Final-redhat-00001.pom",
"product_id": "org.wildfly.security.wildfly-elytron-mechanism-http-1.15.14.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-mechanism-http@1.15.14.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-sasl-oauth2-1.15.14.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.security.wildfly-elytron-sasl-oauth2-1.15.14.Final-redhat-00001.jar",
"product_id": "org.wildfly.security.wildfly-elytron-sasl-oauth2-1.15.14.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-sasl-oauth2@1.15.14.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-http-stateful-basic-1.15.14.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.security.wildfly-elytron-http-stateful-basic-1.15.14.Final-redhat-00001.jar",
"product_id": "org.wildfly.security.wildfly-elytron-http-stateful-basic-1.15.14.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-http-stateful-basic@1.15.14.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-http-stateful-basic-1.15.14.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.security.wildfly-elytron-http-stateful-basic-1.15.14.Final-redhat-00001.pom",
"product_id": "org.wildfly.security.wildfly-elytron-http-stateful-basic-1.15.14.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-http-stateful-basic@1.15.14.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-sasl-oauth2-1.15.14.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.security.wildfly-elytron-sasl-oauth2-1.15.14.Final-redhat-00001.pom",
"product_id": "org.wildfly.security.wildfly-elytron-sasl-oauth2-1.15.14.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-sasl-oauth2@1.15.14.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-audit-1.15.14.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.security.wildfly-elytron-audit-1.15.14.Final-redhat-00001.jar",
"product_id": "org.wildfly.security.wildfly-elytron-audit-1.15.14.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-audit@1.15.14.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-http-cert-1.15.14.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.security.wildfly-elytron-http-cert-1.15.14.Final-redhat-00001.pom",
"product_id": "org.wildfly.security.wildfly-elytron-http-cert-1.15.14.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-http-cert@1.15.14.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-credential-1.15.14.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.security.wildfly-elytron-credential-1.15.14.Final-redhat-00001.jar",
"product_id": "org.wildfly.security.wildfly-elytron-credential-1.15.14.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-credential@1.15.14.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-x500-deprecated-1.15.14.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.security.wildfly-elytron-x500-deprecated-1.15.14.Final-redhat-00001.jar",
"product_id": "org.wildfly.security.wildfly-elytron-x500-deprecated-1.15.14.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-x500-deprecated@1.15.14.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-client-1.15.14.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.security.wildfly-elytron-client-1.15.14.Final-redhat-00001.pom",
"product_id": "org.wildfly.security.wildfly-elytron-client-1.15.14.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-client@1.15.14.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-auth-1.15.14.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.security.wildfly-elytron-auth-1.15.14.Final-redhat-00001.pom",
"product_id": "org.wildfly.security.wildfly-elytron-auth-1.15.14.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-auth@1.15.14.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-http-deprecated-1.15.14.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.security.wildfly-elytron-http-deprecated-1.15.14.Final-redhat-00001.jar",
"product_id": "org.wildfly.security.wildfly-elytron-http-deprecated-1.15.14.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-http-deprecated@1.15.14.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-sasl-gs2-1.15.14.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.security.wildfly-elytron-sasl-gs2-1.15.14.Final-redhat-00001.jar",
"product_id": "org.wildfly.security.wildfly-elytron-sasl-gs2-1.15.14.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-sasl-gs2@1.15.14.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-http-1.15.14.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.security.wildfly-elytron-http-1.15.14.Final-redhat-00001.jar",
"product_id": "org.wildfly.security.wildfly-elytron-http-1.15.14.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-http@1.15.14.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-realm-jdbc-1.15.14.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.security.wildfly-elytron-realm-jdbc-1.15.14.Final-redhat-00001.pom",
"product_id": "org.wildfly.security.wildfly-elytron-realm-jdbc-1.15.14.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-realm-jdbc@1.15.14.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-x500-cert-util-1.15.14.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.security.wildfly-elytron-x500-cert-util-1.15.14.Final-redhat-00001.pom",
"product_id": "org.wildfly.security.wildfly-elytron-x500-cert-util-1.15.14.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-x500-cert-util@1.15.14.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-encryption-1.15.14.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.security.wildfly-elytron-encryption-1.15.14.Final-redhat-00001.pom",
"product_id": "org.wildfly.security.wildfly-elytron-encryption-1.15.14.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-encryption@1.15.14.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-sasl-digest-1.15.14.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.security.wildfly-elytron-sasl-digest-1.15.14.Final-redhat-00001.pom",
"product_id": "org.wildfly.security.wildfly-elytron-sasl-digest-1.15.14.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-sasl-digest@1.15.14.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-x500-cert-util-1.15.14.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.security.wildfly-elytron-x500-cert-util-1.15.14.Final-redhat-00001.jar",
"product_id": "org.wildfly.security.wildfly-elytron-x500-cert-util-1.15.14.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-x500-cert-util@1.15.14.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-sasl-digest-1.15.14.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.security.wildfly-elytron-sasl-digest-1.15.14.Final-redhat-00001.jar",
"product_id": "org.wildfly.security.wildfly-elytron-sasl-digest-1.15.14.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-sasl-digest@1.15.14.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-auth-server-deprecated-1.15.14.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.security.wildfly-elytron-auth-server-deprecated-1.15.14.Final-redhat-00001.pom",
"product_id": "org.wildfly.security.wildfly-elytron-auth-server-deprecated-1.15.14.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-auth-server-deprecated@1.15.14.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-auth-util-1.15.14.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.security.wildfly-elytron-auth-util-1.15.14.Final-redhat-00001.jar",
"product_id": "org.wildfly.security.wildfly-elytron-auth-util-1.15.14.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-auth-util@1.15.14.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-http-util-1.15.14.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.security.wildfly-elytron-http-util-1.15.14.Final-redhat-00001.pom",
"product_id": "org.wildfly.security.wildfly-elytron-http-util-1.15.14.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-http-util@1.15.14.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-auth-1.15.14.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.security.wildfly-elytron-auth-1.15.14.Final-redhat-00001.jar",
"product_id": "org.wildfly.security.wildfly-elytron-auth-1.15.14.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-auth@1.15.14.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-mechanism-oauth2-1.15.14.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.security.wildfly-elytron-mechanism-oauth2-1.15.14.Final-redhat-00001.pom",
"product_id": "org.wildfly.security.wildfly-elytron-mechanism-oauth2-1.15.14.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-mechanism-oauth2@1.15.14.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-client-1.15.14.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.security.wildfly-elytron-client-1.15.14.Final-redhat-00001.jar",
"product_id": "org.wildfly.security.wildfly-elytron-client-1.15.14.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-client@1.15.14.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-http-deprecated-1.15.14.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.security.wildfly-elytron-http-deprecated-1.15.14.Final-redhat-00001.pom",
"product_id": "org.wildfly.security.wildfly-elytron-http-deprecated-1.15.14.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-http-deprecated@1.15.14.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-jaspi-1.15.14.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.security.wildfly-elytron-jaspi-1.15.14.Final-redhat-00001.pom",
"product_id": "org.wildfly.security.wildfly-elytron-jaspi-1.15.14.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-jaspi@1.15.14.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-tool-1.15.14.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.security.wildfly-elytron-tool-1.15.14.Final-redhat-00001.jar",
"product_id": "org.wildfly.security.wildfly-elytron-tool-1.15.14.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-tool@1.15.14.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-encryption-1.15.14.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.security.wildfly-elytron-encryption-1.15.14.Final-redhat-00001.jar",
"product_id": "org.wildfly.security.wildfly-elytron-encryption-1.15.14.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-encryption@1.15.14.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-auth-util-1.15.14.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.security.wildfly-elytron-auth-util-1.15.14.Final-redhat-00001.pom",
"product_id": "org.wildfly.security.wildfly-elytron-auth-util-1.15.14.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-auth-util@1.15.14.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-credential-source-deprecated-1.15.14.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.security.wildfly-elytron-credential-source-deprecated-1.15.14.Final-redhat-00001.jar",
"product_id": "org.wildfly.security.wildfly-elytron-credential-source-deprecated-1.15.14.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-credential-source-deprecated@1.15.14.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-credential-source-deprecated-1.15.14.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.security.wildfly-elytron-credential-source-deprecated-1.15.14.Final-redhat-00001.pom",
"product_id": "org.wildfly.security.wildfly-elytron-credential-source-deprecated-1.15.14.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-credential-source-deprecated@1.15.14.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-http-form-1.15.14.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.security.wildfly-elytron-http-form-1.15.14.Final-redhat-00001.jar",
"product_id": "org.wildfly.security.wildfly-elytron-http-form-1.15.14.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-http-form@1.15.14.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-mechanism-1.15.14.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.security.wildfly-elytron-mechanism-1.15.14.Final-redhat-00001.pom",
"product_id": "org.wildfly.security.wildfly-elytron-mechanism-1.15.14.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-mechanism@1.15.14.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-sasl-external-1.15.14.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.security.wildfly-elytron-sasl-external-1.15.14.Final-redhat-00001.jar",
"product_id": "org.wildfly.security.wildfly-elytron-sasl-external-1.15.14.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-sasl-external@1.15.14.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-sasl-1.15.14.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.security.wildfly-elytron-sasl-1.15.14.Final-redhat-00001.jar",
"product_id": "org.wildfly.security.wildfly-elytron-sasl-1.15.14.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-sasl@1.15.14.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-sasl-external-1.15.14.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.security.wildfly-elytron-sasl-external-1.15.14.Final-redhat-00001.pom",
"product_id": "org.wildfly.security.wildfly-elytron-sasl-external-1.15.14.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-sasl-external@1.15.14.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-sasl-1.15.14.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.security.wildfly-elytron-sasl-1.15.14.Final-redhat-00001.pom",
"product_id": "org.wildfly.security.wildfly-elytron-sasl-1.15.14.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-sasl@1.15.14.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-1.15.14.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.security.wildfly-elytron-1.15.14.Final-redhat-00001.pom",
"product_id": "org.wildfly.security.wildfly-elytron-1.15.14.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron@1.15.14.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-http-form-1.15.14.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.security.wildfly-elytron-http-form-1.15.14.Final-redhat-00001.pom",
"product_id": "org.wildfly.security.wildfly-elytron-http-form-1.15.14.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-http-form@1.15.14.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-mechanism-1.15.14.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.security.wildfly-elytron-mechanism-1.15.14.Final-redhat-00001.jar",
"product_id": "org.wildfly.security.wildfly-elytron-mechanism-1.15.14.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-mechanism@1.15.14.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-base-1.15.14.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.security.wildfly-elytron-base-1.15.14.Final-redhat-00001.jar",
"product_id": "org.wildfly.security.wildfly-elytron-base-1.15.14.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-base@1.15.14.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-realm-token-1.15.14.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.security.wildfly-elytron-realm-token-1.15.14.Final-redhat-00001.jar",
"product_id": "org.wildfly.security.wildfly-elytron-realm-token-1.15.14.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-realm-token@1.15.14.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-sasl-localuser-1.15.14.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.security.wildfly-elytron-sasl-localuser-1.15.14.Final-redhat-00001.jar",
"product_id": "org.wildfly.security.wildfly-elytron-sasl-localuser-1.15.14.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-sasl-localuser@1.15.14.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-auth-server-sasl-1.15.14.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.security.wildfly-elytron-auth-server-sasl-1.15.14.Final-redhat-00001.pom",
"product_id": "org.wildfly.security.wildfly-elytron-auth-server-sasl-1.15.14.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-auth-server-sasl@1.15.14.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-mechanism-oauth2-1.15.14.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.security.wildfly-elytron-mechanism-oauth2-1.15.14.Final-redhat-00001.jar",
"product_id": "org.wildfly.security.wildfly-elytron-mechanism-oauth2-1.15.14.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-mechanism-oauth2@1.15.14.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-digest-1.15.14.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.security.wildfly-elytron-digest-1.15.14.Final-redhat-00001.pom",
"product_id": "org.wildfly.security.wildfly-elytron-digest-1.15.14.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-digest@1.15.14.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-realm-ldap-1.15.14.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.security.wildfly-elytron-realm-ldap-1.15.14.Final-redhat-00001.jar",
"product_id": "org.wildfly.security.wildfly-elytron-realm-ldap-1.15.14.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-realm-ldap@1.15.14.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-json-util-1.15.14.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.security.wildfly-elytron-json-util-1.15.14.Final-redhat-00001.pom",
"product_id": "org.wildfly.security.wildfly-elytron-json-util-1.15.14.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-json-util@1.15.14.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-util-1.15.14.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.security.wildfly-elytron-util-1.15.14.Final-redhat-00001.jar",
"product_id": "org.wildfly.security.wildfly-elytron-util-1.15.14.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-util@1.15.14.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-http-external-1.15.14.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.security.wildfly-elytron-http-external-1.15.14.Final-redhat-00001.pom",
"product_id": "org.wildfly.security.wildfly-elytron-http-external-1.15.14.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-http-external@1.15.14.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-1.15.14.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.security.wildfly-elytron-1.15.14.Final-redhat-00001.jar",
"product_id": "org.wildfly.security.wildfly-elytron-1.15.14.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron@1.15.14.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-http-util-1.15.14.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.security.wildfly-elytron-http-util-1.15.14.Final-redhat-00001.jar",
"product_id": "org.wildfly.security.wildfly-elytron-http-util-1.15.14.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-http-util@1.15.14.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-jose-jwk-1.15.14.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.security.wildfly-elytron-jose-jwk-1.15.14.Final-redhat-00001.pom",
"product_id": "org.wildfly.security.wildfly-elytron-jose-jwk-1.15.14.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-jose-jwk@1.15.14.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-jaspi-1.15.14.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.security.wildfly-elytron-jaspi-1.15.14.Final-redhat-00001.jar",
"product_id": "org.wildfly.security.wildfly-elytron-jaspi-1.15.14.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-jaspi@1.15.14.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-credential-source-impl-1.15.14.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.security.wildfly-elytron-credential-source-impl-1.15.14.Final-redhat-00001.jar",
"product_id": "org.wildfly.security.wildfly-elytron-credential-source-impl-1.15.14.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-credential-source-impl@1.15.14.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-password-impl-1.15.14.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.security.wildfly-elytron-password-impl-1.15.14.Final-redhat-00001.pom",
"product_id": "org.wildfly.security.wildfly-elytron-password-impl-1.15.14.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-password-impl@1.15.14.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-realm-ldap-1.15.14.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.security.wildfly-elytron-realm-ldap-1.15.14.Final-redhat-00001.pom",
"product_id": "org.wildfly.security.wildfly-elytron-realm-ldap-1.15.14.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-realm-ldap@1.15.14.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-tool-1.15.14.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.security.wildfly-elytron-tool-1.15.14.Final-redhat-00001.pom",
"product_id": "org.wildfly.security.wildfly-elytron-tool-1.15.14.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-tool@1.15.14.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-sasl-localuser-1.15.14.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.security.wildfly-elytron-sasl-localuser-1.15.14.Final-redhat-00001.pom",
"product_id": "org.wildfly.security.wildfly-elytron-sasl-localuser-1.15.14.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-sasl-localuser@1.15.14.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-digest-1.15.14.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.security.wildfly-elytron-digest-1.15.14.Final-redhat-00001.jar",
"product_id": "org.wildfly.security.wildfly-elytron-digest-1.15.14.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-digest@1.15.14.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-realm-token-1.15.14.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.security.wildfly-elytron-realm-token-1.15.14.Final-redhat-00001.pom",
"product_id": "org.wildfly.security.wildfly-elytron-realm-token-1.15.14.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-realm-token@1.15.14.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-security-manager-action-1.15.14.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.security.wildfly-elytron-security-manager-action-1.15.14.Final-redhat-00001.jar",
"product_id": "org.wildfly.security.wildfly-elytron-security-manager-action-1.15.14.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-security-manager-action@1.15.14.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-jose-util-1.15.14.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.security.wildfly-elytron-jose-util-1.15.14.Final-redhat-00001.pom",
"product_id": "org.wildfly.security.wildfly-elytron-jose-util-1.15.14.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-jose-util@1.15.14.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-sasl-gssapi-1.15.14.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.security.wildfly-elytron-sasl-gssapi-1.15.14.Final-redhat-00001.jar",
"product_id": "org.wildfly.security.wildfly-elytron-sasl-gssapi-1.15.14.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-sasl-gssapi@1.15.14.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-asn1-1.15.14.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.security.wildfly-elytron-asn1-1.15.14.Final-redhat-00001.pom",
"product_id": "org.wildfly.security.wildfly-elytron-asn1-1.15.14.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-asn1@1.15.14.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-auth-server-deprecated-1.15.14.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.security.wildfly-elytron-auth-server-deprecated-1.15.14.Final-redhat-00001.jar",
"product_id": "org.wildfly.security.wildfly-elytron-auth-server-deprecated-1.15.14.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-auth-server-deprecated@1.15.14.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-credential-store-1.15.14.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.security.wildfly-elytron-credential-store-1.15.14.Final-redhat-00001.jar",
"product_id": "org.wildfly.security.wildfly-elytron-credential-store-1.15.14.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-credential-store@1.15.14.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-http-sso-1.15.14.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.security.wildfly-elytron-http-sso-1.15.14.Final-redhat-00001.jar",
"product_id": "org.wildfly.security.wildfly-elytron-http-sso-1.15.14.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-http-sso@1.15.14.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-http-sso-1.15.14.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.security.wildfly-elytron-http-sso-1.15.14.Final-redhat-00001.pom",
"product_id": "org.wildfly.security.wildfly-elytron-http-sso-1.15.14.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-http-sso@1.15.14.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-http-cert-1.15.14.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.security.wildfly-elytron-http-cert-1.15.14.Final-redhat-00001.jar",
"product_id": "org.wildfly.security.wildfly-elytron-http-cert-1.15.14.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-http-cert@1.15.14.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-sasl-auth-util-1.15.14.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.security.wildfly-elytron-sasl-auth-util-1.15.14.Final-redhat-00001.jar",
"product_id": "org.wildfly.security.wildfly-elytron-sasl-auth-util-1.15.14.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-sasl-auth-util@1.15.14.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-sasl-gssapi-1.15.14.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.security.wildfly-elytron-sasl-gssapi-1.15.14.Final-redhat-00001.pom",
"product_id": "org.wildfly.security.wildfly-elytron-sasl-gssapi-1.15.14.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-sasl-gssapi@1.15.14.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-http-external-1.15.14.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.security.wildfly-elytron-http-external-1.15.14.Final-redhat-00001.jar",
"product_id": "org.wildfly.security.wildfly-elytron-http-external-1.15.14.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-http-external@1.15.14.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-json-util-1.15.14.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.security.wildfly-elytron-json-util-1.15.14.Final-redhat-00001.jar",
"product_id": "org.wildfly.security.wildfly-elytron-json-util-1.15.14.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-json-util@1.15.14.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-sasl-entity-1.15.14.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.security.wildfly-elytron-sasl-entity-1.15.14.Final-redhat-00001.jar",
"product_id": "org.wildfly.security.wildfly-elytron-sasl-entity-1.15.14.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-sasl-entity@1.15.14.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-auth-server-http-1.15.14.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.security.wildfly-elytron-auth-server-http-1.15.14.Final-redhat-00001.jar",
"product_id": "org.wildfly.security.wildfly-elytron-auth-server-http-1.15.14.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-auth-server-http@1.15.14.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-permission-1.15.14.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.security.wildfly-elytron-permission-1.15.14.Final-redhat-00001.pom",
"product_id": "org.wildfly.security.wildfly-elytron-permission-1.15.14.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-permission@1.15.14.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-ssl-1.15.14.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.security.wildfly-elytron-ssl-1.15.14.Final-redhat-00001.jar",
"product_id": "org.wildfly.security.wildfly-elytron-ssl-1.15.14.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-ssl@1.15.14.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-http-spnego-1.15.14.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.security.wildfly-elytron-http-spnego-1.15.14.Final-redhat-00001.pom",
"product_id": "org.wildfly.security.wildfly-elytron-http-spnego-1.15.14.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-http-spnego@1.15.14.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-http-bearer-1.15.14.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.security.wildfly-elytron-http-bearer-1.15.14.Final-redhat-00001.jar",
"product_id": "org.wildfly.security.wildfly-elytron-http-bearer-1.15.14.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-http-bearer@1.15.14.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-sasl-auth-util-1.15.14.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.security.wildfly-elytron-sasl-auth-util-1.15.14.Final-redhat-00001.pom",
"product_id": "org.wildfly.security.wildfly-elytron-sasl-auth-util-1.15.14.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-sasl-auth-util@1.15.14.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-sasl-scram-1.15.14.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.security.wildfly-elytron-sasl-scram-1.15.14.Final-redhat-00001.pom",
"product_id": "org.wildfly.security.wildfly-elytron-sasl-scram-1.15.14.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-sasl-scram@1.15.14.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-auth-server-1.15.14.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.security.wildfly-elytron-auth-server-1.15.14.Final-redhat-00001.pom",
"product_id": "org.wildfly.security.wildfly-elytron-auth-server-1.15.14.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-auth-server@1.15.14.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-asn1-1.15.14.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.security.wildfly-elytron-asn1-1.15.14.Final-redhat-00001.jar",
"product_id": "org.wildfly.security.wildfly-elytron-asn1-1.15.14.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-asn1@1.15.14.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-credential-source-impl-1.15.14.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.security.wildfly-elytron-credential-source-impl-1.15.14.Final-redhat-00001.pom",
"product_id": "org.wildfly.security.wildfly-elytron-credential-source-impl-1.15.14.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-credential-source-impl@1.15.14.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-keystore-1.15.14.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.security.wildfly-elytron-keystore-1.15.14.Final-redhat-00001.jar",
"product_id": "org.wildfly.security.wildfly-elytron-keystore-1.15.14.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-keystore@1.15.14.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-auth-server-1.15.14.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.security.wildfly-elytron-auth-server-1.15.14.Final-redhat-00001.jar",
"product_id": "org.wildfly.security.wildfly-elytron-auth-server-1.15.14.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-auth-server@1.15.14.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-sasl-otp-1.15.14.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.security.wildfly-elytron-sasl-otp-1.15.14.Final-redhat-00001.jar",
"product_id": "org.wildfly.security.wildfly-elytron-sasl-otp-1.15.14.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-sasl-otp@1.15.14.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-http-spnego-1.15.14.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.security.wildfly-elytron-http-spnego-1.15.14.Final-redhat-00001.jar",
"product_id": "org.wildfly.security.wildfly-elytron-http-spnego-1.15.14.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-http-spnego@1.15.14.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-provider-util-1.15.14.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.security.wildfly-elytron-provider-util-1.15.14.Final-redhat-00001.pom",
"product_id": "org.wildfly.security.wildfly-elytron-provider-util-1.15.14.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-provider-util@1.15.14.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-provider-util-1.15.14.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.security.wildfly-elytron-provider-util-1.15.14.Final-redhat-00001.jar",
"product_id": "org.wildfly.security.wildfly-elytron-provider-util-1.15.14.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-provider-util@1.15.14.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-password-impl-1.15.14.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.security.wildfly-elytron-password-impl-1.15.14.Final-redhat-00001.jar",
"product_id": "org.wildfly.security.wildfly-elytron-password-impl-1.15.14.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-password-impl@1.15.14.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-security-manager-action-1.15.14.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.security.wildfly-elytron-security-manager-action-1.15.14.Final-redhat-00001.pom",
"product_id": "org.wildfly.security.wildfly-elytron-security-manager-action-1.15.14.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-security-manager-action@1.15.14.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-x500-cert-1.15.14.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.security.wildfly-elytron-x500-cert-1.15.14.Final-redhat-00001.jar",
"product_id": "org.wildfly.security.wildfly-elytron-x500-cert-1.15.14.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-x500-cert@1.15.14.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-sasl-anonymous-1.15.14.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.security.wildfly-elytron-sasl-anonymous-1.15.14.Final-redhat-00001.pom",
"product_id": "org.wildfly.security.wildfly-elytron-sasl-anonymous-1.15.14.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-sasl-anonymous@1.15.14.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-ssl-1.15.14.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.security.wildfly-elytron-ssl-1.15.14.Final-redhat-00001.pom",
"product_id": "org.wildfly.security.wildfly-elytron-ssl-1.15.14.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-ssl@1.15.14.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-http-oidc-1.15.14.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.security.wildfly-elytron-http-oidc-1.15.14.Final-redhat-00001.pom",
"product_id": "org.wildfly.security.wildfly-elytron-http-oidc-1.15.14.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-http-oidc@1.15.14.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-sasl-entity-1.15.14.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.security.wildfly-elytron-sasl-entity-1.15.14.Final-redhat-00001.pom",
"product_id": "org.wildfly.security.wildfly-elytron-sasl-entity-1.15.14.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-sasl-entity@1.15.14.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-realm-1.15.14.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.security.wildfly-elytron-realm-1.15.14.Final-redhat-00001.jar",
"product_id": "org.wildfly.security.wildfly-elytron-realm-1.15.14.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-realm@1.15.14.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-auth-server-sasl-1.15.14.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.security.wildfly-elytron-auth-server-sasl-1.15.14.Final-redhat-00001.jar",
"product_id": "org.wildfly.security.wildfly-elytron-auth-server-sasl-1.15.14.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-auth-server-sasl@1.15.14.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-http-basic-1.15.14.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.security.wildfly-elytron-http-basic-1.15.14.Final-redhat-00001.jar",
"product_id": "org.wildfly.security.wildfly-elytron-http-basic-1.15.14.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-http-basic@1.15.14.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-x500-cert-1.15.14.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.security.wildfly-elytron-x500-cert-1.15.14.Final-redhat-00001.pom",
"product_id": "org.wildfly.security.wildfly-elytron-x500-cert-1.15.14.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-x500-cert@1.15.14.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-security-manager-1.15.14.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.security.wildfly-elytron-security-manager-1.15.14.Final-redhat-00001.jar",
"product_id": "org.wildfly.security.wildfly-elytron-security-manager-1.15.14.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-security-manager@1.15.14.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-permission-1.15.14.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.security.wildfly-elytron-permission-1.15.14.Final-redhat-00001.jar",
"product_id": "org.wildfly.security.wildfly-elytron-permission-1.15.14.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-permission@1.15.14.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-base-1.15.14.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.security.wildfly-elytron-base-1.15.14.Final-redhat-00001.pom",
"product_id": "org.wildfly.security.wildfly-elytron-base-1.15.14.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-base@1.15.14.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-util-1.15.14.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.security.wildfly-elytron-util-1.15.14.Final-redhat-00001.pom",
"product_id": "org.wildfly.security.wildfly-elytron-util-1.15.14.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-util@1.15.14.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-mechanism-digest-1.15.14.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.security.wildfly-elytron-mechanism-digest-1.15.14.Final-redhat-00001.jar",
"product_id": "org.wildfly.security.wildfly-elytron-mechanism-digest-1.15.14.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-mechanism-digest@1.15.14.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-x500-cert-acme-1.15.14.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.security.wildfly-elytron-x500-cert-acme-1.15.14.Final-redhat-00001.pom",
"product_id": "org.wildfly.security.wildfly-elytron-x500-cert-acme-1.15.14.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-x500-cert-acme@1.15.14.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-keystore-1.15.14.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.security.wildfly-elytron-keystore-1.15.14.Final-redhat-00001.pom",
"product_id": "org.wildfly.security.wildfly-elytron-keystore-1.15.14.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-keystore@1.15.14.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-x500-cert-acme-1.15.14.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.security.wildfly-elytron-x500-cert-acme-1.15.14.Final-redhat-00001.jar",
"product_id": "org.wildfly.security.wildfly-elytron-x500-cert-acme-1.15.14.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-x500-cert-acme@1.15.14.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-http-bearer-1.15.14.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.security.wildfly-elytron-http-bearer-1.15.14.Final-redhat-00001.pom",
"product_id": "org.wildfly.security.wildfly-elytron-http-bearer-1.15.14.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-http-bearer@1.15.14.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-x500-principal-1.15.14.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.security.wildfly-elytron-x500-principal-1.15.14.Final-redhat-00001.jar",
"product_id": "org.wildfly.security.wildfly-elytron-x500-principal-1.15.14.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-x500-principal@1.15.14.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-mechanism-scram-1.15.14.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.security.wildfly-elytron-mechanism-scram-1.15.14.Final-redhat-00001.jar",
"product_id": "org.wildfly.security.wildfly-elytron-mechanism-scram-1.15.14.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-mechanism-scram@1.15.14.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-mechanism-scram-1.15.14.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.security.wildfly-elytron-mechanism-scram-1.15.14.Final-redhat-00001.pom",
"product_id": "org.wildfly.security.wildfly-elytron-mechanism-scram-1.15.14.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-mechanism-scram@1.15.14.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-mechanism-digest-1.15.14.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.security.wildfly-elytron-mechanism-digest-1.15.14.Final-redhat-00001.pom",
"product_id": "org.wildfly.security.wildfly-elytron-mechanism-digest-1.15.14.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-mechanism-digest@1.15.14.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-security-manager-1.15.14.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.security.wildfly-elytron-security-manager-1.15.14.Final-redhat-00001.pom",
"product_id": "org.wildfly.security.wildfly-elytron-security-manager-1.15.14.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-security-manager@1.15.14.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-x500-principal-1.15.14.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.security.wildfly-elytron-x500-principal-1.15.14.Final-redhat-00001.pom",
"product_id": "org.wildfly.security.wildfly-elytron-x500-principal-1.15.14.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-x500-principal@1.15.14.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-auth-server-http-1.15.14.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.security.wildfly-elytron-auth-server-http-1.15.14.Final-redhat-00001.pom",
"product_id": "org.wildfly.security.wildfly-elytron-auth-server-http-1.15.14.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-auth-server-http@1.15.14.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.security.wildfly-elytron-http-basic-1.15.14.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.security.wildfly-elytron-http-basic-1.15.14.Final-redhat-00001.pom",
"product_id": "org.wildfly.security.wildfly-elytron-http-basic-1.15.14.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.security/wildfly-elytron-http-basic@1.15.14.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.jboss-ejb-client-4.0.45.Final-redhat-00001.jar",
"product": {
"name": "org.jboss.jboss-ejb-client-4.0.45.Final-redhat-00001.jar",
"product_id": "org.jboss.jboss-ejb-client-4.0.45.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss/jboss-ejb-client@4.0.45.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.jboss-ejb-client-4.0.45.Final-redhat-00001.pom",
"product": {
"name": "org.jboss.jboss-ejb-client-4.0.45.Final-redhat-00001.pom",
"product_id": "org.jboss.jboss-ejb-client-4.0.45.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss/jboss-ejb-client@4.0.45.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.wildfly-http-client.wildfly-http-transaction-client-1.1.13.SP1-redhat-00001.jar",
"product": {
"name": "org.wildfly.wildfly-http-client.wildfly-http-transaction-client-1.1.13.SP1-redhat-00001.jar",
"product_id": "org.wildfly.wildfly-http-client.wildfly-http-transaction-client-1.1.13.SP1-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.wildfly-http-client/wildfly-http-transaction-client@1.1.13.SP1-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.wildfly-http-client.wildfly-http-ejb-client-1.1.13.SP1-redhat-00001.jar",
"product": {
"name": "org.wildfly.wildfly-http-client.wildfly-http-ejb-client-1.1.13.SP1-redhat-00001.jar",
"product_id": "org.wildfly.wildfly-http-client.wildfly-http-ejb-client-1.1.13.SP1-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.wildfly-http-client/wildfly-http-ejb-client@1.1.13.SP1-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.wildfly-http-client.wildfly-http-client-common-1.1.13.SP1-redhat-00001.pom",
"product": {
"name": "org.wildfly.wildfly-http-client.wildfly-http-client-common-1.1.13.SP1-redhat-00001.pom",
"product_id": "org.wildfly.wildfly-http-client.wildfly-http-client-common-1.1.13.SP1-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.wildfly-http-client/wildfly-http-client-common@1.1.13.SP1-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.wildfly-http-client.wildfly-http-naming-client-1.1.13.SP1-redhat-00001.jar",
"product": {
"name": "org.wildfly.wildfly-http-client.wildfly-http-naming-client-1.1.13.SP1-redhat-00001.jar",
"product_id": "org.wildfly.wildfly-http-client.wildfly-http-naming-client-1.1.13.SP1-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.wildfly-http-client/wildfly-http-naming-client@1.1.13.SP1-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.wildfly-http-client.wildfly-http-ejb-client-1.1.13.SP1-redhat-00001.pom",
"product": {
"name": "org.wildfly.wildfly-http-client.wildfly-http-ejb-client-1.1.13.SP1-redhat-00001.pom",
"product_id": "org.wildfly.wildfly-http-client.wildfly-http-ejb-client-1.1.13.SP1-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.wildfly-http-client/wildfly-http-ejb-client@1.1.13.SP1-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.wildfly-http-client.wildfly-http-naming-client-1.1.13.SP1-redhat-00001.pom",
"product": {
"name": "org.wildfly.wildfly-http-client.wildfly-http-naming-client-1.1.13.SP1-redhat-00001.pom",
"product_id": "org.wildfly.wildfly-http-client.wildfly-http-naming-client-1.1.13.SP1-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.wildfly-http-client/wildfly-http-naming-client@1.1.13.SP1-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.wildfly-http-client.wildfly-http-client-common-1.1.13.SP1-redhat-00001.jar",
"product": {
"name": "org.wildfly.wildfly-http-client.wildfly-http-client-common-1.1.13.SP1-redhat-00001.jar",
"product_id": "org.wildfly.wildfly-http-client.wildfly-http-client-common-1.1.13.SP1-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.wildfly-http-client/wildfly-http-client-common@1.1.13.SP1-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.wildfly-http-client.wildfly-http-transaction-client-1.1.13.SP1-redhat-00001.pom",
"product": {
"name": "org.wildfly.wildfly-http-client.wildfly-http-transaction-client-1.1.13.SP1-redhat-00001.pom",
"product_id": "org.wildfly.wildfly-http-client.wildfly-http-transaction-client-1.1.13.SP1-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.wildfly-http-client/wildfly-http-transaction-client@1.1.13.SP1-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.hibernate.hibernate-core-5.3.28.Final-redhat-00001.jar",
"product": {
"name": "org.hibernate.hibernate-core-5.3.28.Final-redhat-00001.jar",
"product_id": "org.hibernate.hibernate-core-5.3.28.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.hibernate/hibernate-core@5.3.28.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.hibernate.hibernate-envers-5.3.28.Final-redhat-00001.jar",
"product": {
"name": "org.hibernate.hibernate-envers-5.3.28.Final-redhat-00001.jar",
"product_id": "org.hibernate.hibernate-envers-5.3.28.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.hibernate/hibernate-envers@5.3.28.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.ironjacamar.ironjacamar-common-impl-1.5.3.SP2-redhat-00001.jar",
"product": {
"name": "org.jboss.ironjacamar.ironjacamar-common-impl-1.5.3.SP2-redhat-00001.jar",
"product_id": "org.jboss.ironjacamar.ironjacamar-common-impl-1.5.3.SP2-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.ironjacamar/ironjacamar-common-impl@1.5.3.SP2-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.ironjacamar.ironjacamar-common-spi-1.5.3.SP2-redhat-00001.pom",
"product": {
"name": "org.jboss.ironjacamar.ironjacamar-common-spi-1.5.3.SP2-redhat-00001.pom",
"product_id": "org.jboss.ironjacamar.ironjacamar-common-spi-1.5.3.SP2-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.ironjacamar/ironjacamar-common-spi@1.5.3.SP2-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.ironjacamar.ironjacamar-jdbc-1.5.3.SP2-redhat-00001.pom",
"product": {
"name": "org.jboss.ironjacamar.ironjacamar-jdbc-1.5.3.SP2-redhat-00001.pom",
"product_id": "org.jboss.ironjacamar.ironjacamar-jdbc-1.5.3.SP2-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.ironjacamar/ironjacamar-jdbc@1.5.3.SP2-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.ironjacamar.ironjacamar-common-api-1.5.3.SP2-redhat-00001.pom",
"product": {
"name": "org.jboss.ironjacamar.ironjacamar-common-api-1.5.3.SP2-redhat-00001.pom",
"product_id": "org.jboss.ironjacamar.ironjacamar-common-api-1.5.3.SP2-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.ironjacamar/ironjacamar-common-api@1.5.3.SP2-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.ironjacamar.ironjacamar-core-api-1.5.3.SP2-redhat-00001.jar",
"product": {
"name": "org.jboss.ironjacamar.ironjacamar-core-api-1.5.3.SP2-redhat-00001.jar",
"product_id": "org.jboss.ironjacamar.ironjacamar-core-api-1.5.3.SP2-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.ironjacamar/ironjacamar-core-api@1.5.3.SP2-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.ironjacamar.ironjacamar-core-api-1.5.3.SP2-redhat-00001.pom",
"product": {
"name": "org.jboss.ironjacamar.ironjacamar-core-api-1.5.3.SP2-redhat-00001.pom",
"product_id": "org.jboss.ironjacamar.ironjacamar-core-api-1.5.3.SP2-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.ironjacamar/ironjacamar-core-api@1.5.3.SP2-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.ironjacamar.ironjacamar-common-api-1.5.3.SP2-redhat-00001.jar",
"product": {
"name": "org.jboss.ironjacamar.ironjacamar-common-api-1.5.3.SP2-redhat-00001.jar",
"product_id": "org.jboss.ironjacamar.ironjacamar-common-api-1.5.3.SP2-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.ironjacamar/ironjacamar-common-api@1.5.3.SP2-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.ironjacamar.ironjacamar-jdbc-1.5.3.SP2-redhat-00001.jar",
"product": {
"name": "org.jboss.ironjacamar.ironjacamar-jdbc-1.5.3.SP2-redhat-00001.jar",
"product_id": "org.jboss.ironjacamar.ironjacamar-jdbc-1.5.3.SP2-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.ironjacamar/ironjacamar-jdbc@1.5.3.SP2-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.ironjacamar.ironjacamar-common-impl-1.5.3.SP2-redhat-00001.pom",
"product": {
"name": "org.jboss.ironjacamar.ironjacamar-common-impl-1.5.3.SP2-redhat-00001.pom",
"product_id": "org.jboss.ironjacamar.ironjacamar-common-impl-1.5.3.SP2-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.ironjacamar/ironjacamar-common-impl@1.5.3.SP2-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.ironjacamar.ironjacamar-deployers-common-1.5.3.SP2-redhat-00001.jar",
"product": {
"name": "org.jboss.ironjacamar.ironjacamar-deployers-common-1.5.3.SP2-redhat-00001.jar",
"product_id": "org.jboss.ironjacamar.ironjacamar-deployers-common-1.5.3.SP2-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.ironjacamar/ironjacamar-deployers-common@1.5.3.SP2-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.ironjacamar.ironjacamar-core-impl-1.5.3.SP2-redhat-00001.jar",
"product": {
"name": "org.jboss.ironjacamar.ironjacamar-core-impl-1.5.3.SP2-redhat-00001.jar",
"product_id": "org.jboss.ironjacamar.ironjacamar-core-impl-1.5.3.SP2-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.ironjacamar/ironjacamar-core-impl@1.5.3.SP2-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.ironjacamar.ironjacamar-common-spi-1.5.3.SP2-redhat-00001.jar",
"product": {
"name": "org.jboss.ironjacamar.ironjacamar-common-spi-1.5.3.SP2-redhat-00001.jar",
"product_id": "org.jboss.ironjacamar.ironjacamar-common-spi-1.5.3.SP2-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.ironjacamar/ironjacamar-common-spi@1.5.3.SP2-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.ironjacamar.ironjacamar-validator-1.5.3.SP2-redhat-00001.pom",
"product": {
"name": "org.jboss.ironjacamar.ironjacamar-validator-1.5.3.SP2-redhat-00001.pom",
"product_id": "org.jboss.ironjacamar.ironjacamar-validator-1.5.3.SP2-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.ironjacamar/ironjacamar-validator@1.5.3.SP2-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.ironjacamar.ironjacamar-core-impl-1.5.3.SP2-redhat-00001.pom",
"product": {
"name": "org.jboss.ironjacamar.ironjacamar-core-impl-1.5.3.SP2-redhat-00001.pom",
"product_id": "org.jboss.ironjacamar.ironjacamar-core-impl-1.5.3.SP2-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.ironjacamar/ironjacamar-core-impl@1.5.3.SP2-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.ironjacamar.ironjacamar-deployers-common-1.5.3.SP2-redhat-00001.pom",
"product": {
"name": "org.jboss.ironjacamar.ironjacamar-deployers-common-1.5.3.SP2-redhat-00001.pom",
"product_id": "org.jboss.ironjacamar.ironjacamar-deployers-common-1.5.3.SP2-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.ironjacamar/ironjacamar-deployers-common@1.5.3.SP2-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.ironjacamar.ironjacamar-validator-1.5.3.SP2-redhat-00001.jar",
"product": {
"name": "org.jboss.ironjacamar.ironjacamar-validator-1.5.3.SP2-redhat-00001.jar",
"product_id": "org.jboss.ironjacamar.ironjacamar-validator-1.5.3.SP2-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.ironjacamar/ironjacamar-validator@1.5.3.SP2-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "io.undertow.undertow-core-2.2.19.SP2-redhat-00001.pom",
"product": {
"name": "io.undertow.undertow-core-2.2.19.SP2-redhat-00001.pom",
"product_id": "io.undertow.undertow-core-2.2.19.SP2-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/io.undertow/undertow-core@2.2.19.SP2-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "io.undertow.undertow-servlet-2.2.19.SP2-redhat-00001.pom",
"product": {
"name": "io.undertow.undertow-servlet-2.2.19.SP2-redhat-00001.pom",
"product_id": "io.undertow.undertow-servlet-2.2.19.SP2-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/io.undertow/undertow-servlet@2.2.19.SP2-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "io.undertow.undertow-servlet-2.2.19.SP2-redhat-00001.jar",
"product": {
"name": "io.undertow.undertow-servlet-2.2.19.SP2-redhat-00001.jar",
"product_id": "io.undertow.undertow-servlet-2.2.19.SP2-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/io.undertow/undertow-servlet@2.2.19.SP2-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "io.undertow.undertow-core-2.2.19.SP2-redhat-00001.jar",
"product": {
"name": "io.undertow.undertow-core-2.2.19.SP2-redhat-00001.jar",
"product_id": "io.undertow.undertow-core-2.2.19.SP2-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/io.undertow/undertow-core@2.2.19.SP2-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "io.undertow.undertow-websockets-jsr-2.2.19.SP2-redhat-00001.pom",
"product": {
"name": "io.undertow.undertow-websockets-jsr-2.2.19.SP2-redhat-00001.pom",
"product_id": "io.undertow.undertow-websockets-jsr-2.2.19.SP2-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/io.undertow/undertow-websockets-jsr@2.2.19.SP2-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "io.undertow.undertow-websockets-jsr-2.2.19.SP2-redhat-00001.jar",
"product": {
"name": "io.undertow.undertow-websockets-jsr-2.2.19.SP2-redhat-00001.jar",
"product_id": "io.undertow.undertow-websockets-jsr-2.2.19.SP2-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/io.undertow/undertow-websockets-jsr@2.2.19.SP2-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.yaml.snakeyaml-1.31.0.redhat-00001.jar",
"product": {
"name": "org.yaml.snakeyaml-1.31.0.redhat-00001.jar",
"product_id": "org.yaml.snakeyaml-1.31.0.redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.yaml/snakeyaml@1.31.0.redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.yaml.snakeyaml-1.31.0.redhat-00001.pom",
"product": {
"name": "org.yaml.snakeyaml-1.31.0.redhat-00001.pom",
"product_id": "org.yaml.snakeyaml-1.31.0.redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.yaml/snakeyaml@1.31.0.redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.core.wildfly-io-15.0.18.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.core.wildfly-io-15.0.18.Final-redhat-00001.jar",
"product_id": "org.wildfly.core.wildfly-io-15.0.18.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.core/wildfly-io@15.0.18.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.core.wildfly-domain-management-15.0.18.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.core.wildfly-domain-management-15.0.18.Final-redhat-00001.pom",
"product_id": "org.wildfly.core.wildfly-domain-management-15.0.18.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.core/wildfly-domain-management@15.0.18.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.core.wildfly-core-security-api-15.0.18.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.core.wildfly-core-security-api-15.0.18.Final-redhat-00001.pom",
"product_id": "org.wildfly.core.wildfly-core-security-api-15.0.18.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.core/wildfly-core-security-api@15.0.18.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.core.wildfly-core-management-client-15.0.18.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.core.wildfly-core-management-client-15.0.18.Final-redhat-00001.jar",
"product_id": "org.wildfly.core.wildfly-core-management-client-15.0.18.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.core/wildfly-core-management-client@15.0.18.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.core.wildfly-platform-mbean-15.0.18.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.core.wildfly-platform-mbean-15.0.18.Final-redhat-00001.jar",
"product_id": "org.wildfly.core.wildfly-platform-mbean-15.0.18.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.core/wildfly-platform-mbean@15.0.18.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.core.wildfly-elytron-tool-wrapper-15.0.18.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.core.wildfly-elytron-tool-wrapper-15.0.18.Final-redhat-00001.pom",
"product_id": "org.wildfly.core.wildfly-elytron-tool-wrapper-15.0.18.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.core/wildfly-elytron-tool-wrapper@15.0.18.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.core.wildfly-version-15.0.18.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.core.wildfly-version-15.0.18.Final-redhat-00001.pom",
"product_id": "org.wildfly.core.wildfly-version-15.0.18.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.core/wildfly-version@15.0.18.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.core.wildfly-domain-http-error-context-15.0.18.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.core.wildfly-domain-http-error-context-15.0.18.Final-redhat-00001.pom",
"product_id": "org.wildfly.core.wildfly-domain-http-error-context-15.0.18.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.core/wildfly-domain-http-error-context@15.0.18.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.core.wildfly-patching-15.0.18.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.core.wildfly-patching-15.0.18.Final-redhat-00001.pom",
"product_id": "org.wildfly.core.wildfly-patching-15.0.18.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.core/wildfly-patching@15.0.18.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.core.wildfly-logging-15.0.18.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.core.wildfly-logging-15.0.18.Final-redhat-00001.pom",
"product_id": "org.wildfly.core.wildfly-logging-15.0.18.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.core/wildfly-logging@15.0.18.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.core.wildfly-discovery-15.0.18.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.core.wildfly-discovery-15.0.18.Final-redhat-00001.jar",
"product_id": "org.wildfly.core.wildfly-discovery-15.0.18.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.core/wildfly-discovery@15.0.18.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.core.wildfly-core-security-15.0.18.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.core.wildfly-core-security-15.0.18.Final-redhat-00001.pom",
"product_id": "org.wildfly.core.wildfly-core-security-15.0.18.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.core/wildfly-core-security@15.0.18.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.core.wildfly-network-15.0.18.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.core.wildfly-network-15.0.18.Final-redhat-00001.jar",
"product_id": "org.wildfly.core.wildfly-network-15.0.18.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.core/wildfly-network@15.0.18.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.core.wildfly-security-manager-15.0.18.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.core.wildfly-security-manager-15.0.18.Final-redhat-00001.pom",
"product_id": "org.wildfly.core.wildfly-security-manager-15.0.18.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.core/wildfly-security-manager@15.0.18.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.core.wildfly-cli-15.0.18.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.core.wildfly-cli-15.0.18.Final-redhat-00001.jar",
"product_id": "org.wildfly.core.wildfly-cli-15.0.18.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.core/wildfly-cli@15.0.18.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.core.wildfly-domain-http-interface-15.0.18.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.core.wildfly-domain-http-interface-15.0.18.Final-redhat-00001.pom",
"product_id": "org.wildfly.core.wildfly-domain-http-interface-15.0.18.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.core/wildfly-domain-http-interface@15.0.18.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.core.wildfly-security-manager-15.0.18.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.core.wildfly-security-manager-15.0.18.Final-redhat-00001.jar",
"product_id": "org.wildfly.core.wildfly-security-manager-15.0.18.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.core/wildfly-security-manager@15.0.18.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.core.wildfly-launcher-15.0.18.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.core.wildfly-launcher-15.0.18.Final-redhat-00001.jar",
"product_id": "org.wildfly.core.wildfly-launcher-15.0.18.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.core/wildfly-launcher@15.0.18.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.core.wildfly-domain-http-interface-15.0.18.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.core.wildfly-domain-http-interface-15.0.18.Final-redhat-00001.jar",
"product_id": "org.wildfly.core.wildfly-domain-http-interface-15.0.18.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.core/wildfly-domain-http-interface@15.0.18.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.core.wildfly-core-security-15.0.18.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.core.wildfly-core-security-15.0.18.Final-redhat-00001.jar",
"product_id": "org.wildfly.core.wildfly-core-security-15.0.18.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.core/wildfly-core-security@15.0.18.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.core.wildfly-launcher-15.0.18.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.core.wildfly-launcher-15.0.18.Final-redhat-00001.pom",
"product_id": "org.wildfly.core.wildfly-launcher-15.0.18.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.core/wildfly-launcher@15.0.18.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.core.wildfly-domain-management-15.0.18.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.core.wildfly-domain-management-15.0.18.Final-redhat-00001.jar",
"product_id": "org.wildfly.core.wildfly-domain-management-15.0.18.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.core/wildfly-domain-management@15.0.18.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.core.wildfly-logging-15.0.18.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.core.wildfly-logging-15.0.18.Final-redhat-00001.jar",
"product_id": "org.wildfly.core.wildfly-logging-15.0.18.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.core/wildfly-logging@15.0.18.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.core.wildfly-core-management-client-15.0.18.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.core.wildfly-core-management-client-15.0.18.Final-redhat-00001.pom",
"product_id": "org.wildfly.core.wildfly-core-management-client-15.0.18.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.core/wildfly-core-management-client@15.0.18.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.core.wildfly-process-controller-15.0.18.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.core.wildfly-process-controller-15.0.18.Final-redhat-00001.jar",
"product_id": "org.wildfly.core.wildfly-process-controller-15.0.18.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.core/wildfly-process-controller@15.0.18.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.core.wildfly-core-security-api-15.0.18.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.core.wildfly-core-security-api-15.0.18.Final-redhat-00001.jar",
"product_id": "org.wildfly.core.wildfly-core-security-api-15.0.18.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.core/wildfly-core-security-api@15.0.18.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.core.wildfly-request-controller-15.0.18.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.core.wildfly-request-controller-15.0.18.Final-redhat-00001.jar",
"product_id": "org.wildfly.core.wildfly-request-controller-15.0.18.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.core/wildfly-request-controller@15.0.18.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.core.wildfly-version-15.0.18.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.core.wildfly-version-15.0.18.Final-redhat-00001.jar",
"product_id": "org.wildfly.core.wildfly-version-15.0.18.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.core/wildfly-version@15.0.18.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.core.wildfly-server-15.0.18.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.core.wildfly-server-15.0.18.Final-redhat-00001.pom",
"product_id": "org.wildfly.core.wildfly-server-15.0.18.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.core/wildfly-server@15.0.18.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.core.wildfly-domain-http-error-context-15.0.18.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.core.wildfly-domain-http-error-context-15.0.18.Final-redhat-00001.jar",
"product_id": "org.wildfly.core.wildfly-domain-http-error-context-15.0.18.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.core/wildfly-domain-http-error-context@15.0.18.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.core.wildfly-controller-15.0.18.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.core.wildfly-controller-15.0.18.Final-redhat-00001.pom",
"product_id": "org.wildfly.core.wildfly-controller-15.0.18.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.core/wildfly-controller@15.0.18.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.core.wildfly-host-controller-15.0.18.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.core.wildfly-host-controller-15.0.18.Final-redhat-00001.jar",
"product_id": "org.wildfly.core.wildfly-host-controller-15.0.18.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.core/wildfly-host-controller@15.0.18.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.core.wildfly-remoting-15.0.18.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.core.wildfly-remoting-15.0.18.Final-redhat-00001.jar",
"product_id": "org.wildfly.core.wildfly-remoting-15.0.18.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.core/wildfly-remoting@15.0.18.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.core.wildfly-event-logger-15.0.18.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.core.wildfly-event-logger-15.0.18.Final-redhat-00001.jar",
"product_id": "org.wildfly.core.wildfly-event-logger-15.0.18.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.core/wildfly-event-logger@15.0.18.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.core.wildfly-deployment-scanner-15.0.18.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.core.wildfly-deployment-scanner-15.0.18.Final-redhat-00001.pom",
"product_id": "org.wildfly.core.wildfly-deployment-scanner-15.0.18.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.core/wildfly-deployment-scanner@15.0.18.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.core.wildfly-threads-15.0.18.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.core.wildfly-threads-15.0.18.Final-redhat-00001.pom",
"product_id": "org.wildfly.core.wildfly-threads-15.0.18.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.core/wildfly-threads@15.0.18.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.core.wildfly-management-client-content-15.0.18.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.core.wildfly-management-client-content-15.0.18.Final-redhat-00001.pom",
"product_id": "org.wildfly.core.wildfly-management-client-content-15.0.18.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.core/wildfly-management-client-content@15.0.18.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.core.wildfly-elytron-integration-15.0.18.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.core.wildfly-elytron-integration-15.0.18.Final-redhat-00001.jar",
"product_id": "org.wildfly.core.wildfly-elytron-integration-15.0.18.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.core/wildfly-elytron-integration@15.0.18.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.core.wildfly-threads-15.0.18.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.core.wildfly-threads-15.0.18.Final-redhat-00001.jar",
"product_id": "org.wildfly.core.wildfly-threads-15.0.18.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.core/wildfly-threads@15.0.18.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.core.wildfly-elytron-integration-15.0.18.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.core.wildfly-elytron-integration-15.0.18.Final-redhat-00001.pom",
"product_id": "org.wildfly.core.wildfly-elytron-integration-15.0.18.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.core/wildfly-elytron-integration@15.0.18.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.core.wildfly-cli-15.0.18.Final-redhat-00001-client.jar",
"product": {
"name": "org.wildfly.core.wildfly-cli-15.0.18.Final-redhat-00001-client.jar",
"product_id": "org.wildfly.core.wildfly-cli-15.0.18.Final-redhat-00001-client.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.core/wildfly-cli@15.0.18.Final-redhat-00001?classifier=client\u0026type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.core.wildfly-management-client-content-15.0.18.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.core.wildfly-management-client-content-15.0.18.Final-redhat-00001.jar",
"product_id": "org.wildfly.core.wildfly-management-client-content-15.0.18.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.core/wildfly-management-client-content@15.0.18.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.core.wildfly-embedded-15.0.18.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.core.wildfly-embedded-15.0.18.Final-redhat-00001.pom",
"product_id": "org.wildfly.core.wildfly-embedded-15.0.18.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.core/wildfly-embedded@15.0.18.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.core.wildfly-event-logger-15.0.18.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.core.wildfly-event-logger-15.0.18.Final-redhat-00001.pom",
"product_id": "org.wildfly.core.wildfly-event-logger-15.0.18.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.core/wildfly-event-logger@15.0.18.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.core.wildfly-controller-15.0.18.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.core.wildfly-controller-15.0.18.Final-redhat-00001.jar",
"product_id": "org.wildfly.core.wildfly-controller-15.0.18.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.core/wildfly-controller@15.0.18.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.core.wildfly-elytron-tool-wrapper-15.0.18.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.core.wildfly-elytron-tool-wrapper-15.0.18.Final-redhat-00001.jar",
"product_id": "org.wildfly.core.wildfly-elytron-tool-wrapper-15.0.18.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.core/wildfly-elytron-tool-wrapper@15.0.18.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.core.wildfly-deployment-repository-15.0.18.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.core.wildfly-deployment-repository-15.0.18.Final-redhat-00001.pom",
"product_id": "org.wildfly.core.wildfly-deployment-repository-15.0.18.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.core/wildfly-deployment-repository@15.0.18.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.core.wildfly-jmx-15.0.18.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.core.wildfly-jmx-15.0.18.Final-redhat-00001.pom",
"product_id": "org.wildfly.core.wildfly-jmx-15.0.18.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.core/wildfly-jmx@15.0.18.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.core.wildfly-remoting-15.0.18.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.core.wildfly-remoting-15.0.18.Final-redhat-00001.pom",
"product_id": "org.wildfly.core.wildfly-remoting-15.0.18.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.core/wildfly-remoting@15.0.18.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.core.wildfly-jmx-15.0.18.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.core.wildfly-jmx-15.0.18.Final-redhat-00001.jar",
"product_id": "org.wildfly.core.wildfly-jmx-15.0.18.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.core/wildfly-jmx@15.0.18.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.core.wildfly-process-controller-15.0.18.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.core.wildfly-process-controller-15.0.18.Final-redhat-00001.pom",
"product_id": "org.wildfly.core.wildfly-process-controller-15.0.18.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.core/wildfly-process-controller@15.0.18.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.core.wildfly-server-15.0.18.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.core.wildfly-server-15.0.18.Final-redhat-00001.jar",
"product_id": "org.wildfly.core.wildfly-server-15.0.18.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.core/wildfly-server@15.0.18.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.core.wildfly-core-management-subsystem-15.0.18.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.core.wildfly-core-management-subsystem-15.0.18.Final-redhat-00001.pom",
"product_id": "org.wildfly.core.wildfly-core-management-subsystem-15.0.18.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.core/wildfly-core-management-subsystem@15.0.18.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.core.wildfly-deployment-repository-15.0.18.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.core.wildfly-deployment-repository-15.0.18.Final-redhat-00001.jar",
"product_id": "org.wildfly.core.wildfly-deployment-repository-15.0.18.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.core/wildfly-deployment-repository@15.0.18.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.core.wildfly-host-controller-15.0.18.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.core.wildfly-host-controller-15.0.18.Final-redhat-00001.pom",
"product_id": "org.wildfly.core.wildfly-host-controller-15.0.18.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.core/wildfly-host-controller@15.0.18.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.core.wildfly-protocol-15.0.18.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.core.wildfly-protocol-15.0.18.Final-redhat-00001.jar",
"product_id": "org.wildfly.core.wildfly-protocol-15.0.18.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.core/wildfly-protocol@15.0.18.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.core.wildfly-request-controller-15.0.18.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.core.wildfly-request-controller-15.0.18.Final-redhat-00001.pom",
"product_id": "org.wildfly.core.wildfly-request-controller-15.0.18.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.core/wildfly-request-controller@15.0.18.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.core.wildfly-embedded-15.0.18.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.core.wildfly-embedded-15.0.18.Final-redhat-00001.jar",
"product_id": "org.wildfly.core.wildfly-embedded-15.0.18.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.core/wildfly-embedded@15.0.18.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.core.wildfly-deployment-scanner-15.0.18.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.core.wildfly-deployment-scanner-15.0.18.Final-redhat-00001.jar",
"product_id": "org.wildfly.core.wildfly-deployment-scanner-15.0.18.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.core/wildfly-deployment-scanner@15.0.18.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.core.wildfly-network-15.0.18.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.core.wildfly-network-15.0.18.Final-redhat-00001.pom",
"product_id": "org.wildfly.core.wildfly-network-15.0.18.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.core/wildfly-network@15.0.18.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.core.wildfly-discovery-15.0.18.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.core.wildfly-discovery-15.0.18.Final-redhat-00001.pom",
"product_id": "org.wildfly.core.wildfly-discovery-15.0.18.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.core/wildfly-discovery@15.0.18.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.core.wildfly-cli-15.0.18.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.core.wildfly-cli-15.0.18.Final-redhat-00001.pom",
"product_id": "org.wildfly.core.wildfly-cli-15.0.18.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.core/wildfly-cli@15.0.18.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.core.wildfly-protocol-15.0.18.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.core.wildfly-protocol-15.0.18.Final-redhat-00001.pom",
"product_id": "org.wildfly.core.wildfly-protocol-15.0.18.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.core/wildfly-protocol@15.0.18.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.core.wildfly-controller-client-15.0.18.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.core.wildfly-controller-client-15.0.18.Final-redhat-00001.pom",
"product_id": "org.wildfly.core.wildfly-controller-client-15.0.18.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.core/wildfly-controller-client@15.0.18.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.core.wildfly-io-15.0.18.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.core.wildfly-io-15.0.18.Final-redhat-00001.pom",
"product_id": "org.wildfly.core.wildfly-io-15.0.18.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.core/wildfly-io@15.0.18.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.core.wildfly-platform-mbean-15.0.18.Final-redhat-00001.pom",
"product": {
"name": "org.wildfly.core.wildfly-platform-mbean-15.0.18.Final-redhat-00001.pom",
"product_id": "org.wildfly.core.wildfly-platform-mbean-15.0.18.Final-redhat-00001.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.core/wildfly-platform-mbean@15.0.18.Final-redhat-00001?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.core.wildfly-patching-15.0.18.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.core.wildfly-patching-15.0.18.Final-redhat-00001.jar",
"product_id": "org.wildfly.core.wildfly-patching-15.0.18.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.core/wildfly-patching@15.0.18.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.core.wildfly-core-management-subsystem-15.0.18.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.core.wildfly-core-management-subsystem-15.0.18.Final-redhat-00001.jar",
"product_id": "org.wildfly.core.wildfly-core-management-subsystem-15.0.18.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.core/wildfly-core-management-subsystem@15.0.18.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.wildfly.core.wildfly-controller-client-15.0.18.Final-redhat-00001.jar",
"product": {
"name": "org.wildfly.core.wildfly-controller-client-15.0.18.Final-redhat-00001.jar",
"product_id": "org.wildfly.core.wildfly-controller-client-15.0.18.Final-redhat-00001.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.wildfly.core/wildfly-controller-client@15.0.18.Final-redhat-00001?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.migration.jboss-server-migration-eap7.1-1.10.0.Final-redhat-00019.jar",
"product": {
"name": "org.jboss.migration.jboss-server-migration-eap7.1-1.10.0.Final-redhat-00019.jar",
"product_id": "org.jboss.migration.jboss-server-migration-eap7.1-1.10.0.Final-redhat-00019.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.migration/jboss-server-migration-eap7.1@1.10.0.Final-redhat-00019?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.migration.jboss-server-migration-wildfly15.0-server-1.10.0.Final-redhat-00019.jar",
"product": {
"name": "org.jboss.migration.jboss-server-migration-wildfly15.0-server-1.10.0.Final-redhat-00019.jar",
"product_id": "org.jboss.migration.jboss-server-migration-wildfly15.0-server-1.10.0.Final-redhat-00019.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.migration/jboss-server-migration-wildfly15.0-server@1.10.0.Final-redhat-00019?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.migration.jboss-server-migration-eap6.4-1.10.0.Final-redhat-00019.pom",
"product": {
"name": "org.jboss.migration.jboss-server-migration-eap6.4-1.10.0.Final-redhat-00019.pom",
"product_id": "org.jboss.migration.jboss-server-migration-eap6.4-1.10.0.Final-redhat-00019.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.migration/jboss-server-migration-eap6.4@1.10.0.Final-redhat-00019?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.migration.jboss-server-migration-core-1.10.0.Final-redhat-00019.jar",
"product": {
"name": "org.jboss.migration.jboss-server-migration-core-1.10.0.Final-redhat-00019.jar",
"product_id": "org.jboss.migration.jboss-server-migration-core-1.10.0.Final-redhat-00019.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.migration/jboss-server-migration-core@1.10.0.Final-redhat-00019?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.migration.jboss-server-migration-wildfly14.0-server-1.10.0.Final-redhat-00019.pom",
"product": {
"name": "org.jboss.migration.jboss-server-migration-wildfly14.0-server-1.10.0.Final-redhat-00019.pom",
"product_id": "org.jboss.migration.jboss-server-migration-wildfly14.0-server-1.10.0.Final-redhat-00019.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.migration/jboss-server-migration-wildfly14.0-server@1.10.0.Final-redhat-00019?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.migration.jboss-server-migration-eap7.0-1.10.0.Final-redhat-00019.jar",
"product": {
"name": "org.jboss.migration.jboss-server-migration-eap7.0-1.10.0.Final-redhat-00019.jar",
"product_id": "org.jboss.migration.jboss-server-migration-eap7.0-1.10.0.Final-redhat-00019.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.migration/jboss-server-migration-eap7.0@1.10.0.Final-redhat-00019?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.migration.jboss-server-migration-eap7.2-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"product": {
"name": "org.jboss.migration.jboss-server-migration-eap7.2-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"product_id": "org.jboss.migration.jboss-server-migration-eap7.2-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.migration/jboss-server-migration-eap7.2-to-eap7.4@1.10.0.Final-redhat-00019?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.migration.jboss-server-migration-eap7.4-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"product": {
"name": "org.jboss.migration.jboss-server-migration-eap7.4-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"product_id": "org.jboss.migration.jboss-server-migration-eap7.4-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.migration/jboss-server-migration-eap7.4-to-eap7.4@1.10.0.Final-redhat-00019?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.migration.jboss-server-migration-wildfly16.0-server-1.10.0.Final-redhat-00019.pom",
"product": {
"name": "org.jboss.migration.jboss-server-migration-wildfly16.0-server-1.10.0.Final-redhat-00019.pom",
"product_id": "org.jboss.migration.jboss-server-migration-wildfly16.0-server-1.10.0.Final-redhat-00019.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.migration/jboss-server-migration-wildfly16.0-server@1.10.0.Final-redhat-00019?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.migration.jboss-server-migration-wildfly17.0-server-1.10.0.Final-redhat-00019.jar",
"product": {
"name": "org.jboss.migration.jboss-server-migration-wildfly17.0-server-1.10.0.Final-redhat-00019.jar",
"product_id": "org.jboss.migration.jboss-server-migration-wildfly17.0-server-1.10.0.Final-redhat-00019.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.migration/jboss-server-migration-wildfly17.0-server@1.10.0.Final-redhat-00019?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.migration.jboss-server-migration-eap7.0-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"product": {
"name": "org.jboss.migration.jboss-server-migration-eap7.0-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"product_id": "org.jboss.migration.jboss-server-migration-eap7.0-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.migration/jboss-server-migration-eap7.0-to-eap7.4@1.10.0.Final-redhat-00019?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.migration.jboss-server-migration-eap7.2-1.10.0.Final-redhat-00019.jar",
"product": {
"name": "org.jboss.migration.jboss-server-migration-eap7.2-1.10.0.Final-redhat-00019.jar",
"product_id": "org.jboss.migration.jboss-server-migration-eap7.2-1.10.0.Final-redhat-00019.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.migration/jboss-server-migration-eap7.2@1.10.0.Final-redhat-00019?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.migration.jboss-server-migration-wildfly8.2-1.10.0.Final-redhat-00019.jar",
"product": {
"name": "org.jboss.migration.jboss-server-migration-wildfly8.2-1.10.0.Final-redhat-00019.jar",
"product_id": "org.jboss.migration.jboss-server-migration-wildfly8.2-1.10.0.Final-redhat-00019.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.migration/jboss-server-migration-wildfly8.2@1.10.0.Final-redhat-00019?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.migration.jboss-server-migration-wildfly10.1-1.10.0.Final-redhat-00019.jar",
"product": {
"name": "org.jboss.migration.jboss-server-migration-wildfly10.1-1.10.0.Final-redhat-00019.jar",
"product_id": "org.jboss.migration.jboss-server-migration-wildfly10.1-1.10.0.Final-redhat-00019.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.migration/jboss-server-migration-wildfly10.1@1.10.0.Final-redhat-00019?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.migration.jboss-server-migration-wildfly22.0-server-1.10.0.Final-redhat-00019.jar",
"product": {
"name": "org.jboss.migration.jboss-server-migration-wildfly22.0-server-1.10.0.Final-redhat-00019.jar",
"product_id": "org.jboss.migration.jboss-server-migration-wildfly22.0-server-1.10.0.Final-redhat-00019.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.migration/jboss-server-migration-wildfly22.0-server@1.10.0.Final-redhat-00019?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.migration.jboss-server-migration-wildfly8.2-1.10.0.Final-redhat-00019.pom",
"product": {
"name": "org.jboss.migration.jboss-server-migration-wildfly8.2-1.10.0.Final-redhat-00019.pom",
"product_id": "org.jboss.migration.jboss-server-migration-wildfly8.2-1.10.0.Final-redhat-00019.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.migration/jboss-server-migration-wildfly8.2@1.10.0.Final-redhat-00019?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.migration.jboss-server-migration-cli-1.10.0.Final-redhat-00019.pom",
"product": {
"name": "org.jboss.migration.jboss-server-migration-cli-1.10.0.Final-redhat-00019.pom",
"product_id": "org.jboss.migration.jboss-server-migration-cli-1.10.0.Final-redhat-00019.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.migration/jboss-server-migration-cli@1.10.0.Final-redhat-00019?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.migration.jboss-server-migration-eap6.4-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"product": {
"name": "org.jboss.migration.jboss-server-migration-eap6.4-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"product_id": "org.jboss.migration.jboss-server-migration-eap6.4-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.migration/jboss-server-migration-eap6.4-to-eap7.4@1.10.0.Final-redhat-00019?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.migration.jboss-server-migration-wildfly19.0-server-1.10.0.Final-redhat-00019.jar",
"product": {
"name": "org.jboss.migration.jboss-server-migration-wildfly19.0-server-1.10.0.Final-redhat-00019.jar",
"product_id": "org.jboss.migration.jboss-server-migration-wildfly19.0-server-1.10.0.Final-redhat-00019.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.migration/jboss-server-migration-wildfly19.0-server@1.10.0.Final-redhat-00019?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.migration.jboss-server-migration-eap7.4-server-1.10.0.Final-redhat-00019.pom",
"product": {
"name": "org.jboss.migration.jboss-server-migration-eap7.4-server-1.10.0.Final-redhat-00019.pom",
"product_id": "org.jboss.migration.jboss-server-migration-eap7.4-server-1.10.0.Final-redhat-00019.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.migration/jboss-server-migration-eap7.4-server@1.10.0.Final-redhat-00019?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.migration.jboss-server-migration-wildfly21.0-server-1.10.0.Final-redhat-00019.pom",
"product": {
"name": "org.jboss.migration.jboss-server-migration-wildfly21.0-server-1.10.0.Final-redhat-00019.pom",
"product_id": "org.jboss.migration.jboss-server-migration-wildfly21.0-server-1.10.0.Final-redhat-00019.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.migration/jboss-server-migration-wildfly21.0-server@1.10.0.Final-redhat-00019?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.migration.jboss-server-migration-wildfly11.0-1.10.0.Final-redhat-00019.jar",
"product": {
"name": "org.jboss.migration.jboss-server-migration-wildfly11.0-1.10.0.Final-redhat-00019.jar",
"product_id": "org.jboss.migration.jboss-server-migration-wildfly11.0-1.10.0.Final-redhat-00019.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.migration/jboss-server-migration-wildfly11.0@1.10.0.Final-redhat-00019?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.migration.jboss-server-migration-wildfly10.1-1.10.0.Final-redhat-00019.pom",
"product": {
"name": "org.jboss.migration.jboss-server-migration-wildfly10.1-1.10.0.Final-redhat-00019.pom",
"product_id": "org.jboss.migration.jboss-server-migration-wildfly10.1-1.10.0.Final-redhat-00019.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.migration/jboss-server-migration-wildfly10.1@1.10.0.Final-redhat-00019?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.migration.jboss-server-migration-eap7.2-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"product": {
"name": "org.jboss.migration.jboss-server-migration-eap7.2-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"product_id": "org.jboss.migration.jboss-server-migration-eap7.2-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.migration/jboss-server-migration-eap7.2-to-eap7.4@1.10.0.Final-redhat-00019?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.migration.jboss-server-migration-wildfly13.0-server-1.10.0.Final-redhat-00019.pom",
"product": {
"name": "org.jboss.migration.jboss-server-migration-wildfly13.0-server-1.10.0.Final-redhat-00019.pom",
"product_id": "org.jboss.migration.jboss-server-migration-wildfly13.0-server-1.10.0.Final-redhat-00019.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.migration/jboss-server-migration-wildfly13.0-server@1.10.0.Final-redhat-00019?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.migration.jboss-server-migration-wildfly17.0-server-1.10.0.Final-redhat-00019.pom",
"product": {
"name": "org.jboss.migration.jboss-server-migration-wildfly17.0-server-1.10.0.Final-redhat-00019.pom",
"product_id": "org.jboss.migration.jboss-server-migration-wildfly17.0-server-1.10.0.Final-redhat-00019.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.migration/jboss-server-migration-wildfly17.0-server@1.10.0.Final-redhat-00019?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.migration.jboss-server-migration-wildfly13.0-server-1.10.0.Final-redhat-00019.jar",
"product": {
"name": "org.jboss.migration.jboss-server-migration-wildfly13.0-server-1.10.0.Final-redhat-00019.jar",
"product_id": "org.jboss.migration.jboss-server-migration-wildfly13.0-server-1.10.0.Final-redhat-00019.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.migration/jboss-server-migration-wildfly13.0-server@1.10.0.Final-redhat-00019?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.migration.jboss-server-migration-wildfly21.0-server-1.10.0.Final-redhat-00019.jar",
"product": {
"name": "org.jboss.migration.jboss-server-migration-wildfly21.0-server-1.10.0.Final-redhat-00019.jar",
"product_id": "org.jboss.migration.jboss-server-migration-wildfly21.0-server-1.10.0.Final-redhat-00019.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.migration/jboss-server-migration-wildfly21.0-server@1.10.0.Final-redhat-00019?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.migration.jboss-server-migration-eap7.1-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"product": {
"name": "org.jboss.migration.jboss-server-migration-eap7.1-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"product_id": "org.jboss.migration.jboss-server-migration-eap7.1-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.migration/jboss-server-migration-eap7.1-to-eap7.4@1.10.0.Final-redhat-00019?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.migration.jboss-server-migration-eap7.3-server-1.10.0.Final-redhat-00019.jar",
"product": {
"name": "org.jboss.migration.jboss-server-migration-eap7.3-server-1.10.0.Final-redhat-00019.jar",
"product_id": "org.jboss.migration.jboss-server-migration-eap7.3-server-1.10.0.Final-redhat-00019.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.migration/jboss-server-migration-eap7.3-server@1.10.0.Final-redhat-00019?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.migration.jboss-server-migration-wildfly11.0-1.10.0.Final-redhat-00019.pom",
"product": {
"name": "org.jboss.migration.jboss-server-migration-wildfly11.0-1.10.0.Final-redhat-00019.pom",
"product_id": "org.jboss.migration.jboss-server-migration-wildfly11.0-1.10.0.Final-redhat-00019.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.migration/jboss-server-migration-wildfly11.0@1.10.0.Final-redhat-00019?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.migration.jboss-server-migration-eap7.1-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"product": {
"name": "org.jboss.migration.jboss-server-migration-eap7.1-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"product_id": "org.jboss.migration.jboss-server-migration-eap7.1-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.migration/jboss-server-migration-eap7.1-to-eap7.4@1.10.0.Final-redhat-00019?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.migration.jboss-server-migration-wildfly15.0-server-1.10.0.Final-redhat-00019.pom",
"product": {
"name": "org.jboss.migration.jboss-server-migration-wildfly15.0-server-1.10.0.Final-redhat-00019.pom",
"product_id": "org.jboss.migration.jboss-server-migration-wildfly15.0-server-1.10.0.Final-redhat-00019.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.migration/jboss-server-migration-wildfly15.0-server@1.10.0.Final-redhat-00019?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.migration.jboss-server-migration-eap7.0-1.10.0.Final-redhat-00019.pom",
"product": {
"name": "org.jboss.migration.jboss-server-migration-eap7.0-1.10.0.Final-redhat-00019.pom",
"product_id": "org.jboss.migration.jboss-server-migration-eap7.0-1.10.0.Final-redhat-00019.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.migration/jboss-server-migration-eap7.0@1.10.0.Final-redhat-00019?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.migration.jboss-server-migration-eap6.4-1.10.0.Final-redhat-00019.jar",
"product": {
"name": "org.jboss.migration.jboss-server-migration-eap6.4-1.10.0.Final-redhat-00019.jar",
"product_id": "org.jboss.migration.jboss-server-migration-eap6.4-1.10.0.Final-redhat-00019.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.migration/jboss-server-migration-eap6.4@1.10.0.Final-redhat-00019?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.migration.jboss-server-migration-wildfly12.0-1.10.0.Final-redhat-00019.jar",
"product": {
"name": "org.jboss.migration.jboss-server-migration-wildfly12.0-1.10.0.Final-redhat-00019.jar",
"product_id": "org.jboss.migration.jboss-server-migration-wildfly12.0-1.10.0.Final-redhat-00019.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.migration/jboss-server-migration-wildfly12.0@1.10.0.Final-redhat-00019?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.migration.jboss-server-migration-wildfly16.0-server-1.10.0.Final-redhat-00019.jar",
"product": {
"name": "org.jboss.migration.jboss-server-migration-wildfly16.0-server-1.10.0.Final-redhat-00019.jar",
"product_id": "org.jboss.migration.jboss-server-migration-wildfly16.0-server-1.10.0.Final-redhat-00019.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.migration/jboss-server-migration-wildfly16.0-server@1.10.0.Final-redhat-00019?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.migration.jboss-server-migration-eap7.0-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"product": {
"name": "org.jboss.migration.jboss-server-migration-eap7.0-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"product_id": "org.jboss.migration.jboss-server-migration-eap7.0-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.migration/jboss-server-migration-eap7.0-to-eap7.4@1.10.0.Final-redhat-00019?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.migration.jboss-server-migration-eap7.4-server-1.10.0.Final-redhat-00019.jar",
"product": {
"name": "org.jboss.migration.jboss-server-migration-eap7.4-server-1.10.0.Final-redhat-00019.jar",
"product_id": "org.jboss.migration.jboss-server-migration-eap7.4-server-1.10.0.Final-redhat-00019.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.migration/jboss-server-migration-eap7.4-server@1.10.0.Final-redhat-00019?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.migration.jboss-server-migration-wildfly22.0-server-1.10.0.Final-redhat-00019.pom",
"product": {
"name": "org.jboss.migration.jboss-server-migration-wildfly22.0-server-1.10.0.Final-redhat-00019.pom",
"product_id": "org.jboss.migration.jboss-server-migration-wildfly22.0-server-1.10.0.Final-redhat-00019.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.migration/jboss-server-migration-wildfly22.0-server@1.10.0.Final-redhat-00019?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.migration.jboss-server-migration-eap7.3-server-1.10.0.Final-redhat-00019.pom",
"product": {
"name": "org.jboss.migration.jboss-server-migration-eap7.3-server-1.10.0.Final-redhat-00019.pom",
"product_id": "org.jboss.migration.jboss-server-migration-eap7.3-server-1.10.0.Final-redhat-00019.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.migration/jboss-server-migration-eap7.3-server@1.10.0.Final-redhat-00019?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.migration.jboss-server-migration-eap7.2-1.10.0.Final-redhat-00019.pom",
"product": {
"name": "org.jboss.migration.jboss-server-migration-eap7.2-1.10.0.Final-redhat-00019.pom",
"product_id": "org.jboss.migration.jboss-server-migration-eap7.2-1.10.0.Final-redhat-00019.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.migration/jboss-server-migration-eap7.2@1.10.0.Final-redhat-00019?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.migration.jboss-server-migration-eap6.4-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"product": {
"name": "org.jboss.migration.jboss-server-migration-eap6.4-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"product_id": "org.jboss.migration.jboss-server-migration-eap6.4-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.migration/jboss-server-migration-eap6.4-to-eap7.4@1.10.0.Final-redhat-00019?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.migration.jboss-server-migration-wildfly14.0-server-1.10.0.Final-redhat-00019.jar",
"product": {
"name": "org.jboss.migration.jboss-server-migration-wildfly14.0-server-1.10.0.Final-redhat-00019.jar",
"product_id": "org.jboss.migration.jboss-server-migration-wildfly14.0-server-1.10.0.Final-redhat-00019.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.migration/jboss-server-migration-wildfly14.0-server@1.10.0.Final-redhat-00019?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.migration.jboss-server-migration-wildfly9.0-1.10.0.Final-redhat-00019.jar",
"product": {
"name": "org.jboss.migration.jboss-server-migration-wildfly9.0-1.10.0.Final-redhat-00019.jar",
"product_id": "org.jboss.migration.jboss-server-migration-wildfly9.0-1.10.0.Final-redhat-00019.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.migration/jboss-server-migration-wildfly9.0@1.10.0.Final-redhat-00019?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.migration.jboss-server-migration-core-1.10.0.Final-redhat-00019.pom",
"product": {
"name": "org.jboss.migration.jboss-server-migration-core-1.10.0.Final-redhat-00019.pom",
"product_id": "org.jboss.migration.jboss-server-migration-core-1.10.0.Final-redhat-00019.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.migration/jboss-server-migration-core@1.10.0.Final-redhat-00019?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.migration.jboss-server-migration-eap7.1-1.10.0.Final-redhat-00019.pom",
"product": {
"name": "org.jboss.migration.jboss-server-migration-eap7.1-1.10.0.Final-redhat-00019.pom",
"product_id": "org.jboss.migration.jboss-server-migration-eap7.1-1.10.0.Final-redhat-00019.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.migration/jboss-server-migration-eap7.1@1.10.0.Final-redhat-00019?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.migration.jboss-server-migration-wildfly18.0-server-1.10.0.Final-redhat-00019.jar",
"product": {
"name": "org.jboss.migration.jboss-server-migration-wildfly18.0-server-1.10.0.Final-redhat-00019.jar",
"product_id": "org.jboss.migration.jboss-server-migration-wildfly18.0-server-1.10.0.Final-redhat-00019.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.migration/jboss-server-migration-wildfly18.0-server@1.10.0.Final-redhat-00019?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.migration.jboss-server-migration-wildfly20.0-server-1.10.0.Final-redhat-00019.pom",
"product": {
"name": "org.jboss.migration.jboss-server-migration-wildfly20.0-server-1.10.0.Final-redhat-00019.pom",
"product_id": "org.jboss.migration.jboss-server-migration-wildfly20.0-server-1.10.0.Final-redhat-00019.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.migration/jboss-server-migration-wildfly20.0-server@1.10.0.Final-redhat-00019?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.migration.jboss-server-migration-wildfly19.0-server-1.10.0.Final-redhat-00019.pom",
"product": {
"name": "org.jboss.migration.jboss-server-migration-wildfly19.0-server-1.10.0.Final-redhat-00019.pom",
"product_id": "org.jboss.migration.jboss-server-migration-wildfly19.0-server-1.10.0.Final-redhat-00019.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.migration/jboss-server-migration-wildfly19.0-server@1.10.0.Final-redhat-00019?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.migration.jboss-server-migration-eap7.4-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"product": {
"name": "org.jboss.migration.jboss-server-migration-eap7.4-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"product_id": "org.jboss.migration.jboss-server-migration-eap7.4-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.migration/jboss-server-migration-eap7.4-to-eap7.4@1.10.0.Final-redhat-00019?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.migration.jboss-server-migration-cli-1.10.0.Final-redhat-00019.jar",
"product": {
"name": "org.jboss.migration.jboss-server-migration-cli-1.10.0.Final-redhat-00019.jar",
"product_id": "org.jboss.migration.jboss-server-migration-cli-1.10.0.Final-redhat-00019.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.migration/jboss-server-migration-cli@1.10.0.Final-redhat-00019?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.migration.jboss-server-migration-wildfly9.0-1.10.0.Final-redhat-00019.pom",
"product": {
"name": "org.jboss.migration.jboss-server-migration-wildfly9.0-1.10.0.Final-redhat-00019.pom",
"product_id": "org.jboss.migration.jboss-server-migration-wildfly9.0-1.10.0.Final-redhat-00019.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.migration/jboss-server-migration-wildfly9.0@1.10.0.Final-redhat-00019?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.migration.jboss-server-migration-eap7.3-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"product": {
"name": "org.jboss.migration.jboss-server-migration-eap7.3-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"product_id": "org.jboss.migration.jboss-server-migration-eap7.3-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.migration/jboss-server-migration-eap7.3-to-eap7.4@1.10.0.Final-redhat-00019?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.migration.jboss-server-migration-wildfly18.0-server-1.10.0.Final-redhat-00019.pom",
"product": {
"name": "org.jboss.migration.jboss-server-migration-wildfly18.0-server-1.10.0.Final-redhat-00019.pom",
"product_id": "org.jboss.migration.jboss-server-migration-wildfly18.0-server-1.10.0.Final-redhat-00019.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.migration/jboss-server-migration-wildfly18.0-server@1.10.0.Final-redhat-00019?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.migration.jboss-server-migration-wildfly20.0-server-1.10.0.Final-redhat-00019.jar",
"product": {
"name": "org.jboss.migration.jboss-server-migration-wildfly20.0-server-1.10.0.Final-redhat-00019.jar",
"product_id": "org.jboss.migration.jboss-server-migration-wildfly20.0-server-1.10.0.Final-redhat-00019.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.migration/jboss-server-migration-wildfly20.0-server@1.10.0.Final-redhat-00019?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.migration.jboss-server-migration-wildfly10.0-1.10.0.Final-redhat-00019.jar",
"product": {
"name": "org.jboss.migration.jboss-server-migration-wildfly10.0-1.10.0.Final-redhat-00019.jar",
"product_id": "org.jboss.migration.jboss-server-migration-wildfly10.0-1.10.0.Final-redhat-00019.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.migration/jboss-server-migration-wildfly10.0@1.10.0.Final-redhat-00019?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.migration.jboss-server-migration-eap7.3-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"product": {
"name": "org.jboss.migration.jboss-server-migration-eap7.3-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"product_id": "org.jboss.migration.jboss-server-migration-eap7.3-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.migration/jboss-server-migration-eap7.3-to-eap7.4@1.10.0.Final-redhat-00019?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.migration.jboss-server-migration-wildfly10.0-1.10.0.Final-redhat-00019.pom",
"product": {
"name": "org.jboss.migration.jboss-server-migration-wildfly10.0-1.10.0.Final-redhat-00019.pom",
"product_id": "org.jboss.migration.jboss-server-migration-wildfly10.0-1.10.0.Final-redhat-00019.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.migration/jboss-server-migration-wildfly10.0@1.10.0.Final-redhat-00019?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.migration.jboss-server-migration-wildfly12.0-1.10.0.Final-redhat-00019.pom",
"product": {
"name": "org.jboss.migration.jboss-server-migration-wildfly12.0-1.10.0.Final-redhat-00019.pom",
"product_id": "org.jboss.migration.jboss-server-migration-wildfly12.0-1.10.0.Final-redhat-00019.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.migration/jboss-server-migration-wildfly12.0@1.10.0.Final-redhat-00019?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-messaging-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-messaging-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-messaging-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-messaging@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-clustering-marshalling-api-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-clustering-marshalling-api-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-clustering-marshalling-api-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-clustering-marshalling-api@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-clustering-web-cache-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-clustering-web-cache-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-clustering-web-cache-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-clustering-web-cache@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-jpa-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-jpa-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-jpa-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-jpa@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-clustering-marshalling-protostream-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-clustering-marshalling-protostream-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-clustering-marshalling-protostream-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-clustering-marshalling-protostream@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-clustering-infinispan-marshalling-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-clustering-infinispan-marshalling-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-clustering-infinispan-marshalling-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-clustering-infinispan-marshalling@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-clustering-ee-hotrod-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-clustering-ee-hotrod-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-clustering-ee-hotrod-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-clustering-ee-hotrod@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-clustering-ee-infinispan-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-clustering-ee-infinispan-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-clustering-ee-infinispan-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-clustering-ee-infinispan@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-clustering-jgroups-spi-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-clustering-jgroups-spi-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-clustering-jgroups-spi-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-clustering-jgroups-spi@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-weld-spi-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-weld-spi-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-weld-spi-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-weld-spi@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-webservices-server-integration-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-webservices-server-integration-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-webservices-server-integration-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-webservices-server-integration@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-configadmin-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-configadmin-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-configadmin-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-configadmin@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.jipijapa-spi-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.jipijapa-spi-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.jipijapa-spi-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/jipijapa-spi@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-jaxr-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-jaxr-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-jaxr-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-jaxr@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-weld-ejb-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-weld-ejb-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-weld-ejb-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-weld-ejb@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-clustering-web-undertow-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-clustering-web-undertow-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-clustering-web-undertow-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-clustering-web-undertow@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-metrics-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-metrics-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-metrics-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-metrics@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-picketlink-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-picketlink-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-picketlink-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-picketlink@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-bean-validation-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-bean-validation-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-bean-validation-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-bean-validation@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-ee-security-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-ee-security-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-ee-security-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-ee-security@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.jipijapa-hibernate5-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.jipijapa-hibernate5-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.jipijapa-hibernate5-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/jipijapa-hibernate5@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-web-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-web-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-web-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-web@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-mod_cluster-undertow-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-mod_cluster-undertow-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-mod_cluster-undertow-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-mod_cluster-undertow@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.jipijapa-hibernate5-3-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.jipijapa-hibernate5-3-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.jipijapa-hibernate5-3-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/jipijapa-hibernate5-3@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-security-integration-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-security-integration-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-security-integration-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-security-integration@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-clustering-infinispan-extension-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-clustering-infinispan-extension-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-clustering-infinispan-extension-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-clustering-infinispan-extension@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-clustering-infinispan-client-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-clustering-infinispan-client-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-clustering-infinispan-client-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-clustering-infinispan-client@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-cmp-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-cmp-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-cmp-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-cmp@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-clustering-api-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-clustering-api-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-clustering-api-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-clustering-api@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-clustering-common-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-clustering-common-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-clustering-common-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-clustering-common@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-security-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-security-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-security-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-security@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-system-jmx-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-system-jmx-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-system-jmx-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-system-jmx@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-ejb3-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-ejb3-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-ejb3-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-ejb3@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-security-plugins-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-security-plugins-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-security-plugins-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-security-plugins@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-ee-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-ee-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-ee-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-ee@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-clustering-ejb-spi-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-clustering-ejb-spi-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-clustering-ejb-spi-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-clustering-ejb-spi@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-jaxrs-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-jaxrs-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-jaxrs-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-jaxrs@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-clustering-web-extension-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-clustering-web-extension-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-clustering-web-extension-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-clustering-web-extension@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-clustering-web-hotrod-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-clustering-web-hotrod-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-clustering-web-hotrod-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-clustering-web-hotrod@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-weld-jpa-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-weld-jpa-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-weld-jpa-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-weld-jpa@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-clustering-ee-cache-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-clustering-ee-cache-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-clustering-ee-cache-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-clustering-ee-cache@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-clustering-singleton-extension-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-clustering-singleton-extension-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-clustering-singleton-extension-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-clustering-singleton-extension@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-transactions-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-transactions-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-transactions-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-transactions@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-clustering-jgroups-extension-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-clustering-jgroups-extension-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-clustering-jgroups-extension-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-clustering-jgroups-extension@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-jacorb-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-jacorb-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-jacorb-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-jacorb@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-clustering-infinispan-spi-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-clustering-infinispan-spi-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-clustering-infinispan-spi-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-clustering-infinispan-spi@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-mail-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-mail-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-mail-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-mail@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-clustering-web-hotrod-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-clustering-web-hotrod-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-clustering-web-hotrod-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-clustering-web-hotrod@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-clustering-marshalling-jboss-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-clustering-marshalling-jboss-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-clustering-marshalling-jboss-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-clustering-marshalling-jboss@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-jsf-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-jsf-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-jsf-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-jsf@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-rts-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-rts-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-rts-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-rts@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-clustering-web-container-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-clustering-web-container-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-clustering-web-container-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-clustering-web-container@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-messaging-activemq-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-messaging-activemq-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-messaging-activemq-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-messaging-activemq@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-web-common-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-web-common-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-web-common-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-web-common@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-clustering-common-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-clustering-common-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-clustering-common-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-clustering-common@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-pojo-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-pojo-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-pojo-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-pojo@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-clustering-singleton-api-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-clustering-singleton-api-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-clustering-singleton-api-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-clustering-singleton-api@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-iiop-openjdk-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-iiop-openjdk-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-iiop-openjdk-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-iiop-openjdk@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-clustering-web-spi-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-clustering-web-spi-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-clustering-web-spi-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-clustering-web-spi@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-health-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-health-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-health-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-health@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.jipijapa-hibernate4-3-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.jipijapa-hibernate4-3-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.jipijapa-hibernate4-3-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/jipijapa-hibernate4-3@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-security-integration-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-security-integration-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-security-integration-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-security-integration@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-security-vault-tool-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-security-vault-tool-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-security-vault-tool-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-security-vault-tool@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-ormtransformer-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-ormtransformer-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-ormtransformer-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-ormtransformer@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-clustering-server-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-clustering-server-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-clustering-server-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-clustering-server@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-jsf-injection-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-jsf-injection-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-jsf-injection-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-jsf-injection@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-naming-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-naming-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-naming-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-naming@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-security-api-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-security-api-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-security-api-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-security-api@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-clustering-jgroups-api-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-clustering-jgroups-api-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-clustering-jgroups-api-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-clustering-jgroups-api@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-batch-jberet-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-batch-jberet-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-batch-jberet-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-batch-jberet@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.jipijapa-hibernate4-1-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.jipijapa-hibernate4-1-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.jipijapa-hibernate4-1-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/jipijapa-hibernate4-1@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-clustering-marshalling-spi-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-clustering-marshalling-spi-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-clustering-marshalling-spi-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-clustering-marshalling-spi@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-sar-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-sar-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-sar-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-sar@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-undertow-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-undertow-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-undertow-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-undertow@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-client-all-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-client-all-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-client-all-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-client-all@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-xts-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-xts-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-xts-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-xts@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-clustering-ejb-infinispan-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-clustering-ejb-infinispan-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-clustering-ejb-infinispan-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-clustering-ejb-infinispan@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-clustering-spi-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-clustering-spi-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-clustering-spi-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-clustering-spi@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-configadmin-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-configadmin-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-configadmin-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-configadmin@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-weld-transactions-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-weld-transactions-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-weld-transactions-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-weld-transactions@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-mod_cluster-extension-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-mod_cluster-extension-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-mod_cluster-extension-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-mod_cluster-extension@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-clustering-ee-spi-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-clustering-ee-spi-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-clustering-ee-spi-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-clustering-ee-spi@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-weld-common-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-weld-common-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-weld-common-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-weld-common@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-appclient-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-appclient-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-appclient-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-appclient@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.jipijapa-eclipselink-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.jipijapa-eclipselink-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.jipijapa-eclipselink-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/jipijapa-eclipselink@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-connector-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-connector-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-connector-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-connector@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.jipijapa-openjpa-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.jipijapa-openjpa-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.jipijapa-openjpa-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/jipijapa-openjpa@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-jdr-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-jdr-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-jdr-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-jdr@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-client-properties-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-client-properties-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-client-properties-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-client-properties@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-clustering-web-api-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-clustering-web-api-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-clustering-web-api-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-clustering-web-api@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-weld-webservices-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-weld-webservices-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-weld-webservices-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-weld-webservices@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-weld-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-weld-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-weld-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-weld@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-clustering-service-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-clustering-service-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-clustering-service-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-clustering-service@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-messaging-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-messaging-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-messaging-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-messaging@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-clustering-ee-cache-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-clustering-ee-cache-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-clustering-ee-cache-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-clustering-ee-cache@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-appclient-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-appclient-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-appclient-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-appclient@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-web-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-web-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-web-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-web@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-ee-security-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-ee-security-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-ee-security-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-ee-security@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-picketlink-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-picketlink-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-picketlink-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-picketlink@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-jpa-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-jpa-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-jpa-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-jpa@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.jipijapa-spi-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.jipijapa-spi-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.jipijapa-spi-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/jipijapa-spi@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-weld-bean-validation-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-weld-bean-validation-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-weld-bean-validation-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-weld-bean-validation@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-clustering-infinispan-marshalling-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-clustering-infinispan-marshalling-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-clustering-infinispan-marshalling-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-clustering-infinispan-marshalling@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-clustering-marshalling-api-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-clustering-marshalling-api-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-clustering-marshalling-api-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-clustering-marshalling-api@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.jipijapa-hibernate5-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.jipijapa-hibernate5-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.jipijapa-hibernate5-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/jipijapa-hibernate5@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-webservices-server-integration-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-webservices-server-integration-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-webservices-server-integration-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-webservices-server-integration@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-clustering-ee-infinispan-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-clustering-ee-infinispan-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-clustering-ee-infinispan-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-clustering-ee-infinispan@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-datasources-agroal-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-datasources-agroal-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-datasources-agroal-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-datasources-agroal@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-mod_cluster-undertow-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-mod_cluster-undertow-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-mod_cluster-undertow-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-mod_cluster-undertow@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-weld-spi-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-weld-spi-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-weld-spi-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-weld-spi@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-metrics-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-metrics-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-metrics-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-metrics@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-clustering-ejb-spi-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-clustering-ejb-spi-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-clustering-ejb-spi-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-clustering-ejb-spi@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-iiop-openjdk-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-iiop-openjdk-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-iiop-openjdk-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-iiop-openjdk@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-clustering-web-infinispan-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-clustering-web-infinispan-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-clustering-web-infinispan-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-clustering-web-infinispan@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-clustering-web-undertow-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-clustering-web-undertow-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-clustering-web-undertow-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-clustering-web-undertow@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-ejb3-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-ejb3-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-ejb3-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-ejb3@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-transactions-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-transactions-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-transactions-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-transactions@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-jsr77-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-jsr77-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-jsr77-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-jsr77@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-ee-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-ee-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-ee-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-ee@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-bean-validation-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-bean-validation-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-bean-validation-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-bean-validation@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-jaxrs-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-jaxrs-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-jaxrs-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-jaxrs@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-cmp-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-cmp-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-cmp-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-cmp@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-security-plugins-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-security-plugins-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-security-plugins-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-security-plugins@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-weld-ejb-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-weld-ejb-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-weld-ejb-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-weld-ejb@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-jacorb-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-jacorb-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-jacorb-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-jacorb@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-clustering-infinispan-spi-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-clustering-infinispan-spi-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-clustering-infinispan-spi-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-clustering-infinispan-spi@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-system-jmx-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-system-jmx-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-system-jmx-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-system-jmx@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-clustering-infinispan-extension-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-clustering-infinispan-extension-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-clustering-infinispan-extension-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-clustering-infinispan-extension@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-clustering-infinispan-client-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-clustering-infinispan-client-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-clustering-infinispan-client-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-clustering-infinispan-client@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-security-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-security-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-security-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-security@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-weld-jpa-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-weld-jpa-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-weld-jpa-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-weld-jpa@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-pojo-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-pojo-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-pojo-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-pojo@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-clustering-spi-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-clustering-spi-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-clustering-spi-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-clustering-spi@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-clustering-singleton-extension-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-clustering-singleton-extension-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-clustering-singleton-extension-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-clustering-singleton-extension@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-jsr77-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-jsr77-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-jsr77-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-jsr77@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-clustering-web-infinispan-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-clustering-web-infinispan-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-clustering-web-infinispan-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-clustering-web-infinispan@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-clustering-web-extension-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-clustering-web-extension-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-clustering-web-extension-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-clustering-web-extension@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-clustering-api-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-clustering-api-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-clustering-api-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-clustering-api@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-security-api-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-security-api-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-security-api-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-security-api@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-clustering-jgroups-extension-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-clustering-jgroups-extension-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-clustering-jgroups-extension-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-clustering-jgroups-extension@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-jsf-injection-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-jsf-injection-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-jsf-injection-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-jsf-injection@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-clustering-server-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-clustering-server-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-clustering-server-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-clustering-server@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-messaging-activemq-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-messaging-activemq-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-messaging-activemq-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-messaging-activemq@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-rts-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-rts-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-rts-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-rts@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.jipijapa-hibernate4-1-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.jipijapa-hibernate4-1-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.jipijapa-hibernate4-1-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/jipijapa-hibernate4-1@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-jsf-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-jsf-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-jsf-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-jsf@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-clustering-marshalling-spi-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-clustering-marshalling-spi-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-clustering-marshalling-spi-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-clustering-marshalling-spi@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-sar-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-sar-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-sar-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-sar@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-clustering-jgroups-api-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-clustering-jgroups-api-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-clustering-jgroups-api-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-clustering-jgroups-api@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.jipijapa-hibernate4-3-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.jipijapa-hibernate4-3-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.jipijapa-hibernate4-3-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/jipijapa-hibernate4-3@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-clustering-web-spi-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-clustering-web-spi-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-clustering-web-spi-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-clustering-web-spi@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-ormtransformer-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-ormtransformer-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-ormtransformer-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-ormtransformer@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-batch-jberet-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-batch-jberet-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-batch-jberet-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-batch-jberet@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-clustering-marshalling-jboss-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-clustering-marshalling-jboss-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-clustering-marshalling-jboss-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-clustering-marshalling-jboss@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-health-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-health-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-health-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-health@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-security-vault-tool-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-security-vault-tool-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-security-vault-tool-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-security-vault-tool@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-clustering-singleton-api-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-clustering-singleton-api-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-clustering-singleton-api-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-clustering-singleton-api@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-weld-transactions-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-weld-transactions-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-weld-transactions-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-weld-transactions@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-clustering-ee-spi-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-clustering-ee-spi-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-clustering-ee-spi-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-clustering-ee-spi@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-clustering-ejb-infinispan-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-clustering-ejb-infinispan-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-clustering-ejb-infinispan-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-clustering-ejb-infinispan@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.jipijapa-hibernate5-3-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.jipijapa-hibernate5-3-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.jipijapa-hibernate5-3-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/jipijapa-hibernate5-3@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-undertow-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-undertow-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-undertow-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-undertow@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-clustering-web-cache-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-clustering-web-cache-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-clustering-web-cache-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-clustering-web-cache@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-datasources-agroal-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-datasources-agroal-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-datasources-agroal-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-datasources-agroal@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-xts-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-xts-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-xts-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-xts@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-clustering-jgroups-spi-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-clustering-jgroups-spi-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-clustering-jgroups-spi-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-clustering-jgroups-spi@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-clustering-ee-hotrod-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-clustering-ee-hotrod-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-clustering-ee-hotrod-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-clustering-ee-hotrod@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-clustering-marshalling-protostream-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-clustering-marshalling-protostream-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-clustering-marshalling-protostream-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-clustering-marshalling-protostream@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-weld-bean-validation-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-weld-bean-validation-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-weld-bean-validation-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-weld-bean-validation@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-jaxr-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-jaxr-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-jaxr-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-jaxr@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-web-common-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-web-common-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-web-common-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-web-common@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-clustering-web-container-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-clustering-web-container-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-clustering-web-container-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-clustering-web-container@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-clustering-service-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-clustering-service-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-clustering-service-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-clustering-service@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-weld-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-weld-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-weld-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-weld@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-weld-webservices-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-weld-webservices-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-weld-webservices-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-weld-webservices@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-naming-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-naming-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-naming-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-naming@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-mail-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-mail-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-mail-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-mail@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-jdr-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-jdr-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-jdr-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-jdr@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-weld-common-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-weld-common-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-weld-common-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-weld-common@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.jipijapa-eclipselink-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.jipijapa-eclipselink-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.jipijapa-eclipselink-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/jipijapa-eclipselink@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.jipijapa-openjpa-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.jipijapa-openjpa-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.jipijapa-openjpa-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/jipijapa-openjpa@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-client-properties-7.4.7.GA-redhat-00003.pom",
"product": {
"name": "org.jboss.eap.wildfly-client-properties-7.4.7.GA-redhat-00003.pom",
"product_id": "org.jboss.eap.wildfly-client-properties-7.4.7.GA-redhat-00003.pom",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-client-properties@7.4.7.GA-redhat-00003?type=pom"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-clustering-web-api-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-clustering-web-api-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-clustering-web-api-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-clustering-web-api@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-connector-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-connector-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-connector-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-connector@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "org.jboss.eap.wildfly-mod_cluster-extension-7.4.7.GA-redhat-00003.jar",
"product": {
"name": "org.jboss.eap.wildfly-mod_cluster-extension-7.4.7.GA-redhat-00003.jar",
"product_id": "org.jboss.eap.wildfly-mod_cluster-extension-7.4.7.GA-redhat-00003.jar",
"product_identification_helper": {
"purl": "pkg:maven/org.jboss.eap/wildfly-mod_cluster-extension@7.4.7.GA-redhat-00003?type=jar"
}
}
},
{
"category": "product_version",
"name": "None.artemis-service.exe-None",
"product": {
"name": "None.artemis-service.exe-None",
"product_id": "None.artemis-service.exe-None",
"product_identification_helper": {
"purl": "pkg:generic/artemis-service.exe?checksum=sha256%3A05bc731b6e9aeb859b74aa2ee27e5fc4d2bafbe938002b06805f9bce18c6e928"
}
}
},
{
"category": "product_version",
"name": "None.libnetty_transport_native_epoll_x86_64.so-None",
"product": {
"name": "None.libnetty_transport_native_epoll_x86_64.so-None",
"product_id": "None.libnetty_transport_native_epoll_x86_64.so-None",
"product_identification_helper": {
"purl": "pkg:generic/libnetty_transport_native_epoll_x86_64.so?checksum=sha256%3A55b37d78ede4ee3d2bc5113cc5663d6f60904dd5120c3580bd0cf0c573fe60ef"
}
}
},
{
"category": "product_version",
"name": "None.pom.xml-None",
"product": {
"name": "None.pom.xml-None",
"product_id": "None.pom.xml-None",
"product_identification_helper": {
"purl": "pkg:generic/pom.xml?checksum=sha256%3A5511eda6d621beee621d1acc89622695c5639b47117a349e61ba8d26ce5a0c25"
}
}
},
{
"category": "product_version",
"name": "None.jansi.dll-None",
"product": {
"name": "None.jansi.dll-None",
"product_id": "None.jansi.dll-None",
"product_identification_helper": {
"purl": "pkg:generic/jansi.dll?checksum=sha256%3A53ee8a237fdb98d10ef0bc6662e5cff0f7cd8e6fd2931998f8a2933724bc8fb2"
}
}
},
{
"category": "product_version",
"name": "None.libjansi.so-None",
"product": {
"name": "None.libjansi.so-None",
"product_id": "None.libjansi.so-None",
"product_identification_helper": {
"purl": "pkg:generic/libjansi.so?checksum=sha256%3A32eed337cfccf6f651dd04bb0fb051f558887bb69fe4b50903f4d28269d952e7"
}
}
},
{
"category": "product_version",
"name": "None.once-1.4.0",
"product": {
"name": "None.once-1.4.0",
"product_id": "None.once-1.4.0",
"product_identification_helper": {
"purl": "pkg:npm/once@1.4.0"
}
}
},
{
"category": "product_version",
"name": "None.json-schema-traverse-0.4.1",
"product": {
"name": "None.json-schema-traverse-0.4.1",
"product_id": "None.json-schema-traverse-0.4.1",
"product_identification_helper": {
"purl": "pkg:npm/json-schema-traverse@0.4.1"
}
}
},
{
"category": "product_version",
"name": "None.supports-color-2.0.0",
"product": {
"name": "None.supports-color-2.0.0",
"product_id": "None.supports-color-2.0.0",
"product_identification_helper": {
"purl": "pkg:npm/supports-color@2.0.0"
}
}
},
{
"category": "product_version",
"name": "None.is-fullwidth-code-point-2.0.0",
"product": {
"name": "None.is-fullwidth-code-point-2.0.0",
"product_id": "None.is-fullwidth-code-point-2.0.0",
"product_identification_helper": {
"purl": "pkg:npm/is-fullwidth-code-point@2.0.0"
}
}
},
{
"category": "product_version",
"name": "None.supports-color-5.5.0",
"product": {
"name": "None.supports-color-5.5.0",
"product_id": "None.supports-color-5.5.0",
"product_identification_helper": {
"purl": "pkg:npm/supports-color@5.5.0"
}
}
},
{
"category": "product_version",
"name": "None.caseless-0.12.0",
"product": {
"name": "None.caseless-0.12.0",
"product_id": "None.caseless-0.12.0",
"product_identification_helper": {
"purl": "pkg:npm/caseless@0.12.0"
}
}
},
{
"category": "product_version",
"name": "None.debug-2.6.9",
"product": {
"name": "None.debug-2.6.9",
"product_id": "None.debug-2.6.9",
"product_identification_helper": {
"purl": "pkg:npm/debug@2.6.9"
}
}
},
{
"category": "product_version",
"name": "None.resolve-1.11.1",
"product": {
"name": "None.resolve-1.11.1",
"product_id": "None.resolve-1.11.1",
"product_identification_helper": {
"purl": "pkg:npm/resolve@1.11.1"
}
}
},
{
"category": "product_version",
"name": "None.esprima-4.0.1",
"product": {
"name": "None.esprima-4.0.1",
"product_id": "None.esprima-4.0.1",
"product_identification_helper": {
"purl": "pkg:npm/esprima@4.0.1"
}
}
},
{
"category": "product_version",
"name": "None.source-map-0.6.1",
"product": {
"name": "None.source-map-0.6.1",
"product_id": "None.source-map-0.6.1",
"product_identification_helper": {
"purl": "pkg:npm/source-map@0.6.1"
}
}
},
{
"category": "product_version",
"name": "None.source-map-0.5.7",
"product": {
"name": "None.source-map-0.5.7",
"product_id": "None.source-map-0.5.7",
"product_identification_helper": {
"purl": "pkg:npm/source-map@0.5.7"
}
}
},
{
"category": "product_version",
"name": "None.ansi-regex-2.1.1",
"product": {
"name": "None.ansi-regex-2.1.1",
"product_id": "None.ansi-regex-2.1.1",
"product_identification_helper": {
"purl": "pkg:npm/ansi-regex@2.1.1"
}
}
},
{
"category": "product_version",
"name": "None.minimist-0.0.8",
"product": {
"name": "None.minimist-0.0.8",
"product_id": "None.minimist-0.0.8",
"product_identification_helper": {
"purl": "pkg:npm/minimist@0.0.8"
}
}
},
{
"category": "product_version",
"name": "None.ecc-jsbn-0.1.2",
"product": {
"name": "None.ecc-jsbn-0.1.2",
"product_id": "None.ecc-jsbn-0.1.2",
"product_identification_helper": {
"purl": "pkg:npm/ecc-jsbn@0.1.2"
}
}
},
{
"category": "product_version",
"name": "None.spdx-correct-3.1.0",
"product": {
"name": "None.spdx-correct-3.1.0",
"product_id": "None.spdx-correct-3.1.0",
"product_identification_helper": {
"purl": "pkg:npm/spdx-correct@3.1.0"
}
}
},
{
"category": "product_version",
"name": "None.pify-4.0.1",
"product": {
"name": "None.pify-4.0.1",
"product_id": "None.pify-4.0.1",
"product_identification_helper": {
"purl": "pkg:npm/pify@4.0.1"
}
}
},
{
"category": "product_version",
"name": "None.color-name-1.1.3",
"product": {
"name": "None.color-name-1.1.3",
"product_id": "None.color-name-1.1.3",
"product_identification_helper": {
"purl": "pkg:npm/color-name@1.1.3"
}
}
},
{
"category": "product_version",
"name": "None.balanced-match-1.0.0",
"product": {
"name": "None.balanced-match-1.0.0",
"product_id": "None.balanced-match-1.0.0",
"product_identification_helper": {
"purl": "pkg:npm/balanced-match@1.0.0"
}
}
},
{
"category": "product_version",
"name": "None.argparse-1.0.10",
"product": {
"name": "None.argparse-1.0.10",
"product_id": "None.argparse-1.0.10",
"product_identification_helper": {
"purl": "pkg:npm/argparse@1.0.10"
}
}
},
{
"category": "product_version",
"name": "None.aws4-1.8.0",
"product": {
"name": "None.aws4-1.8.0",
"product_id": "None.aws4-1.8.0",
"product_identification_helper": {
"purl": "pkg:npm/aws4@1.8.0"
}
}
},
{
"category": "product_version",
"name": "None.jsprim-1.4.1",
"product": {
"name": "None.jsprim-1.4.1",
"product_id": "None.jsprim-1.4.1",
"product_identification_helper": {
"purl": "pkg:npm/jsprim@1.4.1"
}
}
},
{
"category": "product_version",
"name": "None.immediate-3.0.6",
"product": {
"name": "None.immediate-3.0.6",
"product_id": "None.immediate-3.0.6",
"product_identification_helper": {
"purl": "pkg:npm/immediate@3.0.6"
}
}
},
{
"category": "product_version",
"name": "None.path-is-absolute-1.0.1",
"product": {
"name": "None.path-is-absolute-1.0.1",
"product_id": "None.path-is-absolute-1.0.1",
"product_identification_helper": {
"purl": "pkg:npm/path-is-absolute@1.0.1"
}
}
},
{
"category": "product_version",
"name": "None.duplexer-0.1.1",
"product": {
"name": "None.duplexer-0.1.1",
"product_id": "None.duplexer-0.1.1",
"product_identification_helper": {
"purl": "pkg:npm/duplexer@0.1.1"
}
}
},
{
"category": "product_version",
"name": "None.p-try-1.0.0",
"product": {
"name": "None.p-try-1.0.0",
"product_id": "None.p-try-1.0.0",
"product_identification_helper": {
"purl": "pkg:npm/p-try@1.0.0"
}
}
},
{
"category": "product_version",
"name": "None.has-ansi-2.0.0",
"product": {
"name": "None.has-ansi-2.0.0",
"product_id": "None.has-ansi-2.0.0",
"product_identification_helper": {
"purl": "pkg:npm/has-ansi@2.0.0"
}
}
},
{
"category": "product_version",
"name": "None.domutils-1.5.1",
"product": {
"name": "None.domutils-1.5.1",
"product_id": "None.domutils-1.5.1",
"product_identification_helper": {
"purl": "pkg:npm/domutils@1.5.1"
}
}
},
{
"category": "product_version",
"name": "None.json-parse-better-errors-1.0.2",
"product": {
"name": "None.json-parse-better-errors-1.0.2",
"product_id": "None.json-parse-better-errors-1.0.2",
"product_identification_helper": {
"purl": "pkg:npm/json-parse-better-errors@1.0.2"
}
}
},
{
"category": "product_version",
"name": "None.performance-now-2.1.0",
"product": {
"name": "None.performance-now-2.1.0",
"product_id": "None.performance-now-2.1.0",
"product_identification_helper": {
"purl": "pkg:npm/performance-now@2.1.0"
}
}
},
{
"category": "product_version",
"name": "None.domhandler-2.3.0",
"product": {
"name": "None.domhandler-2.3.0",
"product_id": "None.domhandler-2.3.0",
"product_identification_helper": {
"purl": "pkg:npm/domhandler@2.3.0"
}
}
},
{
"category": "product_version",
"name": "None.js-yaml-3.13.1",
"product": {
"name": "None.js-yaml-3.13.1",
"product_id": "None.js-yaml-3.13.1",
"product_identification_helper": {
"purl": "pkg:npm/js-yaml@3.13.1"
}
}
},
{
"category": "product_version",
"name": "None.isarray-1.0.0",
"product": {
"name": "None.isarray-1.0.0",
"product_id": "None.isarray-1.0.0",
"product_identification_helper": {
"purl": "pkg:npm/isarray@1.0.0"
}
}
},
{
"category": "product_version",
"name": "None.htmlparser2-3.8.3",
"product": {
"name": "None.htmlparser2-3.8.3",
"product_id": "None.htmlparser2-3.8.3",
"product_identification_helper": {
"purl": "pkg:npm/htmlparser2@3.8.3"
}
}
},
{
"category": "product_version",
"name": "None.read-pkg-3.0.0",
"product": {
"name": "None.read-pkg-3.0.0",
"product_id": "None.read-pkg-3.0.0",
"product_identification_helper": {
"purl": "pkg:npm/read-pkg@3.0.0"
}
}
},
{
"category": "product_version",
"name": "None.fast-levenshtein-2.0.6",
"product": {
"name": "None.fast-levenshtein-2.0.6",
"product_id": "None.fast-levenshtein-2.0.6",
"product_identification_helper": {
"purl": "pkg:npm/fast-levenshtein@2.0.6"
}
}
},
{
"category": "product_version",
"name": "None.entities-1.0.0",
"product": {
"name": "None.entities-1.0.0",
"product_id": "None.entities-1.0.0",
"product_identification_helper": {
"purl": "pkg:npm/entities@1.0.0"
}
}
},
{
"category": "product_version",
"name": "None.jsesc-2.5.2",
"product": {
"name": "None.jsesc-2.5.2",
"product_id": "None.jsesc-2.5.2",
"product_identification_helper": {
"purl": "pkg:npm/jsesc@2.5.2"
}
}
},
{
"category": "product_version",
"name": "None.verror-1.10.0",
"product": {
"name": "None.verror-1.10.0",
"product_id": "None.verror-1.10.0",
"product_identification_helper": {
"purl": "pkg:npm/verror@1.10.0"
}
}
},
{
"category": "product_version",
"name": "None.assert-plus-1.0.0",
"product": {
"name": "None.assert-plus-1.0.0",
"product_id": "None.assert-plus-1.0.0",
"product_identification_helper": {
"purl": "pkg:npm/assert-plus@1.0.0"
}
}
},
{
"category": "product_version",
"name": "None.chalk-1.1.3",
"product": {
"name": "None.chalk-1.1.3",
"product_id": "None.chalk-1.1.3",
"product_identification_helper": {
"purl": "pkg:npm/chalk@1.1.3"
}
}
},
{
"category": "product_version",
"name": "None.ansi-styles-2.2.1",
"product": {
"name": "None.ansi-styles-2.2.1",
"product_id": "None.ansi-styles-2.2.1",
"product_identification_helper": {
"purl": "pkg:npm/ansi-styles@2.2.1"
}
}
},
{
"category": "product_version",
"name": "None.inherits-2.0.3",
"product": {
"name": "None.inherits-2.0.3",
"product_id": "None.inherits-2.0.3",
"product_identification_helper": {
"purl": "pkg:npm/inherits@2.0.3"
}
}
},
{
"category": "product_version",
"name": "None.dashdash-1.14.1",
"product": {
"name": "None.dashdash-1.14.1",
"product_id": "None.dashdash-1.14.1",
"product_identification_helper": {
"purl": "pkg:npm/dashdash@1.14.1"
}
}
},
{
"category": "product_version",
"name": "None.strip-bom-3.0.0",
"product": {
"name": "None.strip-bom-3.0.0",
"product_id": "None.strip-bom-3.0.0",
"product_identification_helper": {
"purl": "pkg:npm/strip-bom@3.0.0"
}
}
},
{
"category": "product_version",
"name": "None.extend-3.0.2",
"product": {
"name": "None.extend-3.0.2",
"product_id": "None.extend-3.0.2",
"product_identification_helper": {
"purl": "pkg:npm/extend@3.0.2"
}
}
},
{
"category": "product_version",
"name": "None.tunnel-agent-0.6.0",
"product": {
"name": "None.tunnel-agent-0.6.0",
"product_id": "None.tunnel-agent-0.6.0",
"product_identification_helper": {
"purl": "pkg:npm/tunnel-agent@0.6.0"
}
}
},
{
"category": "product_version",
"name": "None.aws-sign2-0.7.0",
"product": {
"name": "None.aws-sign2-0.7.0",
"product_id": "None.aws-sign2-0.7.0",
"product_identification_helper": {
"purl": "pkg:npm/aws-sign2@0.7.0"
}
}
},
{
"category": "product_version",
"name": "None.json-schema-0.2.3",
"product": {
"name": "None.json-schema-0.2.3",
"product_id": "None.json-schema-0.2.3",
"product_identification_helper": {
"purl": "pkg:npm/json-schema@0.2.3"
}
}
},
{
"category": "product_version",
"name": "None.parse-json-4.0.0",
"product": {
"name": "None.parse-json-4.0.0",
"product_id": "None.parse-json-4.0.0",
"product_identification_helper": {
"purl": "pkg:npm/parse-json@4.0.0"
}
}
},
{
"category": "product_version",
"name": "None.punycode-2.1.1",
"product": {
"name": "None.punycode-2.1.1",
"product_id": "None.punycode-2.1.1",
"product_identification_helper": {
"purl": "pkg:npm/punycode@2.1.1"
}
}
},
{
"category": "product_version",
"name": "None.js-tokens-3.0.2",
"product": {
"name": "None.js-tokens-3.0.2",
"product_id": "None.js-tokens-3.0.2",
"product_identification_helper": {
"purl": "pkg:npm/js-tokens@3.0.2"
}
}
},
{
"category": "product_version",
"name": "None.find-up-2.1.0",
"product": {
"name": "None.find-up-2.1.0",
"product_id": "None.find-up-2.1.0",
"product_identification_helper": {
"purl": "pkg:npm/find-up@2.1.0"
}
}
},
{
"category": "product_version",
"name": "None.brace-expansion-1.1.11",
"product": {
"name": "None.brace-expansion-1.1.11",
"product_id": "None.brace-expansion-1.1.11",
"product_identification_helper": {
"purl": "pkg:npm/brace-expansion@1.1.11"
}
}
},
{
"category": "product_version",
"name": "None.sprintf-js-1.0.3",
"product": {
"name": "None.sprintf-js-1.0.3",
"product_id": "None.sprintf-js-1.0.3",
"product_identification_helper": {
"purl": "pkg:npm/sprintf-js@1.0.3"
}
}
},
{
"category": "product_version",
"name": "None.error-ex-1.3.2",
"product": {
"name": "None.error-ex-1.3.2",
"product_id": "None.error-ex-1.3.2",
"product_identification_helper": {
"purl": "pkg:npm/error-ex@1.3.2"
}
}
},
{
"category": "product_version",
"name": "None.request-2.88.0",
"product": {
"name": "None.request-2.88.0",
"product_id": "None.request-2.88.0",
"product_identification_helper": {
"purl": "pkg:npm/request@2.88.0"
}
}
},
{
"category": "product_version",
"name": "None.prelude-ls-1.1.2",
"product": {
"name": "None.prelude-ls-1.1.2",
"product_id": "None.prelude-ls-1.1.2",
"product_identification_helper": {
"purl": "pkg:npm/prelude-ls@1.1.2"
}
}
},
{
"category": "product_version",
"name": "None.delayed-stream-1.0.0",
"product": {
"name": "None.delayed-stream-1.0.0",
"product_id": "None.delayed-stream-1.0.0",
"product_identification_helper": {
"purl": "pkg:npm/delayed-stream@1.0.0"
}
}
},
{
"category": "product_version",
"name": "None.uri-js-4.2.2",
"product": {
"name": "None.uri-js-4.2.2",
"product_id": "None.uri-js-4.2.2",
"product_identification_helper": {
"purl": "pkg:npm/uri-js@4.2.2"
}
}
},
{
"category": "product_version",
"name": "None.forever-agent-0.6.1",
"product": {
"name": "None.forever-agent-0.6.1",
"product_id": "None.forever-agent-0.6.1",
"product_identification_helper": {
"purl": "pkg:npm/forever-agent@0.6.1"
}
}
},
{
"category": "product_version",
"name": "None.har-validator-5.1.3",
"product": {
"name": "None.har-validator-5.1.3",
"product_id": "None.har-validator-5.1.3",
"product_identification_helper": {
"purl": "pkg:npm/har-validator@5.1.3"
}
}
},
{
"category": "product_version",
"name": "None.is-buffer-2.0.3",
"product": {
"name": "None.is-buffer-2.0.3",
"product_id": "None.is-buffer-2.0.3",
"product_identification_helper": {
"purl": "pkg:npm/is-buffer@2.0.3"
}
}
},
{
"category": "product_version",
"name": "None.pify-3.0.0",
"product": {
"name": "None.pify-3.0.0",
"product_id": "None.pify-3.0.0",
"product_identification_helper": {
"purl": "pkg:npm/pify@3.0.0"
}
}
},
{
"category": "product_version",
"name": "None.ansi-regex-4.1.0",
"product": {
"name": "None.ansi-regex-4.1.0",
"product_id": "None.ansi-regex-4.1.0",
"product_identification_helper": {
"purl": "pkg:npm/ansi-regex@4.1.0"
}
}
},
{
"category": "product_version",
"name": "None.supports-color-6.1.0",
"product": {
"name": "None.supports-color-6.1.0",
"product_id": "None.supports-color-6.1.0",
"product_identification_helper": {
"purl": "pkg:npm/supports-color@6.1.0"
}
}
},
{
"category": "product_version",
"name": "None.debug-4.1.1",
"product": {
"name": "None.debug-4.1.1",
"product_id": "None.debug-4.1.1",
"product_identification_helper": {
"purl": "pkg:npm/debug@4.1.1"
}
}
},
{
"category": "product_version",
"name": "None.concat-map-0.0.1",
"product": {
"name": "None.concat-map-0.0.1",
"product_id": "None.concat-map-0.0.1",
"product_identification_helper": {
"purl": "pkg:npm/concat-map@0.0.1"
}
}
},
{
"category": "product_version",
"name": "None.wrappy-1.0.2",
"product": {
"name": "None.wrappy-1.0.2",
"product_id": "None.wrappy-1.0.2",
"product_identification_helper": {
"purl": "pkg:npm/wrappy@1.0.2"
}
}
},
{
"category": "product_version",
"name": "None.tough-cookie-2.4.3",
"product": {
"name": "None.tough-cookie-2.4.3",
"product_id": "None.tough-cookie-2.4.3",
"product_identification_helper": {
"purl": "pkg:npm/tough-cookie@2.4.3"
}
}
},
{
"category": "product_version",
"name": "None.parse-json-2.2.0",
"product": {
"name": "None.parse-json-2.2.0",
"product_id": "None.parse-json-2.2.0",
"product_identification_helper": {
"purl": "pkg:npm/parse-json@2.2.0"
}
}
},
{
"category": "product_version",
"name": "None.getpass-0.1.7",
"product": {
"name": "None.getpass-0.1.7",
"product_id": "None.getpass-0.1.7",
"product_identification_helper": {
"purl": "pkg:npm/getpass@0.1.7"
}
}
},
{
"category": "product_version",
"name": "None.abbrev-1.1.1",
"product": {
"name": "None.abbrev-1.1.1",
"product_id": "None.abbrev-1.1.1",
"product_identification_helper": {
"purl": "pkg:npm/abbrev@1.1.1"
}
}
},
{
"category": "product_version",
"name": "None.readable-stream-1.1.14",
"product": {
"name": "None.readable-stream-1.1.14",
"product_id": "None.readable-stream-1.1.14",
"product_identification_helper": {
"purl": "pkg:npm/readable-stream@1.1.14"
}
}
},
{
"category": "product_version",
"name": "None.loose-envify-1.4.0",
"product": {
"name": "None.loose-envify-1.4.0",
"product_id": "None.loose-envify-1.4.0",
"product_identification_helper": {
"purl": "pkg:npm/loose-envify@1.4.0"
}
}
},
{
"category": "product_version",
"name": "None.readable-stream-3.4.0",
"product": {
"name": "None.readable-stream-3.4.0",
"product_id": "None.readable-stream-3.4.0",
"product_identification_helper": {
"purl": "pkg:npm/readable-stream@3.4.0"
}
}
},
{
"category": "product_version",
"name": "None.rimraf-2.6.3",
"product": {
"name": "None.rimraf-2.6.3",
"product_id": "None.rimraf-2.6.3",
"product_identification_helper": {
"purl": "pkg:npm/rimraf@2.6.3"
}
}
},
{
"category": "product_version",
"name": "None.oauth-sign-0.9.0",
"product": {
"name": "None.oauth-sign-0.9.0",
"product_id": "None.oauth-sign-0.9.0",
"product_identification_helper": {
"purl": "pkg:npm/oauth-sign@0.9.0"
}
}
},
{
"category": "product_version",
"name": "None.marked-0.7.0",
"product": {
"name": "None.marked-0.7.0",
"product_id": "None.marked-0.7.0",
"product_identification_helper": {
"purl": "pkg:npm/marked@0.7.0"
}
}
},
{
"category": "product_version",
"name": "None.babel-code-frame-6.26.0",
"product": {
"name": "None.babel-code-frame-6.26.0",
"product_id": "None.babel-code-frame-6.26.0",
"product_identification_helper": {
"purl": "pkg:npm/babel-code-frame@6.26.0"
}
}
},
{
"category": "product_version",
"name": "None.p-locate-2.0.0",
"product": {
"name": "None.p-locate-2.0.0",
"product_id": "None.p-locate-2.0.0",
"product_identification_helper": {
"purl": "pkg:npm/p-locate@2.0.0"
}
}
},
{
"category": "product_version",
"name": "None.levn-0.3.0",
"product": {
"name": "None.levn-0.3.0",
"product_id": "None.levn-0.3.0",
"product_identification_helper": {
"purl": "pkg:npm/levn@0.3.0"
}
}
},
{
"category": "product_version",
"name": "None.path-exists-3.0.0",
"product": {
"name": "None.path-exists-3.0.0",
"product_id": "None.path-exists-3.0.0",
"product_identification_helper": {
"purl": "pkg:npm/path-exists@3.0.0"
}
}
},
{
"category": "product_version",
"name": "None.uniq-1.0.1",
"product": {
"name": "None.uniq-1.0.1",
"product_id": "None.uniq-1.0.1",
"product_identification_helper": {
"purl": "pkg:npm/uniq@1.0.1"
}
}
},
{
"category": "product_version",
"name": "None.is-arrayish-0.2.1",
"product": {
"name": "None.is-arrayish-0.2.1",
"product_id": "None.is-arrayish-0.2.1",
"product_identification_helper": {
"purl": "pkg:npm/is-arrayish@0.2.1"
}
}
},
{
"category": "product_version",
"name": "None.inflight-1.0.6",
"product": {
"name": "None.inflight-1.0.6",
"product_id": "None.inflight-1.0.6",
"product_identification_helper": {
"purl": "pkg:npm/inflight@1.0.6"
}
}
},
{
"category": "product_version",
"name": "None.fast-deep-equal-2.0.1",
"product": {
"name": "None.fast-deep-equal-2.0.1",
"product_id": "None.fast-deep-equal-2.0.1",
"product_identification_helper": {
"purl": "pkg:npm/fast-deep-equal@2.0.1"
}
}
},
{
"category": "product_version",
"name": "None.form-data-2.3.3",
"product": {
"name": "None.form-data-2.3.3",
"product_id": "None.form-data-2.3.3",
"product_identification_helper": {
"purl": "pkg:npm/form-data@2.3.3"
}
}
},
{
"category": "product_version",
"name": "None.locate-path-2.0.0",
"product": {
"name": "None.locate-path-2.0.0",
"product_id": "None.locate-path-2.0.0",
"product_identification_helper": {
"purl": "pkg:npm/locate-path@2.0.0"
}
}
},
{
"category": "product_version",
"name": "None.escape-html-1.0.3",
"product": {
"name": "None.escape-html-1.0.3",
"product_id": "None.escape-html-1.0.3",
"product_identification_helper": {
"purl": "pkg:npm/escape-html@1.0.3"
}
}
},
{
"category": "product_version",
"name": "None.mime-db-1.40.0",
"product": {
"name": "None.mime-db-1.40.0",
"product_id": "None.mime-db-1.40.0",
"product_identification_helper": {
"purl": "pkg:npm/mime-db@1.40.0"
}
}
},
{
"category": "product_version",
"name": "None.isstream-0.1.2",
"product": {
"name": "None.isstream-0.1.2",
"product_id": "None.isstream-0.1.2",
"product_identification_helper": {
"purl": "pkg:npm/isstream@0.1.2"
}
}
},
{
"category": "product_version",
"name": "None.signal-exit-3.0.2",
"product": {
"name": "None.signal-exit-3.0.2",
"product_id": "None.signal-exit-3.0.2",
"product_identification_helper": {
"purl": "pkg:npm/signal-exit@3.0.2"
}
}
},
{
"category": "product_version",
"name": "None.optionator-0.8.2",
"product": {
"name": "None.optionator-0.8.2",
"product_id": "None.optionator-0.8.2",
"product_identification_helper": {
"purl": "pkg:npm/optionator@0.8.2"
}
}
},
{
"category": "product_version",
"name": "None.core-util-is-1.0.2",
"product": {
"name": "None.core-util-is-1.0.2",
"product_id": "None.core-util-is-1.0.2",
"product_identification_helper": {
"purl": "pkg:npm/core-util-is@1.0.2"
}
}
},
{
"category": "product_version",
"name": "None.domhandler-2.4.2",
"product": {
"name": "None.domhandler-2.4.2",
"product_id": "None.domhandler-2.4.2",
"product_identification_helper": {
"purl": "pkg:npm/domhandler@2.4.2"
}
}
},
{
"category": "product_version",
"name": "None.escape-string-regexp-1.0.5",
"product": {
"name": "None.escape-string-regexp-1.0.5",
"product_id": "None.escape-string-regexp-1.0.5",
"product_identification_helper": {
"purl": "pkg:npm/escape-string-regexp@1.0.5"
}
}
},
{
"category": "product_version",
"name": "None.fast-json-stable-stringify-2.0.0",
"product": {
"name": "None.fast-json-stable-stringify-2.0.0",
"product_id": "None.fast-json-stable-stringify-2.0.0",
"product_identification_helper": {
"purl": "pkg:npm/fast-json-stable-stringify@2.0.0"
}
}
},
{
"category": "product_version",
"name": "None.trim-right-1.0.1",
"product": {
"name": "None.trim-right-1.0.1",
"product_id": "None.trim-right-1.0.1",
"product_identification_helper": {
"purl": "pkg:npm/trim-right@1.0.1"
}
}
},
{
"category": "product_version",
"name": "None.iconv-lite-0.4.24",
"product": {
"name": "None.iconv-lite-0.4.24",
"product_id": "None.iconv-lite-0.4.24",
"product_identification_helper": {
"purl": "pkg:npm/iconv-lite@0.4.24"
}
}
},
{
"category": "product_version",
"name": "None.os-tmpdir-1.0.2",
"product": {
"name": "None.os-tmpdir-1.0.2",
"product_id": "None.os-tmpdir-1.0.2",
"product_identification_helper": {
"purl": "pkg:npm/os-tmpdir@1.0.2"
}
}
},
{
"category": "product_version",
"name": "None.util-deprecate-1.0.2",
"product": {
"name": "None.util-deprecate-1.0.2",
"product_id": "None.util-deprecate-1.0.2",
"product_identification_helper": {
"purl": "pkg:npm/util-deprecate@1.0.2"
}
}
},
{
"category": "product_version",
"name": "None.ms-2.1.2",
"product": {
"name": "None.ms-2.1.2",
"product_id": "None.ms-2.1.2",
"product_identification_helper": {
"purl": "pkg:npm/ms@2.1.2"
}
}
},
{
"category": "product_version",
"name": "None.has-flag-3.0.0",
"product": {
"name": "None.has-flag-3.0.0",
"product_id": "None.has-flag-3.0.0",
"product_identification_helper": {
"purl": "pkg:npm/has-flag@3.0.0"
}
}
},
{
"category": "product_version",
"name": "None.tweetnacl-0.14.5",
"product": {
"name": "None.tweetnacl-0.14.5",
"product_id": "None.tweetnacl-0.14.5",
"product_identification_helper": {
"purl": "pkg:npm/tweetnacl@0.14.5"
}
}
},
{
"category": "product_version",
"name": "None.safer-buffer-2.1.2",
"product": {
"name": "None.safer-buffer-2.1.2",
"product_id": "None.safer-buffer-2.1.2",
"product_identification_helper": {
"purl": "pkg:npm/safer-buffer@2.1.2"
}
}
},
{
"category": "product_version",
"name": "None.bcrypt-pbkdf-1.0.2",
"product": {
"name": "None.bcrypt-pbkdf-1.0.2",
"product_id": "None.bcrypt-pbkdf-1.0.2",
"product_identification_helper": {
"purl": "pkg:npm/bcrypt-pbkdf@1.0.2"
}
}
},
{
"category": "product_version",
"name": "None.wordwrap-1.0.0",
"product": {
"name": "None.wordwrap-1.0.0",
"product_id": "None.wordwrap-1.0.0",
"product_identification_helper": {
"purl": "pkg:npm/wordwrap@1.0.0"
}
}
},
{
"category": "product_version",
"name": "None.json-stringify-safe-5.0.1",
"product": {
"name": "None.json-stringify-safe-5.0.1",
"product_id": "None.json-stringify-safe-5.0.1",
"product_identification_helper": {
"purl": "pkg:npm/json-stringify-safe@5.0.1"
}
}
},
{
"category": "product_version",
"name": "None.entities-1.1.2",
"product": {
"name": "None.entities-1.1.2",
"product_id": "None.entities-1.1.2",
"product_identification_helper": {
"purl": "pkg:npm/entities@1.1.2"
}
}
},
{
"category": "product_version",
"name": "None.pinkie-promise-2.0.1",
"product": {
"name": "None.pinkie-promise-2.0.1",
"product_id": "None.pinkie-promise-2.0.1",
"product_identification_helper": {
"purl": "pkg:npm/pinkie-promise@2.0.1"
}
}
},
{
"category": "product_version",
"name": "None.htmlparser2-3.10.1",
"product": {
"name": "None.htmlparser2-3.10.1",
"product_id": "None.htmlparser2-3.10.1",
"product_identification_helper": {
"purl": "pkg:npm/htmlparser2@3.10.1"
}
}
},
{
"category": "product_version",
"name": "None.load-json-file-4.0.0",
"product": {
"name": "None.load-json-file-4.0.0",
"product_id": "None.load-json-file-4.0.0",
"product_identification_helper": {
"purl": "pkg:npm/load-json-file@4.0.0"
}
}
},
{
"category": "product_version",
"name": "None.commander-2.20.0",
"product": {
"name": "None.commander-2.20.0",
"product_id": "None.commander-2.20.0",
"product_identification_helper": {
"purl": "pkg:npm/commander@2.20.0"
}
}
},
{
"category": "product_version",
"name": "None.color-convert-1.9.3",
"product": {
"name": "None.color-convert-1.9.3",
"product_id": "None.color-convert-1.9.3",
"product_identification_helper": {
"purl": "pkg:npm/color-convert@1.9.3"
}
}
},
{
"category": "product_version",
"name": "None.asynckit-0.4.0",
"product": {
"name": "None.asynckit-0.4.0",
"product_id": "None.asynckit-0.4.0",
"product_identification_helper": {
"purl": "pkg:npm/asynckit@0.4.0"
}
}
},
{
"category": "product_version",
"name": "None.path-parse-1.0.6",
"product": {
"name": "None.path-parse-1.0.6",
"product_id": "None.path-parse-1.0.6",
"product_identification_helper": {
"purl": "pkg:npm/path-parse@1.0.6"
}
}
},
{
"category": "product_version",
"name": "None.mime-1.6.0",
"product": {
"name": "None.mime-1.6.0",
"product_id": "None.mime-1.6.0",
"product_identification_helper": {
"purl": "pkg:npm/mime@1.6.0"
}
}
},
{
"category": "product_version",
"name": "None.spdx-expression-parse-3.0.0",
"product": {
"name": "None.spdx-expression-parse-3.0.0",
"product_id": "None.spdx-expression-parse-3.0.0",
"product_identification_helper": {
"purl": "pkg:npm/spdx-expression-parse@3.0.0"
}
}
},
{
"category": "product_version",
"name": "None.convert-source-map-1.6.0",
"product": {
"name": "None.convert-source-map-1.6.0",
"product_id": "None.convert-source-map-1.6.0",
"product_identification_helper": {
"purl": "pkg:npm/convert-source-map@1.6.0"
}
}
},
{
"category": "product_version",
"name": "None.string_decoder-0.10.31",
"product": {
"name": "None.string_decoder-0.10.31",
"product_id": "None.string_decoder-0.10.31",
"product_identification_helper": {
"purl": "pkg:npm/string_decoder@0.10.31"
}
}
},
{
"category": "product_version",
"name": "None.is-typedarray-1.0.0",
"product": {
"name": "None.is-typedarray-1.0.0",
"product_id": "None.is-typedarray-1.0.0",
"product_identification_helper": {
"purl": "pkg:npm/is-typedarray@1.0.0"
}
}
},
{
"category": "product_version",
"name": "None.ansi-styles-3.2.1",
"product": {
"name": "None.ansi-styles-3.2.1",
"product_id": "None.ansi-styles-3.2.1",
"product_identification_helper": {
"purl": "pkg:npm/ansi-styles@3.2.1"
}
}
},
{
"category": "product_version",
"name": "None.strip-ansi-5.2.0",
"product": {
"name": "None.strip-ansi-5.2.0",
"product_id": "None.strip-ansi-5.2.0",
"product_identification_helper": {
"purl": "pkg:npm/strip-ansi@5.2.0"
}
}
},
{
"category": "product_version",
"name": "None.safe-buffer-5.1.2",
"product": {
"name": "None.safe-buffer-5.1.2",
"product_id": "None.safe-buffer-5.1.2",
"product_identification_helper": {
"purl": "pkg:npm/safe-buffer@5.1.2"
}
}
},
{
"category": "product_version",
"name": "None.imurmurhash-0.1.4",
"product": {
"name": "None.imurmurhash-0.1.4",
"product_id": "None.imurmurhash-0.1.4",
"product_identification_helper": {
"purl": "pkg:npm/imurmurhash@0.1.4"
}
}
},
{
"category": "product_version",
"name": "None.normalize-package-data-2.5.0",
"product": {
"name": "None.normalize-package-data-2.5.0",
"product_id": "None.normalize-package-data-2.5.0",
"product_identification_helper": {
"purl": "pkg:npm/normalize-package-data@2.5.0"
}
}
},
{
"category": "product_version",
"name": "None.emoji-regex-7.0.3",
"product": {
"name": "None.emoji-regex-7.0.3",
"product_id": "None.emoji-regex-7.0.3",
"product_identification_helper": {
"purl": "pkg:npm/emoji-regex@7.0.3"
}
}
},
{
"category": "product_version",
"name": "None.deep-is-0.1.3",
"product": {
"name": "None.deep-is-0.1.3",
"product_id": "None.deep-is-0.1.3",
"product_identification_helper": {
"purl": "pkg:npm/deep-is@0.1.3"
}
}
},
{
"category": "product_version",
"name": "None.pify-2.3.0",
"product": {
"name": "None.pify-2.3.0",
"product_id": "None.pify-2.3.0",
"product_identification_helper": {
"purl": "pkg:npm/pify@2.3.0"
}
}
},
{
"category": "product_version",
"name": "None.debug-3.2.6",
"product": {
"name": "None.debug-3.2.6",
"product_id": "None.debug-3.2.6",
"product_identification_helper": {
"purl": "pkg:npm/debug@3.2.6"
}
}
},
{
"category": "product_version",
"name": "None.spdx-exceptions-2.2.0",
"product": {
"name": "None.spdx-exceptions-2.2.0",
"product_id": "None.spdx-exceptions-2.2.0",
"product_identification_helper": {
"purl": "pkg:npm/spdx-exceptions@2.2.0"
}
}
},
{
"category": "product_version",
"name": "None.p-limit-1.3.0",
"product": {
"name": "None.p-limit-1.3.0",
"product_id": "None.p-limit-1.3.0",
"product_identification_helper": {
"purl": "pkg:npm/p-limit@1.3.0"
}
}
},
{
"category": "product_version",
"name": "None.combined-stream-1.0.8",
"product": {
"name": "None.combined-stream-1.0.8",
"product_id": "None.combined-stream-1.0.8",
"product_identification_helper": {
"purl": "pkg:npm/combined-stream@1.0.8"
}
}
},
{
"category": "product_version",
"name": "None.string-width-3.1.0",
"product": {
"name": "None.string-width-3.1.0",
"product_id": "None.string-width-3.1.0",
"product_identification_helper": {
"purl": "pkg:npm/string-width@3.1.0"
}
}
},
{
"category": "product_version",
"name": "None.extsprintf-1.3.0",
"product": {
"name": "None.extsprintf-1.3.0",
"product_id": "None.extsprintf-1.3.0",
"product_identification_helper": {
"purl": "pkg:npm/extsprintf@1.3.0"
}
}
},
{
"category": "product_version",
"name": "None.asn1-0.2.4",
"product": {
"name": "None.asn1-0.2.4",
"product_id": "None.asn1-0.2.4",
"product_identification_helper": {
"purl": "pkg:npm/asn1@0.2.4"
}
}
},
{
"category": "product_version",
"name": "None.exit-0.1.2",
"product": {
"name": "None.exit-0.1.2",
"product_id": "None.exit-0.1.2",
"product_identification_helper": {
"purl": "pkg:npm/exit@0.1.2"
}
}
},
{
"category": "product_version",
"name": "None.fs.realpath-1.0.0",
"product": {
"name": "None.fs.realpath-1.0.0",
"product_id": "None.fs.realpath-1.0.0",
"product_identification_helper": {
"purl": "pkg:npm/fs.realpath@1.0.0"
}
}
},
{
"category": "product_version",
"name": "None.domelementtype-1.3.1",
"product": {
"name": "None.domelementtype-1.3.1",
"product_id": "None.domelementtype-1.3.1",
"product_identification_helper": {
"purl": "pkg:npm/domelementtype@1.3.1"
}
}
},
{
"category": "product_version",
"name": "None.os-homedir-1.0.2",
"product": {
"name": "None.os-homedir-1.0.2",
"product_id": "None.os-homedir-1.0.2",
"product_identification_helper": {
"purl": "pkg:npm/os-homedir@1.0.2"
}
}
},
{
"category": "product_version",
"name": "None.isarray-0.0.1",
"product": {
"name": "None.isarray-0.0.1",
"product_id": "None.isarray-0.0.1",
"product_identification_helper": {
"purl": "pkg:npm/isarray@0.0.1"
}
}
},
{
"category": "product_version",
"name": "None.js-tokens-4.0.0",
"product": {
"name": "None.js-tokens-4.0.0",
"product_id": "None.js-tokens-4.0.0",
"product_identification_helper": {
"purl": "pkg:npm/js-tokens@4.0.0"
}
}
},
{
"category": "product_version",
"name": "None.minimatch-3.0.4",
"product": {
"name": "None.minimatch-3.0.4",
"product_id": "None.minimatch-3.0.4",
"product_identification_helper": {
"purl": "pkg:npm/minimatch@3.0.4"
}
}
},
{
"category": "product_version",
"name": "None.ignore-4.0.6",
"product": {
"name": "None.ignore-4.0.6",
"product_id": "None.ignore-4.0.6",
"product_identification_helper": {
"purl": "pkg:npm/ignore@4.0.6"
}
}
},
{
"category": "product_version",
"name": "None.mkdirp-0.5.1",
"product": {
"name": "None.mkdirp-0.5.1",
"product_id": "None.mkdirp-0.5.1",
"product_identification_helper": {
"purl": "pkg:npm/mkdirp@0.5.1"
}
}
},
{
"category": "product_version",
"name": "None.to-fast-properties-2.0.0",
"product": {
"name": "None.to-fast-properties-2.0.0",
"product_id": "None.to-fast-properties-2.0.0",
"product_identification_helper": {
"purl": "pkg:npm/to-fast-properties@2.0.0"
}
}
},
{
"category": "product_version",
"name": "None.globals-11.12.0",
"product": {
"name": "None.globals-11.12.0",
"product_id": "None.globals-11.12.0",
"product_identification_helper": {
"purl": "pkg:npm/globals@11.12.0"
}
}
},
{
"category": "product_version",
"name": "None.qs-6.5.2",
"product": {
"name": "None.qs-6.5.2",
"product_id": "None.qs-6.5.2",
"product_identification_helper": {
"purl": "pkg:npm/qs@6.5.2"
}
}
},
{
"category": "product_version",
"name": "None.path-type-3.0.0",
"product": {
"name": "None.path-type-3.0.0",
"product_id": "None.path-type-3.0.0",
"product_identification_helper": {
"purl": "pkg:npm/path-type@3.0.0"
}
}
},
{
"category": "product_version",
"name": "None.isexe-2.0.0",
"product": {
"name": "None.isexe-2.0.0",
"product_id": "None.isexe-2.0.0",
"product_identification_helper": {
"purl": "pkg:npm/isexe@2.0.0"
}
}
},
{
"category": "product_version",
"name": "None.pinkie-2.0.4",
"product": {
"name": "None.pinkie-2.0.4",
"product_id": "None.pinkie-2.0.4",
"product_identification_helper": {
"purl": "pkg:npm/pinkie@2.0.4"
}
}
},
{
"category": "product_version",
"name": "None.which-1.3.1",
"product": {
"name": "None.which-1.3.1",
"product_id": "None.which-1.3.1",
"product_identification_helper": {
"purl": "pkg:npm/which@1.3.1"
}
}
},
{
"category": "product_version",
"name": "None.punycode-1.4.1",
"product": {
"name": "None.punycode-1.4.1",
"product_id": "None.punycode-1.4.1",
"product_identification_helper": {
"purl": "pkg:npm/punycode@1.4.1"
}
}
},
{
"category": "product_version",
"name": "None.sshpk-1.16.1",
"product": {
"name": "None.sshpk-1.16.1",
"product_id": "None.sshpk-1.16.1",
"product_identification_helper": {
"purl": "pkg:npm/sshpk@1.16.1"
}
}
},
{
"category": "product_version",
"name": "None.sax-1.2.4",
"product": {
"name": "None.sax-1.2.4",
"product_id": "None.sax-1.2.4",
"product_identification_helper": {
"purl": "pkg:npm/sax@1.2.4"
}
}
},
{
"category": "product_version",
"name": "None.type-check-0.3.2",
"product": {
"name": "None.type-check-0.3.2",
"product_id": "None.type-check-0.3.2",
"product_identification_helper": {
"purl": "pkg:npm/type-check@0.3.2"
}
}
},
{
"category": "product_version",
"name": "None.string_decoder-1.1.1",
"product": {
"name": "None.string_decoder-1.1.1",
"product_id": "None.string_decoder-1.1.1",
"product_identification_helper": {
"purl": "pkg:npm/string_decoder@1.1.1"
}
}
},
{
"category": "product_version",
"name": "None.object-assign-4.1.1",
"product": {
"name": "None.object-assign-4.1.1",
"product_id": "None.object-assign-4.1.1",
"product_identification_helper": {
"purl": "pkg:npm/object-assign@4.1.1"
}
}
},
{
"category": "product_version",
"name": "None.jsbn-0.1.1",
"product": {
"name": "None.jsbn-0.1.1",
"product_id": "None.jsbn-0.1.1",
"product_identification_helper": {
"purl": "pkg:npm/jsbn@0.1.1"
}
}
},
{
"category": "product_version",
"name": "None.http-signature-1.2.0",
"product": {
"name": "None.http-signature-1.2.0",
"product_id": "None.http-signature-1.2.0",
"product_identification_helper": {
"purl": "pkg:npm/http-signature@1.2.0"
}
}
},
{
"category": "product_version",
"name": "None.chalk-2.4.2",
"product": {
"name": "None.chalk-2.4.2",
"product_id": "None.chalk-2.4.2",
"product_identification_helper": {
"purl": "pkg:npm/chalk@2.4.2"
}
}
},
{
"category": "product_version",
"name": "None.har-schema-2.0.0",
"product": {
"name": "None.har-schema-2.0.0",
"product_id": "None.har-schema-2.0.0",
"product_identification_helper": {
"purl": "pkg:npm/har-schema@2.0.0"
}
}
},
{
"category": "product_version",
"name": "None.array-uniq-1.0.3",
"product": {
"name": "None.array-uniq-1.0.3",
"product_id": "None.array-uniq-1.0.3",
"product_identification_helper": {
"purl": "pkg:npm/array-uniq@1.0.3"
}
}
},
{
"category": "product_version",
"name": "None.ms-2.0.0",
"product": {
"name": "None.ms-2.0.0",
"product_id": "None.ms-2.0.0",
"product_identification_helper": {
"purl": "pkg:npm/ms@2.0.0"
}
}
},
{
"category": "product_version",
"name": "None.strip-ansi-3.0.1",
"product": {
"name": "None.strip-ansi-3.0.1",
"product_id": "None.strip-ansi-3.0.1",
"product_identification_helper": {
"purl": "pkg:npm/strip-ansi@3.0.1"
}
}
},
{
"category": "product_version",
"name": "None.decamelize-1.2.0",
"product": {
"name": "None.decamelize-1.2.0",
"product_id": "None.decamelize-1.2.0",
"product_identification_helper": {
"purl": "pkg:npm/decamelize@1.2.0"
}
}
},
{
"category": "product_version",
"name": "None.validate-npm-package-license-3.0.4",
"product": {
"name": "None.validate-npm-package-license-3.0.4",
"product_id": "None.validate-npm-package-license-3.0.4",
"product_identification_helper": {
"purl": "pkg:npm/validate-npm-package-license@3.0.4"
}
}
},
{
"category": "product_version",
"name": "None.array-union-1.0.2",
"product": {
"name": "None.array-union-1.0.2",
"product_id": "None.array-union-1.0.2",
"product_identification_helper": {
"purl": "pkg:npm/array-union@1.0.2"
}
}
},
{
"category": "product_version",
"name": "None.wordwrap-0.0.3",
"product": {
"name": "None.wordwrap-0.0.3",
"product_id": "None.wordwrap-0.0.3",
"product_identification_helper": {
"purl": "pkg:npm/wordwrap@0.0.3"
}
}
},
{
"category": "product_version",
"name": "None.set-blocking-2.0.0",
"product": {
"name": "None.set-blocking-2.0.0",
"product_id": "None.set-blocking-2.0.0",
"product_identification_helper": {
"purl": "pkg:npm/set-blocking@2.0.0"
}
}
},
{
"category": "product_version",
"name": "None.process-nextick-args-2.0.1",
"product": {
"name": "None.process-nextick-args-2.0.1",
"product_id": "None.process-nextick-args-2.0.1",
"product_identification_helper": {
"purl": "pkg:npm/process-nextick-args@2.0.1"
}
}
},
{
"category": "product_version",
"name": "None.number-is-nan-1.0.1",
"product": {
"name": "None.number-is-nan-1.0.1",
"product_id": "None.number-is-nan-1.0.1",
"product_identification_helper": {
"purl": "pkg:npm/number-is-nan@1.0.1"
}
}
},
{
"category": "product_version",
"name": "None.glob-7.1.4",
"product": {
"name": "None.glob-7.1.4",
"product_id": "None.glob-7.1.4",
"product_identification_helper": {
"purl": "pkg:npm/glob@7.1.4"
}
}
},
{
"category": "product_version",
"name": "None.readable-stream-2.3.6",
"product": {
"name": "None.readable-stream-2.3.6",
"product_id": "None.readable-stream-2.3.6",
"product_identification_helper": {
"purl": "pkg:npm/readable-stream@2.3.6"
}
}
},
{
"category": "product_version",
"name": "None.mime-types-2.1.24",
"product": {
"name": "None.mime-types-2.1.24",
"product_id": "None.mime-types-2.1.24",
"product_identification_helper": {
"purl": "pkg:npm/mime-types@2.1.24"
}
}
},
{
"category": "product_version",
"name": "@babel.helper-get-function-arity-7.0.0",
"product": {
"name": "@babel.helper-get-function-arity-7.0.0",
"product_id": "@babel.helper-get-function-arity-7.0.0",
"product_identification_helper": {
"purl": "pkg:npm/%40babel/helper-get-function-arity@7.0.0"
}
}
},
{
"category": "product_version",
"name": "@babel.helper-function-name-7.1.0",
"product": {
"name": "@babel.helper-function-name-7.1.0",
"product_id": "@babel.helper-function-name-7.1.0",
"product_identification_helper": {
"purl": "pkg:npm/%40babel/helper-function-name@7.1.0"
}
}
},
{
"category": "product_version",
"name": "@types.glob-7.1.1",
"product": {
"name": "@types.glob-7.1.1",
"product_id": "@types.glob-7.1.1",
"product_identification_helper": {
"purl": "pkg:npm/%40types/glob@7.1.1"
}
}
},
{
"category": "product_version",
"name": "@types.minimatch-3.0.3",
"product": {
"name": "@types.minimatch-3.0.3",
"product_id": "@types.minimatch-3.0.3",
"product_identification_helper": {
"purl": "pkg:npm/%40types/minimatch@3.0.3"
}
}
},
{
"category": "product_version",
"name": "@babel.helper-split-export-declaration-7.4.4",
"product": {
"name": "@babel.helper-split-export-declaration-7.4.4",
"product_id": "@babel.helper-split-export-declaration-7.4.4",
"product_identification_helper": {
"purl": "pkg:npm/%40babel/helper-split-export-declaration@7.4.4"
}
}
},
{
"category": "product_version",
"name": "@types.events-3.0.0",
"product": {
"name": "@types.events-3.0.0",
"product_id": "@types.events-3.0.0",
"product_identification_helper": {
"purl": "pkg:npm/%40types/events@3.0.0"
}
}
},
{
"category": "product_version",
"name": "None.esprima-3.1.3",
"product": {
"name": "None.esprima-3.1.3",
"product_id": "None.esprima-3.1.3",
"product_identification_helper": {
"purl": "pkg:npm/esprima@3.1.3"
}
}
},
{
"category": "product_version",
"name": "None.to-regex-3.0.2",
"product": {
"name": "None.to-regex-3.0.2",
"product_id": "None.to-regex-3.0.2",
"product_identification_helper": {
"purl": "pkg:npm/to-regex@3.0.2"
}
}
},
{
"category": "product_version",
"name": "None.osenv-0.1.5",
"product": {
"name": "None.osenv-0.1.5",
"product_id": "None.osenv-0.1.5",
"product_identification_helper": {
"purl": "pkg:npm/osenv@0.1.5"
}
}
},
{
"category": "product_version",
"name": "None.bootstrap-slider-9.10.0",
"product": {
"name": "None.bootstrap-slider-9.10.0",
"product_id": "None.bootstrap-slider-9.10.0",
"product_identification_helper": {
"purl": "pkg:npm/bootstrap-slider@9.10.0"
}
}
},
{
"category": "product_version",
"name": "None.is-plain-object-2.0.4",
"product": {
"name": "None.is-plain-object-2.0.4",
"product_id": "None.is-plain-object-2.0.4",
"product_identification_helper": {
"purl": "pkg:npm/is-plain-object@2.0.4"
}
}
},
{
"category": "product_version",
"name": "None.glob-parent-3.1.0",
"product": {
"name": "None.glob-parent-3.1.0",
"product_id": "None.glob-parent-3.1.0",
"product_identification_helper": {
"purl": "pkg:npm/glob-parent@3.1.0"
}
}
},
{
"category": "product_version",
"name": "@babel.highlight-7.0.0",
"product": {
"name": "@babel.highlight-7.0.0",
"product_id": "@babel.highlight-7.0.0",
"product_identification_helper": {
"purl": "pkg:npm/%40babel/highlight@7.0.0"
}
}
},
{
"category": "product_version",
"name": "None.arr-diff-4.0.0",
"product": {
"name": "None.arr-diff-4.0.0",
"product_id": "None.arr-diff-4.0.0",
"product_identification_helper": {
"purl": "pkg:npm/arr-diff@4.0.0"
}
}
},
{
"category": "product_version",
"name": "None.dot-prop-4.2.0",
"product": {
"name": "None.dot-prop-4.2.0",
"product_id": "None.dot-prop-4.2.0",
"product_identification_helper": {
"purl": "pkg:npm/dot-prop@4.2.0"
}
}
},
{
"category": "product_version",
"name": "None.snapdragon-0.8.2",
"product": {
"name": "None.snapdragon-0.8.2",
"product_id": "None.snapdragon-0.8.2",
"product_identification_helper": {
"purl": "pkg:npm/snapdragon@0.8.2"
}
}
},
{
"category": "product_version",
"name": "None.font-awesome-sass-4.7.0",
"product": {
"name": "None.font-awesome-sass-4.7.0",
"product_id": "None.font-awesome-sass-4.7.0",
"product_identification_helper": {
"purl": "pkg:npm/font-awesome-sass@4.7.0"
}
}
},
{
"category": "product_version",
"name": "None.split-string-3.1.0",
"product": {
"name": "None.split-string-3.1.0",
"product_id": "None.split-string-3.1.0",
"product_identification_helper": {
"purl": "pkg:npm/split-string@3.1.0"
}
}
},
{
"category": "product_version",
"name": "None.is-extendable-1.0.1",
"product": {
"name": "None.is-extendable-1.0.1",
"product_id": "None.is-extendable-1.0.1",
"product_identification_helper": {
"purl": "pkg:npm/is-extendable@1.0.1"
}
}
},
{
"category": "product_version",
"name": "None.http-parser-js-0.4.10",
"product": {
"name": "None.http-parser-js-0.4.10",
"product_id": "None.http-parser-js-0.4.10",
"product_identification_helper": {
"purl": "pkg:npm/http-parser-js@0.4.10"
}
}
},
{
"category": "product_version",
"name": "None.collection-visit-1.0.0",
"product": {
"name": "None.collection-visit-1.0.0",
"product_id": "None.collection-visit-1.0.0",
"product_identification_helper": {
"purl": "pkg:npm/collection-visit@1.0.0"
}
}
},
{
"category": "product_version",
"name": "None.clean-css-4.2.1",
"product": {
"name": "None.clean-css-4.2.1",
"product_id": "None.clean-css-4.2.1",
"product_identification_helper": {
"purl": "pkg:npm/clean-css@4.2.1"
}
}
},
{
"category": "product_version",
"name": "@nodelib.fs.stat-1.1.3",
"product": {
"name": "@nodelib.fs.stat-1.1.3",
"product_id": "@nodelib.fs.stat-1.1.3",
"product_identification_helper": {
"purl": "pkg:npm/%40nodelib/fs.stat@1.1.3"
}
}
},
{
"category": "product_version",
"name": "None.merge2-1.2.3",
"product": {
"name": "None.merge2-1.2.3",
"product_id": "None.merge2-1.2.3",
"product_identification_helper": {
"purl": "pkg:npm/merge2@1.2.3"
}
}
},
{
"category": "product_version",
"name": "None.is-descriptor-1.0.2",
"product": {
"name": "None.is-descriptor-1.0.2",
"product_id": "None.is-descriptor-1.0.2",
"product_identification_helper": {
"purl": "pkg:npm/is-descriptor@1.0.2"
}
}
},
{
"category": "product_version",
"name": "None.is-buffer-1.1.6",
"product": {
"name": "None.is-buffer-1.1.6",
"product_id": "None.is-buffer-1.1.6",
"product_identification_helper": {
"purl": "pkg:npm/is-buffer@1.1.6"
}
}
},
{
"category": "product_version",
"name": "None.unset-value-1.0.0",
"product": {
"name": "None.unset-value-1.0.0",
"product_id": "None.unset-value-1.0.0",
"product_identification_helper": {
"purl": "pkg:npm/unset-value@1.0.0"
}
}
},
{
"category": "product_version",
"name": "None.pascalcase-0.1.1",
"product": {
"name": "None.pascalcase-0.1.1",
"product_id": "None.pascalcase-0.1.1",
"product_identification_helper": {
"purl": "pkg:npm/pascalcase@0.1.1"
}
}
},
{
"category": "product_version",
"name": "None.babel-generator-6.26.1",
"product": {
"name": "None.babel-generator-6.26.1",
"product_id": "None.babel-generator-6.26.1",
"product_identification_helper": {
"purl": "pkg:npm/babel-generator@6.26.1"
}
}
},
{
"category": "product_version",
"name": "None.has-value-0.3.1",
"product": {
"name": "None.has-value-0.3.1",
"product_id": "None.has-value-0.3.1",
"product_identification_helper": {
"purl": "pkg:npm/has-value@0.3.1"
}
}
},
{
"category": "product_version",
"name": "None.is-glob-4.0.1",
"product": {
"name": "None.is-glob-4.0.1",
"product_id": "None.is-glob-4.0.1",
"product_identification_helper": {
"purl": "pkg:npm/is-glob@4.0.1"
}
}
},
{
"category": "product_version",
"name": "None.object-visit-1.0.1",
"product": {
"name": "None.object-visit-1.0.1",
"product_id": "None.object-visit-1.0.1",
"product_identification_helper": {
"purl": "pkg:npm/object-visit@1.0.1"
}
}
},
{
"category": "product_version",
"name": "None.define-property-2.0.2",
"product": {
"name": "None.define-property-2.0.2",
"product_id": "None.define-property-2.0.2",
"product_identification_helper": {
"purl": "pkg:npm/define-property@2.0.2"
}
}
},
{
"category": "product_version",
"name": "None.datatables.net-colreorder-bs-1.3.3",
"product": {
"name": "None.datatables.net-colreorder-bs-1.3.3",
"product_id": "None.datatables.net-colreorder-bs-1.3.3",
"product_identification_helper": {
"purl": "pkg:npm/datatables.net-colreorder-bs@1.3.3"
}
}
},
{
"category": "product_version",
"name": "None.source-map-url-0.4.0",
"product": {
"name": "None.source-map-url-0.4.0",
"product_id": "None.source-map-url-0.4.0",
"product_identification_helper": {
"purl": "pkg:npm/source-map-url@0.4.0"
}
}
},
{
"category": "product_version",
"name": "None.repeat-element-1.1.3",
"product": {
"name": "None.repeat-element-1.1.3",
"product_id": "None.repeat-element-1.1.3",
"product_identification_helper": {
"purl": "pkg:npm/repeat-element@1.1.3"
}
}
},
{
"category": "product_version",
"name": "None.asap-2.0.6",
"product": {
"name": "None.asap-2.0.6",
"product_id": "None.asap-2.0.6",
"product_identification_helper": {
"purl": "pkg:npm/asap@2.0.6"
}
}
},
{
"category": "product_version",
"name": "None.resolve-1.1.7",
"product": {
"name": "None.resolve-1.1.7",
"product_id": "None.resolve-1.1.7",
"product_identification_helper": {
"purl": "pkg:npm/resolve@1.1.7"
}
}
},
{
"category": "product_version",
"name": "None.css-what-2.1.3",
"product": {
"name": "None.css-what-2.1.3",
"product_id": "None.css-what-2.1.3",
"product_identification_helper": {
"purl": "pkg:npm/css-what@2.1.3"
}
}
},
{
"category": "product_version",
"name": "None.faye-websocket-0.10.0",
"product": {
"name": "None.faye-websocket-0.10.0",
"product_id": "None.faye-websocket-0.10.0",
"product_identification_helper": {
"purl": "pkg:npm/faye-websocket@0.10.0"
}
}
},
{
"category": "product_version",
"name": "None.websocket-driver-0.7.3",
"product": {
"name": "None.websocket-driver-0.7.3",
"product_id": "None.websocket-driver-0.7.3",
"product_identification_helper": {
"purl": "pkg:npm/websocket-driver@0.7.3"
}
}
},
{
"category": "product_version",
"name": "None.kind-of-6.0.2",
"product": {
"name": "None.kind-of-6.0.2",
"product_id": "None.kind-of-6.0.2",
"product_identification_helper": {
"purl": "pkg:npm/kind-of@6.0.2"
}
}
},
{
"category": "product_version",
"name": "None.write-1.0.3",
"product": {
"name": "None.write-1.0.3",
"product_id": "None.write-1.0.3",
"product_identification_helper": {
"purl": "pkg:npm/write@1.0.3"
}
}
},
{
"category": "product_version",
"name": "None.global-modules-2.0.0",
"product": {
"name": "None.global-modules-2.0.0",
"product_id": "None.global-modules-2.0.0",
"product_identification_helper": {
"purl": "pkg:npm/global-modules@2.0.0"
}
}
},
{
"category": "product_version",
"name": "None.lodash-4.17.11",
"product": {
"name": "None.lodash-4.17.11",
"product_id": "None.lodash-4.17.11",
"product_identification_helper": {
"purl": "pkg:npm/lodash@4.17.11"
}
}
},
{
"category": "product_version",
"name": "None.css-select-1.2.0",
"product": {
"name": "None.css-select-1.2.0",
"product_id": "None.css-select-1.2.0",
"product_identification_helper": {
"purl": "pkg:npm/css-select@1.2.0"
}
}
},
{
"category": "product_version",
"name": "None.prr-1.0.1",
"product": {
"name": "None.prr-1.0.1",
"product_id": "None.prr-1.0.1",
"product_identification_helper": {
"purl": "pkg:npm/prr@1.0.1"
}
}
},
{
"category": "product_version",
"name": "None.invariant-2.2.4",
"product": {
"name": "None.invariant-2.2.4",
"product_id": "None.invariant-2.2.4",
"product_identification_helper": {
"purl": "pkg:npm/invariant@2.2.4"
}
}
},
{
"category": "product_version",
"name": "None.decode-uri-component-0.2.0",
"product": {
"name": "None.decode-uri-component-0.2.0",
"product_id": "None.decode-uri-component-0.2.0",
"product_identification_helper": {
"purl": "pkg:npm/decode-uri-component@0.2.0"
}
}
},
{
"category": "product_version",
"name": "None.tough-cookie-2.5.0",
"product": {
"name": "None.tough-cookie-2.5.0",
"product_id": "None.tough-cookie-2.5.0",
"product_identification_helper": {
"purl": "pkg:npm/tough-cookie@2.5.0"
}
}
},
{
"category": "product_version",
"name": "None.is-data-descriptor-1.0.0",
"product": {
"name": "None.is-data-descriptor-1.0.0",
"product_id": "None.is-data-descriptor-1.0.0",
"product_identification_helper": {
"purl": "pkg:npm/is-data-descriptor@1.0.0"
}
}
},
{
"category": "product_version",
"name": "None.babel-traverse-6.26.0",
"product": {
"name": "None.babel-traverse-6.26.0",
"product_id": "None.babel-traverse-6.26.0",
"product_identification_helper": {
"purl": "pkg:npm/babel-traverse@6.26.0"
}
}
},
{
"category": "product_version",
"name": "None.postcss-value-parser-3.3.1",
"product": {
"name": "None.postcss-value-parser-3.3.1",
"product_id": "None.postcss-value-parser-3.3.1",
"product_identification_helper": {
"purl": "pkg:npm/postcss-value-parser@3.3.1"
}
}
},
{
"category": "product_version",
"name": "None.errno-0.1.7",
"product": {
"name": "None.errno-0.1.7",
"product_id": "None.errno-0.1.7",
"product_identification_helper": {
"purl": "pkg:npm/errno@0.1.7"
}
}
},
{
"category": "product_version",
"name": "None.indent-string-3.2.0",
"product": {
"name": "None.indent-string-3.2.0",
"product_id": "None.indent-string-3.2.0",
"product_identification_helper": {
"purl": "pkg:npm/indent-string@3.2.0"
}
}
},
{
"category": "product_version",
"name": "None.google-code-prettify-1.0.5",
"product": {
"name": "None.google-code-prettify-1.0.5",
"product_id": "None.google-code-prettify-1.0.5",
"product_identification_helper": {
"purl": "pkg:npm/google-code-prettify@1.0.5"
}
}
},
{
"category": "product_version",
"name": "None.map-visit-1.0.0",
"product": {
"name": "None.map-visit-1.0.0",
"product_id": "None.map-visit-1.0.0",
"product_identification_helper": {
"purl": "pkg:npm/map-visit@1.0.0"
}
}
},
{
"category": "product_version",
"name": "None.hosted-git-info-2.7.1",
"product": {
"name": "None.hosted-git-info-2.7.1",
"product_id": "None.hosted-git-info-2.7.1",
"product_identification_helper": {
"purl": "pkg:npm/hosted-git-info@2.7.1"
}
}
},
{
"category": "product_version",
"name": "None.is-plain-obj-1.1.0",
"product": {
"name": "None.is-plain-obj-1.1.0",
"product_id": "None.is-plain-obj-1.1.0",
"product_identification_helper": {
"purl": "pkg:npm/is-plain-obj@1.1.0"
}
}
},
{
"category": "product_version",
"name": "None.get-value-2.0.6",
"product": {
"name": "None.get-value-2.0.6",
"product_id": "None.get-value-2.0.6",
"product_identification_helper": {
"purl": "pkg:npm/get-value@2.0.6"
}
}
},
{
"category": "product_version",
"name": "None.posix-character-classes-0.1.1",
"product": {
"name": "None.posix-character-classes-0.1.1",
"product_id": "None.posix-character-classes-0.1.1",
"product_identification_helper": {
"purl": "pkg:npm/posix-character-classes@0.1.1"
}
}
},
{
"category": "product_version",
"name": "None.to-regex-range-2.1.1",
"product": {
"name": "None.to-regex-range-2.1.1",
"product_id": "None.to-regex-range-2.1.1",
"product_identification_helper": {
"purl": "pkg:npm/to-regex-range@2.1.1"
}
}
},
{
"category": "product_version",
"name": "None.map-cache-0.2.2",
"product": {
"name": "None.map-cache-0.2.2",
"product_id": "None.map-cache-0.2.2",
"product_identification_helper": {
"purl": "pkg:npm/map-cache@0.2.2"
}
}
},
{
"category": "product_version",
"name": "None.json5-2.1.0",
"product": {
"name": "None.json5-2.1.0",
"product_id": "None.json5-2.1.0",
"product_identification_helper": {
"purl": "pkg:npm/json5@2.1.0"
}
}
},
{
"category": "product_version",
"name": "None.slice-ansi-2.1.0",
"product": {
"name": "None.slice-ansi-2.1.0",
"product_id": "None.slice-ansi-2.1.0",
"product_identification_helper": {
"purl": "pkg:npm/slice-ansi@2.1.0"
}
}
},
{
"category": "product_version",
"name": "None.regex-not-1.0.2",
"product": {
"name": "None.regex-not-1.0.2",
"product_id": "None.regex-not-1.0.2",
"product_identification_helper": {
"purl": "pkg:npm/regex-not@1.0.2"
}
}
},
{
"category": "product_version",
"name": "None.extend-shallow-2.0.1",
"product": {
"name": "None.extend-shallow-2.0.1",
"product_id": "None.extend-shallow-2.0.1",
"product_identification_helper": {
"purl": "pkg:npm/extend-shallow@2.0.1"
}
}
},
{
"category": "product_version",
"name": "None.safe-regex-1.1.0",
"product": {
"name": "None.safe-regex-1.1.0",
"product_id": "None.safe-regex-1.1.0",
"product_identification_helper": {
"purl": "pkg:npm/safe-regex@1.1.0"
}
}
},
{
"category": "product_version",
"name": "None.detect-indent-4.0.0",
"product": {
"name": "None.detect-indent-4.0.0",
"product_id": "None.detect-indent-4.0.0",
"product_identification_helper": {
"purl": "pkg:npm/detect-indent@4.0.0"
}
}
},
{
"category": "product_version",
"name": "None.graceful-fs-4.1.15",
"product": {
"name": "None.graceful-fs-4.1.15",
"product_id": "None.graceful-fs-4.1.15",
"product_identification_helper": {
"purl": "pkg:npm/graceful-fs@4.1.15"
}
}
},
{
"category": "product_version",
"name": "None.snapdragon-util-3.0.1",
"product": {
"name": "None.snapdragon-util-3.0.1",
"product_id": "None.snapdragon-util-3.0.1",
"product_identification_helper": {
"purl": "pkg:npm/snapdragon-util@3.0.1"
}
}
},
{
"category": "product_version",
"name": "None.snapdragon-node-2.1.1",
"product": {
"name": "None.snapdragon-node-2.1.1",
"product_id": "None.snapdragon-node-2.1.1",
"product_identification_helper": {
"purl": "pkg:npm/snapdragon-node@2.1.1"
}
}
},
{
"category": "product_version",
"name": "None.caller-callsite-2.0.0",
"product": {
"name": "None.caller-callsite-2.0.0",
"product_id": "None.caller-callsite-2.0.0",
"product_identification_helper": {
"purl": "pkg:npm/caller-callsite@2.0.0"
}
}
},
{
"category": "product_version",
"name": "None.yallist-3.0.3",
"product": {
"name": "None.yallist-3.0.3",
"product_id": "None.yallist-3.0.3",
"product_identification_helper": {
"purl": "pkg:npm/yallist@3.0.3"
}
}
},
{
"category": "product_version",
"name": "None.globals-9.18.0",
"product": {
"name": "None.globals-9.18.0",
"product_id": "None.globals-9.18.0",
"product_identification_helper": {
"purl": "pkg:npm/globals@9.18.0"
}
}
},
{
"category": "product_version",
"name": "None.string-width-1.0.2",
"product": {
"name": "None.string-width-1.0.2",
"product_id": "None.string-width-1.0.2",
"product_identification_helper": {
"purl": "pkg:npm/string-width@1.0.2"
}
}
},
{
"category": "product_version",
"name": "None.global-prefix-3.0.0",
"product": {
"name": "None.global-prefix-3.0.0",
"product_id": "None.global-prefix-3.0.0",
"product_identification_helper": {
"purl": "pkg:npm/global-prefix@3.0.0"
}
}
},
{
"category": "product_version",
"name": "None.spdx-license-ids-3.0.4",
"product": {
"name": "None.spdx-license-ids-3.0.4",
"product_id": "None.spdx-license-ids-3.0.4",
"product_identification_helper": {
"purl": "pkg:npm/spdx-license-ids@3.0.4"
}
}
},
{
"category": "product_version",
"name": "None.file-entry-cache-5.0.1",
"product": {
"name": "None.file-entry-cache-5.0.1",
"product_id": "None.file-entry-cache-5.0.1",
"product_identification_helper": {
"purl": "pkg:npm/file-entry-cache@5.0.1"
}
}
},
{
"category": "product_version",
"name": "None.extend-shallow-3.0.2",
"product": {
"name": "None.extend-shallow-3.0.2",
"product_id": "None.extend-shallow-3.0.2",
"product_identification_helper": {
"purl": "pkg:npm/extend-shallow@3.0.2"
}
}
},
{
"category": "product_version",
"name": "None.component-emitter-1.3.0",
"product": {
"name": "None.component-emitter-1.3.0",
"product_id": "None.component-emitter-1.3.0",
"product_identification_helper": {
"purl": "pkg:npm/component-emitter@1.3.0"
}
}
},
{
"category": "product_version",
"name": "None.bootstrap-switch-3.3.4",
"product": {
"name": "None.bootstrap-switch-3.3.4",
"product_id": "None.bootstrap-switch-3.3.4",
"product_identification_helper": {
"purl": "pkg:npm/bootstrap-switch@3.3.4"
}
}
},
{
"category": "product_version",
"name": "None.class-utils-0.3.6",
"product": {
"name": "None.class-utils-0.3.6",
"product_id": "None.class-utils-0.3.6",
"product_identification_helper": {
"purl": "pkg:npm/class-utils@0.3.6"
}
}
},
{
"category": "product_version",
"name": "None.has-values-1.0.0",
"product": {
"name": "None.has-values-1.0.0",
"product_id": "None.has-values-1.0.0",
"product_identification_helper": {
"purl": "pkg:npm/has-values@1.0.0"
}
}
},
{
"category": "product_version",
"name": "None.postcss-selector-parser-3.1.1",
"product": {
"name": "None.postcss-selector-parser-3.1.1",
"product_id": "None.postcss-selector-parser-3.1.1",
"product_identification_helper": {
"purl": "pkg:npm/postcss-selector-parser@3.1.1"
}
}
},
{
"category": "product_version",
"name": "None.is-extglob-2.1.1",
"product": {
"name": "None.is-extglob-2.1.1",
"product_id": "None.is-extglob-2.1.1",
"product_identification_helper": {
"purl": "pkg:npm/is-extglob@2.1.1"
}
}
},
{
"category": "product_version",
"name": "None.flat-cache-2.0.1",
"product": {
"name": "None.flat-cache-2.0.1",
"product_id": "None.flat-cache-2.0.1",
"product_identification_helper": {
"purl": "pkg:npm/flat-cache@2.0.1"
}
}
},
{
"category": "product_version",
"name": "None.fill-range-4.0.0",
"product": {
"name": "None.fill-range-4.0.0",
"product_id": "None.fill-range-4.0.0",
"product_identification_helper": {
"purl": "pkg:npm/fill-range@4.0.0"
}
}
},
{
"category": "product_version",
"name": "None.repeating-2.0.1",
"product": {
"name": "None.repeating-2.0.1",
"product_id": "None.repeating-2.0.1",
"product_identification_helper": {
"purl": "pkg:npm/repeating@2.0.1"
}
}
},
{
"category": "product_version",
"name": "None.async-1.5.2",
"product": {
"name": "None.async-1.5.2",
"product_id": "None.async-1.5.2",
"product_identification_helper": {
"purl": "pkg:npm/async@1.5.2"
}
}
},
{
"category": "product_version",
"name": "None.has-values-0.1.4",
"product": {
"name": "None.has-values-0.1.4",
"product_id": "None.has-values-0.1.4",
"product_identification_helper": {
"purl": "pkg:npm/has-values@0.1.4"
}
}
},
{
"category": "product_version",
"name": "None.isobject-2.1.0",
"product": {
"name": "None.isobject-2.1.0",
"product_id": "None.isobject-2.1.0",
"product_identification_helper": {
"purl": "pkg:npm/isobject@2.1.0"
}
}
},
{
"category": "product_version",
"name": "None.is-directory-0.3.1",
"product": {
"name": "None.is-directory-0.3.1",
"product_id": "None.is-directory-0.3.1",
"product_identification_helper": {
"purl": "pkg:npm/is-directory@0.3.1"
}
}
},
{
"category": "product_version",
"name": "None.xtend-4.0.1",
"product": {
"name": "None.xtend-4.0.1",
"product_id": "None.xtend-4.0.1",
"product_identification_helper": {
"purl": "pkg:npm/xtend@4.0.1"
}
}
},
{
"category": "product_version",
"name": "None.is-fullwidth-code-point-1.0.0",
"product": {
"name": "None.is-fullwidth-code-point-1.0.0",
"product_id": "None.is-fullwidth-code-point-1.0.0",
"product_identification_helper": {
"purl": "pkg:npm/is-fullwidth-code-point@1.0.0"
}
}
},
{
"category": "product_version",
"name": "None.nopt-4.0.1",
"product": {
"name": "None.nopt-4.0.1",
"product_id": "None.nopt-4.0.1",
"product_identification_helper": {
"purl": "pkg:npm/nopt@4.0.1"
}
}
},
{
"category": "product_version",
"name": "None.bootstrap-3.3.7",
"product": {
"name": "None.bootstrap-3.3.7",
"product_id": "None.bootstrap-3.3.7",
"product_identification_helper": {
"purl": "pkg:npm/bootstrap@3.3.7"
}
}
},
{
"category": "product_version",
"name": "None.extglob-2.0.4",
"product": {
"name": "None.extglob-2.0.4",
"product_id": "None.extglob-2.0.4",
"product_identification_helper": {
"purl": "pkg:npm/extglob@2.0.4"
}
}
},
{
"category": "product_version",
"name": "None.array-find-index-1.0.2",
"product": {
"name": "None.array-find-index-1.0.2",
"product_id": "None.array-find-index-1.0.2",
"product_identification_helper": {
"purl": "pkg:npm/array-find-index@1.0.2"
}
}
},
{
"category": "product_version",
"name": "None.assign-symbols-1.0.0",
"product": {
"name": "None.assign-symbols-1.0.0",
"product_id": "None.assign-symbols-1.0.0",
"product_identification_helper": {
"purl": "pkg:npm/assign-symbols@1.0.0"
}
}
},
{
"category": "product_version",
"name": "None.is-extendable-0.1.1",
"product": {
"name": "None.is-extendable-0.1.1",
"product_id": "None.is-extendable-0.1.1",
"product_identification_helper": {
"purl": "pkg:npm/is-extendable@0.1.1"
}
}
},
{
"category": "product_version",
"name": "None.ini-1.3.5",
"product": {
"name": "None.ini-1.3.5",
"product_id": "None.ini-1.3.5",
"product_identification_helper": {
"purl": "pkg:npm/ini@1.3.5"
}
}
},
{
"category": "product_version",
"name": "None.micromatch-3.1.10",
"product": {
"name": "None.micromatch-3.1.10",
"product_id": "None.micromatch-3.1.10",
"product_identification_helper": {
"purl": "pkg:npm/micromatch@3.1.10"
}
}
},
{
"category": "product_version",
"name": "None.semver-5.7.0",
"product": {
"name": "None.semver-5.7.0",
"product_id": "None.semver-5.7.0",
"product_identification_helper": {
"purl": "pkg:npm/semver@5.7.0"
}
}
},
{
"category": "product_version",
"name": "None.is-accessor-descriptor-1.0.0",
"product": {
"name": "None.is-accessor-descriptor-1.0.0",
"product_id": "None.is-accessor-descriptor-1.0.0",
"product_identification_helper": {
"purl": "pkg:npm/is-accessor-descriptor@1.0.0"
}
}
},
{
"category": "product_version",
"name": "None.eonasdan-bootstrap-datetimepicker-4.17.47",
"product": {
"name": "None.eonasdan-bootstrap-datetimepicker-4.17.47",
"product_id": "None.eonasdan-bootstrap-datetimepicker-4.17.47",
"product_identification_helper": {
"purl": "pkg:npm/eonasdan-bootstrap-datetimepicker@4.17.47"
}
}
},
{
"category": "product_version",
"name": "None.urix-0.1.0",
"product": {
"name": "None.urix-0.1.0",
"product_id": "None.urix-0.1.0",
"product_identification_helper": {
"purl": "pkg:npm/urix@0.1.0"
}
}
},
{
"category": "product_version",
"name": "None.chownr-1.1.1",
"product": {
"name": "None.chownr-1.1.1",
"product_id": "None.chownr-1.1.1",
"product_identification_helper": {
"purl": "pkg:npm/chownr@1.1.1"
}
}
},
{
"category": "product_version",
"name": "None.bootstrap-touchspin-3.1.1",
"product": {
"name": "None.bootstrap-touchspin-3.1.1",
"product_id": "None.bootstrap-touchspin-3.1.1",
"product_identification_helper": {
"purl": "pkg:npm/bootstrap-touchspin@3.1.1"
}
}
},
{
"category": "product_version",
"name": "None.babel-types-6.26.0",
"product": {
"name": "None.babel-types-6.26.0",
"product_id": "None.babel-types-6.26.0",
"product_identification_helper": {
"purl": "pkg:npm/babel-types@6.26.0"
}
}
},
{
"category": "product_version",
"name": "@babel.code-frame-7.0.0",
"product": {
"name": "@babel.code-frame-7.0.0",
"product_id": "@babel.code-frame-7.0.0",
"product_identification_helper": {
"purl": "pkg:npm/%40babel/code-frame@7.0.0"
}
}
},
{
"category": "product_version",
"name": "None.patternfly-bootstrap-combobox-1.1.7",
"product": {
"name": "None.patternfly-bootstrap-combobox-1.1.7",
"product_id": "None.patternfly-bootstrap-combobox-1.1.7",
"product_identification_helper": {
"purl": "pkg:npm/patternfly-bootstrap-combobox@1.1.7"
}
}
},
{
"category": "product_version",
"name": "None.to-object-path-0.3.0",
"product": {
"name": "None.to-object-path-0.3.0",
"product_id": "None.to-object-path-0.3.0",
"product_identification_helper": {
"purl": "pkg:npm/to-object-path@0.3.0"
}
}
},
{
"category": "product_version",
"name": "None.cssom-0.3.6",
"product": {
"name": "None.cssom-0.3.6",
"product_id": "None.cssom-0.3.6",
"product_identification_helper": {
"purl": "pkg:npm/cssom@0.3.6"
}
}
},
{
"category": "product_version",
"name": "None.repeat-string-1.6.1",
"product": {
"name": "None.repeat-string-1.6.1",
"product_id": "None.repeat-string-1.6.1",
"product_identification_helper": {
"purl": "pkg:npm/repeat-string@1.6.1"
}
}
},
{
"category": "product_version",
"name": "None.homedir-polyfill-1.0.3",
"product": {
"name": "None.homedir-polyfill-1.0.3",
"product_id": "None.homedir-polyfill-1.0.3",
"product_identification_helper": {
"purl": "pkg:npm/homedir-polyfill@1.0.3"
}
}
},
{
"category": "product_version",
"name": "None.arrify-1.0.1",
"product": {
"name": "None.arrify-1.0.1",
"product_id": "None.arrify-1.0.1",
"product_identification_helper": {
"purl": "pkg:npm/arrify@1.0.1"
}
}
},
{
"category": "product_version",
"name": "None.base-0.11.2",
"product": {
"name": "None.base-0.11.2",
"product_id": "None.base-0.11.2",
"product_identification_helper": {
"purl": "pkg:npm/base@0.11.2"
}
}
},
{
"category": "product_version",
"name": "None.arr-flatten-1.1.0",
"product": {
"name": "None.arr-flatten-1.1.0",
"product_id": "None.arr-flatten-1.1.0",
"product_identification_helper": {
"purl": "pkg:npm/arr-flatten@1.1.0"
}
}
},
{
"category": "product_version",
"name": "None.drmonty-datatables-colvis-1.1.2",
"product": {
"name": "None.drmonty-datatables-colvis-1.1.2",
"product_id": "None.drmonty-datatables-colvis-1.1.2",
"product_identification_helper": {
"purl": "pkg:npm/drmonty-datatables-colvis@1.1.2"
}
}
},
{
"category": "product_version",
"name": "None.jsonfile-4.0.0",
"product": {
"name": "None.jsonfile-4.0.0",
"product_id": "None.jsonfile-4.0.0",
"product_identification_helper": {
"purl": "pkg:npm/jsonfile@4.0.0"
}
}
},
{
"category": "product_version",
"name": "None.parse5-3.0.3",
"product": {
"name": "None.parse5-3.0.3",
"product_id": "None.parse5-3.0.3",
"product_identification_helper": {
"purl": "pkg:npm/parse5@3.0.3"
}
}
},
{
"category": "product_version",
"name": "None.is-obj-1.0.1",
"product": {
"name": "None.is-obj-1.0.1",
"product_id": "None.is-obj-1.0.1",
"product_identification_helper": {
"purl": "pkg:npm/is-obj@1.0.1"
}
}
},
{
"category": "product_version",
"name": "None.dom-serializer-0.1.1",
"product": {
"name": "None.dom-serializer-0.1.1",
"product_id": "None.dom-serializer-0.1.1",
"product_identification_helper": {
"purl": "pkg:npm/dom-serializer@0.1.1"
}
}
},
{
"category": "product_version",
"name": "None.callsites-2.0.0",
"product": {
"name": "None.callsites-2.0.0",
"product_id": "None.callsites-2.0.0",
"product_identification_helper": {
"purl": "pkg:npm/callsites@2.0.0"
}
}
},
{
"category": "product_version",
"name": "None.kind-of-3.2.2",
"product": {
"name": "None.kind-of-3.2.2",
"product_id": "None.kind-of-3.2.2",
"product_identification_helper": {
"purl": "pkg:npm/kind-of@3.2.2"
}
}
},
{
"category": "product_version",
"name": "None.object.pick-1.3.0",
"product": {
"name": "None.object.pick-1.3.0",
"product_id": "None.object.pick-1.3.0",
"product_identification_helper": {
"purl": "pkg:npm/object.pick@1.3.0"
}
}
},
{
"category": "product_version",
"name": "None.babel-messages-6.23.0",
"product": {
"name": "None.babel-messages-6.23.0",
"product_id": "None.babel-messages-6.23.0",
"product_identification_helper": {
"purl": "pkg:npm/babel-messages@6.23.0"
}
}
},
{
"category": "product_version",
"name": "None.postcss-6.0.23",
"product": {
"name": "None.postcss-6.0.23",
"product_id": "None.postcss-6.0.23",
"product_identification_helper": {
"purl": "pkg:npm/postcss@6.0.23"
}
}
},
{
"category": "product_version",
"name": "None.object-copy-0.1.0",
"product": {
"name": "None.object-copy-0.1.0",
"product_id": "None.object-copy-0.1.0",
"product_identification_helper": {
"purl": "pkg:npm/object-copy@0.1.0"
}
}
},
{
"category": "product_version",
"name": "None.source-map-resolve-0.5.2",
"product": {
"name": "None.source-map-resolve-0.5.2",
"product_id": "None.source-map-resolve-0.5.2",
"product_identification_helper": {
"purl": "pkg:npm/source-map-resolve@0.5.2"
}
}
},
{
"category": "product_version",
"name": "None.universalify-0.1.2",
"product": {
"name": "None.universalify-0.1.2",
"product_id": "None.universalify-0.1.2",
"product_identification_helper": {
"purl": "pkg:npm/universalify@0.1.2"
}
}
},
{
"category": "product_version",
"name": "None.resolve-url-0.2.1",
"product": {
"name": "None.resolve-url-0.2.1",
"product_id": "None.resolve-url-0.2.1",
"product_identification_helper": {
"purl": "pkg:npm/resolve-url@0.2.1"
}
}
},
{
"category": "product_version",
"name": "None.estraverse-4.2.0",
"product": {
"name": "None.estraverse-4.2.0",
"product_id": "None.estraverse-4.2.0",
"product_identification_helper": {
"purl": "pkg:npm/estraverse@4.2.0"
}
}
},
{
"category": "product_version",
"name": "None.font-awesome-4.7.0",
"product": {
"name": "None.font-awesome-4.7.0",
"product_id": "None.font-awesome-4.7.0",
"product_identification_helper": {
"purl": "pkg:npm/font-awesome@4.7.0"
}
}
},
{
"category": "product_version",
"name": "None.nanomatch-1.2.13",
"product": {
"name": "None.nanomatch-1.2.13",
"product_id": "None.nanomatch-1.2.13",
"product_identification_helper": {
"purl": "pkg:npm/nanomatch@1.2.13"
}
}
},
{
"category": "product_version",
"name": "None.fragment-cache-0.2.1",
"product": {
"name": "None.fragment-cache-0.2.1",
"product_id": "None.fragment-cache-0.2.1",
"product_identification_helper": {
"purl": "pkg:npm/fragment-cache@0.2.1"
}
}
},
{
"category": "product_version",
"name": "None.datatables.net-1.10.16",
"product": {
"name": "None.datatables.net-1.10.16",
"product_id": "None.datatables.net-1.10.16",
"product_identification_helper": {
"purl": "pkg:npm/datatables.net@1.10.16"
}
}
},
{
"category": "product_version",
"name": "None.resolve-from-3.0.0",
"product": {
"name": "None.resolve-from-3.0.0",
"product_id": "None.resolve-from-3.0.0",
"product_identification_helper": {
"purl": "pkg:npm/resolve-from@3.0.0"
}
}
},
{
"category": "product_version",
"name": "None.esutils-2.0.2",
"product": {
"name": "None.esutils-2.0.2",
"product_id": "None.esutils-2.0.2",
"product_identification_helper": {
"purl": "pkg:npm/esutils@2.0.2"
}
}
},
{
"category": "product_version",
"name": "None.is-accessor-descriptor-0.1.6",
"product": {
"name": "None.is-accessor-descriptor-0.1.6",
"product_id": "None.is-accessor-descriptor-0.1.6",
"product_identification_helper": {
"purl": "pkg:npm/is-accessor-descriptor@0.1.6"
}
}
},
{
"category": "product_version",
"name": "None.expand-brackets-2.1.4",
"product": {
"name": "None.expand-brackets-2.1.4",
"product_id": "None.expand-brackets-2.1.4",
"product_identification_helper": {
"purl": "pkg:npm/expand-brackets@2.1.4"
}
}
},
{
"category": "product_version",
"name": "None.ret-0.1.15",
"product": {
"name": "None.ret-0.1.15",
"product_id": "None.ret-0.1.15",
"product_identification_helper": {
"purl": "pkg:npm/ret@0.1.15"
}
}
},
{
"category": "product_version",
"name": "None.babel-runtime-6.26.0",
"product": {
"name": "None.babel-runtime-6.26.0",
"product_id": "None.babel-runtime-6.26.0",
"product_identification_helper": {
"purl": "pkg:npm/babel-runtime@6.26.0"
}
}
},
{
"category": "product_version",
"name": "None.promise-7.3.1",
"product": {
"name": "None.promise-7.3.1",
"product_id": "None.promise-7.3.1",
"product_identification_helper": {
"purl": "pkg:npm/promise@7.3.1"
}
}
},
{
"category": "product_version",
"name": "None.caller-path-2.0.0",
"product": {
"name": "None.caller-path-2.0.0",
"product_id": "None.caller-path-2.0.0",
"product_identification_helper": {
"purl": "pkg:npm/caller-path@2.0.0"
}
}
},
{
"category": "product_version",
"name": "None.global-prefix-1.0.2",
"product": {
"name": "None.global-prefix-1.0.2",
"product_id": "None.global-prefix-1.0.2",
"product_identification_helper": {
"purl": "pkg:npm/global-prefix@1.0.2"
}
}
},
{
"category": "product_version",
"name": "None.is-data-descriptor-0.1.4",
"product": {
"name": "None.is-data-descriptor-0.1.4",
"product_id": "None.is-data-descriptor-0.1.4",
"product_identification_helper": {
"purl": "pkg:npm/is-data-descriptor@0.1.4"
}
}
},
{
"category": "product_version",
"name": "None.atob-2.1.2",
"product": {
"name": "None.atob-2.1.2",
"product_id": "None.atob-2.1.2",
"product_identification_helper": {
"purl": "pkg:npm/atob@2.1.2"
}
}
},
{
"category": "product_version",
"name": "None.to-fast-properties-1.0.3",
"product": {
"name": "None.to-fast-properties-1.0.3",
"product_id": "None.to-fast-properties-1.0.3",
"product_identification_helper": {
"purl": "pkg:npm/to-fast-properties@1.0.3"
}
}
},
{
"category": "product_version",
"name": "None.datatables.net-bs-1.10.16",
"product": {
"name": "None.datatables.net-bs-1.10.16",
"product_id": "None.datatables.net-bs-1.10.16",
"product_identification_helper": {
"purl": "pkg:npm/datatables.net-bs@1.10.16"
}
}
},
{
"category": "product_version",
"name": "None.css-unit-converter-1.1.1",
"product": {
"name": "None.css-unit-converter-1.1.1",
"product_id": "None.css-unit-converter-1.1.1",
"product_identification_helper": {
"purl": "pkg:npm/css-unit-converter@1.1.1"
}
}
},
{
"category": "product_version",
"name": "None.parse-passwd-1.0.0",
"product": {
"name": "None.parse-passwd-1.0.0",
"product_id": "None.parse-passwd-1.0.0",
"product_identification_helper": {
"purl": "pkg:npm/parse-passwd@1.0.0"
}
}
},
{
"category": "product_version",
"name": "None.d3-3.5.17",
"product": {
"name": "None.d3-3.5.17",
"product_id": "None.d3-3.5.17",
"product_identification_helper": {
"purl": "pkg:npm/d3@3.5.17"
}
}
},
{
"category": "product_version",
"name": "None.is-windows-1.0.2",
"product": {
"name": "None.is-windows-1.0.2",
"product_id": "None.is-windows-1.0.2",
"product_identification_helper": {
"purl": "pkg:npm/is-windows@1.0.2"
}
}
},
{
"category": "product_version",
"name": "None.braces-2.3.2",
"product": {
"name": "None.braces-2.3.2",
"product_id": "None.braces-2.3.2",
"product_identification_helper": {
"purl": "pkg:npm/braces@2.3.2"
}
}
},
{
"category": "product_version",
"name": "None.import-fresh-2.0.0",
"product": {
"name": "None.import-fresh-2.0.0",
"product_id": "None.import-fresh-2.0.0",
"product_identification_helper": {
"purl": "pkg:npm/import-fresh@2.0.0"
}
}
},
{
"category": "product_version",
"name": "None.is-glob-3.1.0",
"product": {
"name": "None.is-glob-3.1.0",
"product_id": "None.is-glob-3.1.0",
"product_identification_helper": {
"purl": "pkg:npm/is-glob@3.1.0"
}
}
},
{
"category": "product_version",
"name": "None.kind-of-5.1.0",
"product": {
"name": "None.kind-of-5.1.0",
"product_id": "None.kind-of-5.1.0",
"product_identification_helper": {
"purl": "pkg:npm/kind-of@5.1.0"
}
}
},
{
"category": "product_version",
"name": "None.use-3.1.1",
"product": {
"name": "None.use-3.1.1",
"product_id": "None.use-3.1.1",
"product_identification_helper": {
"purl": "pkg:npm/use@3.1.1"
}
}
},
{
"category": "product_version",
"name": "None.indexes-of-1.0.1",
"product": {
"name": "None.indexes-of-1.0.1",
"product_id": "None.indexes-of-1.0.1",
"product_identification_helper": {
"purl": "pkg:npm/indexes-of@1.0.1"
}
}
},
{
"category": "product_version",
"name": "None.code-point-at-1.1.0",
"product": {
"name": "None.code-point-at-1.1.0",
"product_id": "None.code-point-at-1.1.0",
"product_identification_helper": {
"purl": "pkg:npm/code-point-at@1.1.0"
}
}
},
{
"category": "product_version",
"name": "None.replace-ext-1.0.0",
"product": {
"name": "None.replace-ext-1.0.0",
"product_id": "None.replace-ext-1.0.0",
"product_identification_helper": {
"purl": "pkg:npm/replace-ext@1.0.0"
}
}
},
{
"category": "product_version",
"name": "None.escodegen-1.11.1",
"product": {
"name": "None.escodegen-1.11.1",
"product_id": "None.escodegen-1.11.1",
"product_identification_helper": {
"purl": "pkg:npm/escodegen@1.11.1"
}
}
},
{
"category": "product_version",
"name": "None.ajv-6.10.0",
"product": {
"name": "None.ajv-6.10.0",
"product_id": "None.ajv-6.10.0",
"product_identification_helper": {
"purl": "pkg:npm/ajv@6.10.0"
}
}
},
{
"category": "product_version",
"name": "None.css-2.2.4",
"product": {
"name": "None.css-2.2.4",
"product_id": "None.css-2.2.4",
"product_identification_helper": {
"purl": "pkg:npm/css@2.2.4"
}
}
},
{
"category": "product_version",
"name": "None.moment-timezone-0.4.1",
"product": {
"name": "None.moment-timezone-0.4.1",
"product_id": "None.moment-timezone-0.4.1",
"product_identification_helper": {
"purl": "pkg:npm/moment-timezone@0.4.1"
}
}
},
{
"category": "product_version",
"name": "None.slash-2.0.0",
"product": {
"name": "None.slash-2.0.0",
"product_id": "None.slash-2.0.0",
"product_identification_helper": {
"purl": "pkg:npm/slash@2.0.0"
}
}
},
{
"category": "product_version",
"name": "None.babylon-6.18.0",
"product": {
"name": "None.babylon-6.18.0",
"product_id": "None.babylon-6.18.0",
"product_identification_helper": {
"purl": "pkg:npm/babylon@6.18.0"
}
}
},
{
"category": "product_version",
"name": "None.define-property-0.2.5",
"product": {
"name": "None.define-property-0.2.5",
"product_id": "None.define-property-0.2.5",
"product_identification_helper": {
"purl": "pkg:npm/define-property@0.2.5"
}
}
},
{
"category": "product_version",
"name": "None.path-dirname-1.0.2",
"product": {
"name": "None.path-dirname-1.0.2",
"product_id": "None.path-dirname-1.0.2",
"product_identification_helper": {
"purl": "pkg:npm/path-dirname@1.0.2"
}
}
},
{
"category": "product_version",
"name": "None.jsesc-1.3.0",
"product": {
"name": "None.jsesc-1.3.0",
"product_id": "None.jsesc-1.3.0",
"product_identification_helper": {
"purl": "pkg:npm/jsesc@1.3.0"
}
}
},
{
"category": "product_version",
"name": "None.uuid-3.3.2",
"product": {
"name": "None.uuid-3.3.2",
"product_id": "None.uuid-3.3.2",
"product_identification_helper": {
"purl": "pkg:npm/uuid@3.3.2"
}
}
},
{
"category": "product_version",
"name": "None.define-property-1.0.0",
"product": {
"name": "None.define-property-1.0.0",
"product_id": "None.define-property-1.0.0",
"product_identification_helper": {
"purl": "pkg:npm/define-property@1.0.0"
}
}
},
{
"category": "product_version",
"name": "None.is-number-3.0.0",
"product": {
"name": "None.is-number-3.0.0",
"product_id": "None.is-number-3.0.0",
"product_identification_helper": {
"purl": "pkg:npm/is-number@3.0.0"
}
}
},
{
"category": "product_version",
"name": "None.for-in-1.0.2",
"product": {
"name": "None.for-in-1.0.2",
"product_id": "None.for-in-1.0.2",
"product_identification_helper": {
"purl": "pkg:npm/for-in@1.0.2"
}
}
},
{
"category": "product_version",
"name": "None.camelcase-4.1.0",
"product": {
"name": "None.camelcase-4.1.0",
"product_id": "None.camelcase-4.1.0",
"product_identification_helper": {
"purl": "pkg:npm/camelcase@4.1.0"
}
}
},
{
"category": "product_version",
"name": "None.copy-descriptor-0.1.1",
"product": {
"name": "None.copy-descriptor-0.1.1",
"product_id": "None.copy-descriptor-0.1.1",
"product_identification_helper": {
"purl": "pkg:npm/copy-descriptor@0.1.1"
}
}
},
{
"category": "product_version",
"name": "None.kind-of-4.0.0",
"product": {
"name": "None.kind-of-4.0.0",
"product_id": "None.kind-of-4.0.0",
"product_identification_helper": {
"purl": "pkg:npm/kind-of@4.0.0"
}
}
},
{
"category": "product_version",
"name": "None.static-extend-0.1.2",
"product": {
"name": "None.static-extend-0.1.2",
"product_id": "None.static-extend-0.1.2",
"product_identification_helper": {
"purl": "pkg:npm/static-extend@0.1.2"
}
}
},
{
"category": "product_version",
"name": "None.detect-file-1.0.0",
"product": {
"name": "None.detect-file-1.0.0",
"product_id": "None.detect-file-1.0.0",
"product_identification_helper": {
"purl": "pkg:npm/detect-file@1.0.0"
}
}
},
{
"category": "product_version",
"name": "None.array-unique-0.3.2",
"product": {
"name": "None.array-unique-0.3.2",
"product_id": "None.array-unique-0.3.2",
"product_identification_helper": {
"purl": "pkg:npm/array-unique@0.3.2"
}
}
},
{
"category": "product_version",
"name": "None.has-value-1.0.0",
"product": {
"name": "None.has-value-1.0.0",
"product_id": "None.has-value-1.0.0",
"product_identification_helper": {
"purl": "pkg:npm/has-value@1.0.0"
}
}
},
{
"category": "product_version",
"name": "None.aproba-1.2.0",
"product": {
"name": "None.aproba-1.2.0",
"product_id": "None.aproba-1.2.0",
"product_identification_helper": {
"purl": "pkg:npm/aproba@1.2.0"
}
}
},
{
"category": "product_version",
"name": "None.nth-check-1.0.2",
"product": {
"name": "None.nth-check-1.0.2",
"product_id": "None.nth-check-1.0.2",
"product_identification_helper": {
"purl": "pkg:npm/nth-check@1.0.2"
}
}
},
{
"category": "product_version",
"name": "None.regenerator-runtime-0.11.1",
"product": {
"name": "None.regenerator-runtime-0.11.1",
"product_id": "None.regenerator-runtime-0.11.1",
"product_identification_helper": {
"purl": "pkg:npm/regenerator-runtime@0.11.1"
}
}
},
{
"category": "product_version",
"name": "None.boolbase-1.0.0",
"product": {
"name": "None.boolbase-1.0.0",
"product_id": "None.boolbase-1.0.0",
"product_identification_helper": {
"purl": "pkg:npm/boolbase@1.0.0"
}
}
},
{
"category": "product_version",
"name": "None.expand-tilde-2.0.2",
"product": {
"name": "None.expand-tilde-2.0.2",
"product_id": "None.expand-tilde-2.0.2",
"product_identification_helper": {
"purl": "pkg:npm/expand-tilde@2.0.2"
}
}
},
{
"category": "product_version",
"name": "@mrmlnc.readdir-enhanced-2.2.1",
"product": {
"name": "@mrmlnc.readdir-enhanced-2.2.1",
"product_id": "@mrmlnc.readdir-enhanced-2.2.1",
"product_identification_helper": {
"purl": "pkg:npm/%40mrmlnc/readdir-enhanced@2.2.1"
}
}
},
{
"category": "product_version",
"name": "None.cache-base-1.0.1",
"product": {
"name": "None.cache-base-1.0.1",
"product_id": "None.cache-base-1.0.1",
"product_identification_helper": {
"purl": "pkg:npm/cache-base@1.0.1"
}
}
},
{
"category": "product_version",
"name": "None.websocket-extensions-0.1.3",
"product": {
"name": "None.websocket-extensions-0.1.3",
"product_id": "None.websocket-extensions-0.1.3",
"product_identification_helper": {
"purl": "pkg:npm/websocket-extensions@0.1.3"
}
}
},
{
"category": "product_version",
"name": "None.patternfly-bootstrap-treeview-2.1.5",
"product": {
"name": "None.patternfly-bootstrap-treeview-2.1.5",
"product_id": "None.patternfly-bootstrap-treeview-2.1.5",
"product_identification_helper": {
"purl": "pkg:npm/patternfly-bootstrap-treeview@2.1.5"
}
}
},
{
"category": "product_version",
"name": "None.isobject-3.0.1",
"product": {
"name": "None.isobject-3.0.1",
"product_id": "None.isobject-3.0.1",
"product_identification_helper": {
"purl": "pkg:npm/isobject@3.0.1"
}
}
},
{
"category": "product_version",
"name": "None.resolve-dir-1.0.1",
"product": {
"name": "None.resolve-dir-1.0.1",
"product_id": "None.resolve-dir-1.0.1",
"product_identification_helper": {
"purl": "pkg:npm/resolve-dir@1.0.1"
}
}
},
{
"category": "product_version",
"name": "None.glob-to-regexp-0.3.0",
"product": {
"name": "None.glob-to-regexp-0.3.0",
"product_id": "None.glob-to-regexp-0.3.0",
"product_identification_helper": {
"purl": "pkg:npm/glob-to-regexp@0.3.0"
}
}
},
{
"category": "product_version",
"name": "None.call-me-maybe-1.0.1",
"product": {
"name": "None.call-me-maybe-1.0.1",
"product_id": "None.call-me-maybe-1.0.1",
"product_identification_helper": {
"purl": "pkg:npm/call-me-maybe@1.0.1"
}
}
},
{
"category": "product_version",
"name": "None.is-finite-1.0.2",
"product": {
"name": "None.is-finite-1.0.2",
"product_id": "None.is-finite-1.0.2",
"product_identification_helper": {
"purl": "pkg:npm/is-finite@1.0.2"
}
}
},
{
"category": "product_version",
"name": "None.core-js-2.6.9",
"product": {
"name": "None.core-js-2.6.9",
"product_id": "None.core-js-2.6.9",
"product_identification_helper": {
"purl": "pkg:npm/core-js@2.6.9"
}
}
},
{
"category": "product_version",
"name": "None.jquery-match-height-0.7.2",
"product": {
"name": "None.jquery-match-height-0.7.2",
"product_id": "None.jquery-match-height-0.7.2",
"product_identification_helper": {
"purl": "pkg:npm/jquery-match-height@0.7.2"
}
}
},
{
"category": "product_version",
"name": "None.jquery-3.2.1",
"product": {
"name": "None.jquery-3.2.1",
"product_id": "None.jquery-3.2.1",
"product_identification_helper": {
"purl": "pkg:npm/jquery@3.2.1"
}
}
},
{
"category": "product_version",
"name": "None.arr-union-3.1.0",
"product": {
"name": "None.arr-union-3.1.0",
"product_id": "None.arr-union-3.1.0",
"product_identification_helper": {
"purl": "pkg:npm/arr-union@3.1.0"
}
}
},
{
"category": "product_version",
"name": "None.global-modules-1.0.0",
"product": {
"name": "None.global-modules-1.0.0",
"product_id": "None.global-modules-1.0.0",
"product_identification_helper": {
"purl": "pkg:npm/global-modules@1.0.0"
}
}
},
{
"category": "product_version",
"name": "None.astral-regex-1.0.0",
"product": {
"name": "None.astral-regex-1.0.0",
"product_id": "None.astral-regex-1.0.0",
"product_identification_helper": {
"purl": "pkg:npm/astral-regex@1.0.0"
}
}
},
{
"category": "product_version",
"name": "None.is-descriptor-0.1.6",
"product": {
"name": "None.is-descriptor-0.1.6",
"product_id": "None.is-descriptor-0.1.6",
"product_identification_helper": {
"purl": "pkg:npm/is-descriptor@0.1.6"
}
}
},
{
"category": "product_version",
"name": "@types.node-12.0.10",
"product": {
"name": "@types.node-12.0.10",
"product_id": "@types.node-12.0.10",
"product_identification_helper": {
"purl": "pkg:npm/%40types/node@12.0.10"
}
}
},
{
"category": "product_version",
"name": "None.level-codec-9.0.1",
"product": {
"name": "None.level-codec-9.0.1",
"product_id": "None.level-codec-9.0.1",
"product_identification_helper": {
"purl": "pkg:npm/level-codec@9.0.1"
}
}
},
{
"category": "product_version",
"name": "None.jstree-3.3.8",
"product": {
"name": "None.jstree-3.3.8",
"product_id": "None.jstree-3.3.8",
"product_identification_helper": {
"purl": "pkg:npm/jstree@3.3.8"
}
}
},
{
"category": "product_version",
"name": "None.ace-builds-1.4.5",
"product": {
"name": "None.ace-builds-1.4.5",
"product_id": "None.ace-builds-1.4.5",
"product_identification_helper": {
"purl": "pkg:npm/ace-builds@1.4.5"
}
}
},
{
"category": "product_version",
"name": "@types.d3-path-1.0.7",
"product": {
"name": "@types.d3-path-1.0.7",
"product_id": "@types.d3-path-1.0.7",
"product_identification_helper": {
"purl": "pkg:npm/%40types/d3-path@1.0.7"
}
}
},
{
"category": "product_version",
"name": "@types.d3-axis-1.0.10",
"product": {
"name": "@types.d3-axis-1.0.10",
"product_id": "@types.d3-axis-1.0.10",
"product_identification_helper": {
"purl": "pkg:npm/%40types/d3-axis@1.0.10"
}
}
},
{
"category": "product_version",
"name": "None.encoding-down-6.1.0",
"product": {
"name": "None.encoding-down-6.1.0",
"product_id": "None.encoding-down-6.1.0",
"product_identification_helper": {
"purl": "pkg:npm/encoding-down@6.1.0"
}
}
},
{
"category": "product_version",
"name": "None.postcss-safe-parser-4.0.1",
"product": {
"name": "None.postcss-safe-parser-4.0.1",
"product_id": "None.postcss-safe-parser-4.0.1",
"product_identification_helper": {
"purl": "pkg:npm/postcss-safe-parser@4.0.1"
}
}
},
{
"category": "product_version",
"name": "None.map-obj-1.0.1",
"product": {
"name": "None.map-obj-1.0.1",
"product_id": "None.map-obj-1.0.1",
"product_identification_helper": {
"purl": "pkg:npm/map-obj@1.0.1"
}
}
},
{
"category": "product_version",
"name": "None.collapse-white-space-1.0.5",
"product": {
"name": "None.collapse-white-space-1.0.5",
"product_id": "None.collapse-white-space-1.0.5",
"product_identification_helper": {
"purl": "pkg:npm/collapse-white-space@1.0.5"
}
}
},
{
"category": "product_version",
"name": "None.character-reference-invalid-1.1.3",
"product": {
"name": "None.character-reference-invalid-1.1.3",
"product_id": "None.character-reference-invalid-1.1.3",
"product_identification_helper": {
"purl": "pkg:npm/character-reference-invalid@1.1.3"
}
}
},
{
"category": "product_version",
"name": "None.mixin-deep-1.3.2",
"product": {
"name": "None.mixin-deep-1.3.2",
"product_id": "None.mixin-deep-1.3.2",
"product_identification_helper": {
"purl": "pkg:npm/mixin-deep@1.3.2"
}
}
},
{
"category": "product_version",
"name": "@types.d3-force-1.1.1",
"product": {
"name": "@types.d3-force-1.1.1",
"product_id": "@types.d3-force-1.1.1",
"product_identification_helper": {
"purl": "pkg:npm/%40types/d3-force@1.1.1"
}
}
},
{
"category": "product_version",
"name": "None.is-regexp-2.1.0",
"product": {
"name": "None.is-regexp-2.1.0",
"product_id": "None.is-regexp-2.1.0",
"product_identification_helper": {
"purl": "pkg:npm/is-regexp@2.1.0"
}
}
},
{
"category": "product_version",
"name": "None.level-iterator-stream-4.0.1",
"product": {
"name": "None.level-iterator-stream-4.0.1",
"product_id": "None.level-iterator-stream-4.0.1",
"product_identification_helper": {
"purl": "pkg:npm/level-iterator-stream@4.0.1"
}
}
},
{
"category": "product_version",
"name": "None.d3-contour-1.3.2",
"product": {
"name": "None.d3-contour-1.3.2",
"product_id": "None.d3-contour-1.3.2",
"product_identification_helper": {
"purl": "pkg:npm/d3-contour@1.3.2"
}
}
},
{
"category": "product_version",
"name": "None.psl-1.1.33",
"product": {
"name": "None.psl-1.1.33",
"product_id": "None.psl-1.1.33",
"product_identification_helper": {
"purl": "pkg:npm/psl@1.1.33"
}
}
},
{
"category": "product_version",
"name": "None.remark-parse-6.0.3",
"product": {
"name": "None.remark-parse-6.0.3",
"product_id": "None.remark-parse-6.0.3",
"product_identification_helper": {
"purl": "pkg:npm/remark-parse@6.0.3"
}
}
},
{
"category": "product_version",
"name": "None.leveldown-5.0.2",
"product": {
"name": "None.leveldown-5.0.2",
"product_id": "None.leveldown-5.0.2",
"product_identification_helper": {
"purl": "pkg:npm/leveldown@5.0.2"
}
}
},
{
"category": "product_version",
"name": "None.dir-glob-2.2.2",
"product": {
"name": "None.dir-glob-2.2.2",
"product_id": "None.dir-glob-2.2.2",
"product_identification_helper": {
"purl": "pkg:npm/dir-glob@2.2.2"
}
}
},
{
"category": "product_version",
"name": "None.glob-5.0.15",
"product": {
"name": "None.glob-5.0.15",
"product_id": "None.glob-5.0.15",
"product_identification_helper": {
"purl": "pkg:npm/glob@5.0.15"
}
}
},
{
"category": "product_version",
"name": "None.bytes-1.0.0",
"product": {
"name": "None.bytes-1.0.0",
"product_id": "None.bytes-1.0.0",
"product_identification_helper": {
"purl": "pkg:npm/bytes@1.0.0"
}
}
},
{
"category": "product_version",
"name": "None.autocompleter-4.0.2",
"product": {
"name": "None.autocompleter-4.0.2",
"product_id": "None.autocompleter-4.0.2",
"product_identification_helper": {
"purl": "pkg:npm/autocompleter@4.0.2"
}
}
},
{
"category": "product_version",
"name": "None.camelcase-keys-2.1.0",
"product": {
"name": "None.camelcase-keys-2.1.0",
"product_id": "None.camelcase-keys-2.1.0",
"product_identification_helper": {
"purl": "pkg:npm/camelcase-keys@2.1.0"
}
}
},
{
"category": "product_version",
"name": "@types.d3-ease-1.0.7",
"product": {
"name": "@types.d3-ease-1.0.7",
"product_id": "@types.d3-ease-1.0.7",
"product_identification_helper": {
"purl": "pkg:npm/%40types/d3-ease@1.0.7"
}
}
},
{
"category": "product_version",
"name": "None.resolve-from-5.0.0",
"product": {
"name": "None.resolve-from-5.0.0",
"product_id": "None.resolve-from-5.0.0",
"product_identification_helper": {
"purl": "pkg:npm/resolve-from@5.0.0"
}
}
},
{
"category": "product_version",
"name": "None.env-paths-1.0.0",
"product": {
"name": "None.env-paths-1.0.0",
"product_id": "None.env-paths-1.0.0",
"product_identification_helper": {
"purl": "pkg:npm/env-paths@1.0.0"
}
}
},
{
"category": "product_version",
"name": "None.estraverse-4.1.0",
"product": {
"name": "None.estraverse-4.1.0",
"product_id": "None.estraverse-4.1.0",
"product_identification_helper": {
"purl": "pkg:npm/estraverse@4.1.0"
}
}
},
{
"category": "product_version",
"name": "@babel.types-7.4.4",
"product": {
"name": "@babel.types-7.4.4",
"product_id": "@babel.types-7.4.4",
"product_identification_helper": {
"purl": "pkg:npm/%40babel/types@7.4.4"
}
}
},
{
"category": "product_version",
"name": "@types.d3-collection-1.0.7",
"product": {
"name": "@types.d3-collection-1.0.7",
"product_id": "@types.d3-collection-1.0.7",
"product_identification_helper": {
"purl": "pkg:npm/%40types/d3-collection@1.0.7"
}
}
},
{
"category": "product_version",
"name": "None.v8flags-3.1.3",
"product": {
"name": "None.v8flags-3.1.3",
"product_id": "None.v8flags-3.1.3",
"product_identification_helper": {
"purl": "pkg:npm/v8flags@3.1.3"
}
}
},
{
"category": "product_version",
"name": "None.specificity-0.4.1",
"product": {
"name": "None.specificity-0.4.1",
"product_id": "None.specificity-0.4.1",
"product_identification_helper": {
"purl": "pkg:npm/specificity@0.4.1"
}
}
},
{
"category": "product_version",
"name": "None.level-packager-5.0.2",
"product": {
"name": "None.level-packager-5.0.2",
"product_id": "None.level-packager-5.0.2",
"product_identification_helper": {
"purl": "pkg:npm/level-packager@5.0.2"
}
}
},
{
"category": "product_version",
"name": "None.glob-7.0.6",
"product": {
"name": "None.glob-7.0.6",
"product_id": "None.glob-7.0.6",
"product_identification_helper": {
"purl": "pkg:npm/glob@7.0.6"
}
}
},
{
"category": "product_version",
"name": "None.clone-regexp-2.2.0",
"product": {
"name": "None.clone-regexp-2.2.0",
"product_id": "None.clone-regexp-2.2.0",
"product_identification_helper": {
"purl": "pkg:npm/clone-regexp@2.2.0"
}
}
},
{
"category": "product_version",
"name": "@types.d3-random-1.1.1",
"product": {
"name": "@types.d3-random-1.1.1",
"product_id": "@types.d3-random-1.1.1",
"product_identification_helper": {
"purl": "pkg:npm/%40types/d3-random@1.1.1"
}
}
},
{
"category": "product_version",
"name": "None.micromatch-4.0.2",
"product": {
"name": "None.micromatch-4.0.2",
"product_id": "None.micromatch-4.0.2",
"product_identification_helper": {
"purl": "pkg:npm/micromatch@4.0.2"
}
}
},
{
"category": "product_version",
"name": "None.findup-sync-2.0.0",
"product": {
"name": "None.findup-sync-2.0.0",
"product_id": "None.findup-sync-2.0.0",
"product_identification_helper": {
"purl": "pkg:npm/findup-sync@2.0.0"
}
}
},
{
"category": "product_version",
"name": "None.d3-path-1.0.7",
"product": {
"name": "None.d3-path-1.0.7",
"product_id": "None.d3-path-1.0.7",
"product_identification_helper": {
"purl": "pkg:npm/d3-path@1.0.7"
}
}
},
{
"category": "product_version",
"name": "None.indent-string-2.1.0",
"product": {
"name": "None.indent-string-2.1.0",
"product_id": "None.indent-string-2.1.0",
"product_identification_helper": {
"purl": "pkg:npm/indent-string@2.1.0"
}
}
},
{
"category": "product_version",
"name": "None.is-alphabetical-1.0.3",
"product": {
"name": "None.is-alphabetical-1.0.3",
"product_id": "None.is-alphabetical-1.0.3",
"product_identification_helper": {
"purl": "pkg:npm/is-alphabetical@1.0.3"
}
}
},
{
"category": "product_version",
"name": "None.read-pkg-up-3.0.0",
"product": {
"name": "None.read-pkg-up-3.0.0",
"product_id": "None.read-pkg-up-3.0.0",
"product_identification_helper": {
"purl": "pkg:npm/read-pkg-up@3.0.0"
}
}
},
{
"category": "product_version",
"name": "None.state-toggle-1.0.2",
"product": {
"name": "None.state-toggle-1.0.2",
"product_id": "None.state-toggle-1.0.2",
"product_identification_helper": {
"purl": "pkg:npm/state-toggle@1.0.2"
}
}
},
{
"category": "product_version",
"name": "@types.d3-interpolate-1.2.0",
"product": {
"name": "@types.d3-interpolate-1.2.0",
"product_id": "@types.d3-interpolate-1.2.0",
"product_identification_helper": {
"purl": "pkg:npm/%40types/d3-interpolate@1.2.0"
}
}
},
{
"category": "product_version",
"name": "None.d3-drag-1.2.3",
"product": {
"name": "None.d3-drag-1.2.3",
"product_id": "None.d3-drag-1.2.3",
"product_identification_helper": {
"purl": "pkg:npm/d3-drag@1.2.3"
}
}
},
{
"category": "product_version",
"name": "@types.d3-shape-1.2.3",
"product": {
"name": "@types.d3-shape-1.2.3",
"product_id": "@types.d3-shape-1.2.3",
"product_identification_helper": {
"purl": "pkg:npm/%40types/d3-shape@1.2.3"
}
}
},
{
"category": "product_version",
"name": "None.ccount-1.0.4",
"product": {
"name": "None.ccount-1.0.4",
"product_id": "None.ccount-1.0.4",
"product_identification_helper": {
"purl": "pkg:npm/ccount@1.0.4"
}
}
},
{
"category": "product_version",
"name": "None.minizlib-1.2.1",
"product": {
"name": "None.minizlib-1.2.1",
"product_id": "None.minizlib-1.2.1",
"product_identification_helper": {
"purl": "pkg:npm/minizlib@1.2.1"
}
}
},
{
"category": "product_version",
"name": "None.electron-to-chromium-1.3.174",
"product": {
"name": "None.electron-to-chromium-1.3.174",
"product_id": "None.electron-to-chromium-1.3.174",
"product_identification_helper": {
"purl": "pkg:npm/electron-to-chromium@1.3.174"
}
}
},
{
"category": "product_version",
"name": "None.image-size-0.5.5",
"product": {
"name": "None.image-size-0.5.5",
"product_id": "None.image-size-0.5.5",
"product_identification_helper": {
"purl": "pkg:npm/image-size@0.5.5"
}
}
},
{
"category": "product_version",
"name": "None.unist-util-find-all-after-1.0.4",
"product": {
"name": "None.unist-util-find-all-after-1.0.4",
"product_id": "None.unist-util-find-all-after-1.0.4",
"product_identification_helper": {
"purl": "pkg:npm/unist-util-find-all-after@1.0.4"
}
}
},
{
"category": "product_version",
"name": "None.bootstrap-switch-3.3.5",
"product": {
"name": "None.bootstrap-switch-3.3.5",
"product_id": "None.bootstrap-switch-3.3.5",
"product_identification_helper": {
"purl": "pkg:npm/bootstrap-switch@3.3.5"
}
}
},
{
"category": "product_version",
"name": "None.findup-sync-0.3.0",
"product": {
"name": "None.findup-sync-0.3.0",
"product_id": "None.findup-sync-0.3.0",
"product_identification_helper": {
"purl": "pkg:npm/findup-sync@0.3.0"
}
}
},
{
"category": "product_version",
"name": "None.import-lazy-4.0.0",
"product": {
"name": "None.import-lazy-4.0.0",
"product_id": "None.import-lazy-4.0.0",
"product_identification_helper": {
"purl": "pkg:npm/import-lazy@4.0.0"
}
}
},
{
"category": "product_version",
"name": "None.gauge-2.7.4",
"product": {
"name": "None.gauge-2.7.4",
"product_id": "None.gauge-2.7.4",
"product_identification_helper": {
"purl": "pkg:npm/gauge@2.7.4"
}
}
},
{
"category": "product_version",
"name": "None.postcss-less-3.1.4",
"product": {
"name": "None.postcss-less-3.1.4",
"product_id": "None.postcss-less-3.1.4",
"product_identification_helper": {
"purl": "pkg:npm/postcss-less@3.1.4"
}
}
},
{
"category": "product_version",
"name": "None.object.defaults-1.1.0",
"product": {
"name": "None.object.defaults-1.1.0",
"product_id": "None.object.defaults-1.1.0",
"product_identification_helper": {
"purl": "pkg:npm/object.defaults@1.1.0"
}
}
},
{
"category": "product_version",
"name": "None.d3-voronoi-1.1.4",
"product": {
"name": "None.d3-voronoi-1.1.4",
"product_id": "None.d3-voronoi-1.1.4",
"product_identification_helper": {
"purl": "pkg:npm/d3-voronoi@1.1.4"
}
}
},
{
"category": "product_version",
"name": "None.table-5.4.1",
"product": {
"name": "None.table-5.4.1",
"product_id": "None.table-5.4.1",
"product_identification_helper": {
"purl": "pkg:npm/table@5.4.1"
}
}
},
{
"category": "product_version",
"name": "None.typedarray-to-buffer-3.1.5",
"product": {
"name": "None.typedarray-to-buffer-3.1.5",
"product_id": "None.typedarray-to-buffer-3.1.5",
"product_identification_helper": {
"purl": "pkg:npm/typedarray-to-buffer@3.1.5"
}
}
},
{
"category": "product_version",
"name": "None.minimist-1.1.3",
"product": {
"name": "None.minimist-1.1.3",
"product_id": "None.minimist-1.1.3",
"product_identification_helper": {
"purl": "pkg:npm/minimist@1.1.3"
}
}
},
{
"category": "product_version",
"name": "None.load-json-file-1.1.0",
"product": {
"name": "None.load-json-file-1.1.0",
"product_id": "None.load-json-file-1.1.0",
"product_identification_helper": {
"purl": "pkg:npm/load-json-file@1.1.0"
}
}
},
{
"category": "product_version",
"name": "None.bootstrap-select-1.13.10",
"product": {
"name": "None.bootstrap-select-1.13.10",
"product_id": "None.bootstrap-select-1.13.10",
"product_identification_helper": {
"purl": "pkg:npm/bootstrap-select@1.13.10"
}
}
},
{
"category": "product_version",
"name": "None.level-js-4.0.1",
"product": {
"name": "None.level-js-4.0.1",
"product_id": "None.level-js-4.0.1",
"product_identification_helper": {
"purl": "pkg:npm/level-js@4.0.1"
}
}
},
{
"category": "product_version",
"name": "None.parse5-1.5.1",
"product": {
"name": "None.parse5-1.5.1",
"product_id": "None.parse5-1.5.1",
"product_identification_helper": {
"purl": "pkg:npm/parse5@1.5.1"
}
}
},
{
"category": "product_version",
"name": "None.node-gyp-build-3.8.0",
"product": {
"name": "None.node-gyp-build-3.8.0",
"product_id": "None.node-gyp-build-3.8.0",
"product_identification_helper": {
"purl": "pkg:npm/node-gyp-build@3.8.0"
}
}
},
{
"category": "product_version",
"name": "None.currently-unhandled-0.4.1",
"product": {
"name": "None.currently-unhandled-0.4.1",
"product_id": "None.currently-unhandled-0.4.1",
"product_identification_helper": {
"purl": "pkg:npm/currently-unhandled@0.4.1"
}
}
},
{
"category": "product_version",
"name": "None.path-exists-2.1.0",
"product": {
"name": "None.path-exists-2.1.0",
"product_id": "None.path-exists-2.1.0",
"product_identification_helper": {
"purl": "pkg:npm/path-exists@2.1.0"
}
}
},
{
"category": "product_version",
"name": "None.bail-1.0.4",
"product": {
"name": "None.bail-1.0.4",
"product_id": "None.bail-1.0.4",
"product_identification_helper": {
"purl": "pkg:npm/bail@1.0.4"
}
}
},
{
"category": "product_version",
"name": "None.is-alphanumerical-1.0.3",
"product": {
"name": "None.is-alphanumerical-1.0.3",
"product_id": "None.is-alphanumerical-1.0.3",
"product_identification_helper": {
"purl": "pkg:npm/is-alphanumerical@1.0.3"
}
}
},
{
"category": "product_version",
"name": "@babel.template-7.4.4",
"product": {
"name": "@babel.template-7.4.4",
"product_id": "@babel.template-7.4.4",
"product_identification_helper": {
"purl": "pkg:npm/%40babel/template@7.4.4"
}
}
},
{
"category": "product_version",
"name": "None.symbol-tree-3.2.4",
"product": {
"name": "None.symbol-tree-3.2.4",
"product_id": "None.symbol-tree-3.2.4",
"product_identification_helper": {
"purl": "pkg:npm/symbol-tree@3.2.4"
}
}
},
{
"category": "product_version",
"name": "None.coffeescript-1.10.0",
"product": {
"name": "None.coffeescript-1.10.0",
"product_id": "None.coffeescript-1.10.0",
"product_identification_helper": {
"purl": "pkg:npm/coffeescript@1.10.0"
}
}
},
{
"category": "product_version",
"name": "None.d3-transition-1.2.0",
"product": {
"name": "None.d3-transition-1.2.0",
"product_id": "None.d3-transition-1.2.0",
"product_identification_helper": {
"purl": "pkg:npm/d3-transition@1.2.0"
}
}
},
{
"category": "product_version",
"name": "None.pixrem-5.0.0",
"product": {
"name": "None.pixrem-5.0.0",
"product_id": "None.pixrem-5.0.0",
"product_identification_helper": {
"purl": "pkg:npm/pixrem@5.0.0"
}
}
},
{
"category": "product_version",
"name": "None.async-2.6.2",
"product": {
"name": "None.async-2.6.2",
"product_id": "None.async-2.6.2",
"product_identification_helper": {
"purl": "pkg:npm/async@2.6.2"
}
}
},
{
"category": "product_version",
"name": "None.gaze-1.1.3",
"product": {
"name": "None.gaze-1.1.3",
"product_id": "None.gaze-1.1.3",
"product_identification_helper": {
"purl": "pkg:npm/gaze@1.1.3"
}
}
},
{
"category": "product_version",
"name": "None.core-js-0.9.18",
"product": {
"name": "None.core-js-0.9.18",
"product_id": "None.core-js-0.9.18",
"product_identification_helper": {
"purl": "pkg:npm/core-js@0.9.18"
}
}
},
{
"category": "product_version",
"name": "None.interpret-1.1.0",
"product": {
"name": "None.interpret-1.1.0",
"product_id": "None.interpret-1.1.0",
"product_identification_helper": {
"purl": "pkg:npm/interpret@1.1.0"
}
}
},
{
"category": "product_version",
"name": "None.unist-util-remove-position-1.1.3",
"product": {
"name": "None.unist-util-remove-position-1.1.3",
"product_id": "None.unist-util-remove-position-1.1.3",
"product_identification_helper": {
"purl": "pkg:npm/unist-util-remove-position@1.1.3"
}
}
},
{
"category": "product_version",
"name": "None.gzip-size-3.0.0",
"product": {
"name": "None.gzip-size-3.0.0",
"product_id": "None.gzip-size-3.0.0",
"product_identification_helper": {
"purl": "pkg:npm/gzip-size@3.0.0"
}
}
},
{
"category": "product_version",
"name": "@types.c3-0.6.0",
"product": {
"name": "@types.c3-0.6.0",
"product_id": "@types.c3-0.6.0",
"product_identification_helper": {
"purl": "pkg:npm/%40types/c3@0.6.0"
}
}
},
{
"category": "product_version",
"name": "None.execall-2.0.0",
"product": {
"name": "None.execall-2.0.0",
"product_id": "None.execall-2.0.0",
"product_identification_helper": {
"purl": "pkg:npm/execall@2.0.0"
}
}
},
{
"category": "product_version",
"name": "None.less-3.9.0",
"product": {
"name": "None.less-3.9.0",
"product_id": "None.less-3.9.0",
"product_identification_helper": {
"purl": "pkg:npm/less@3.9.0"
}
}
},
{
"category": "product_version",
"name": "@types.d3-timer-1.0.7",
"product": {
"name": "@types.d3-timer-1.0.7",
"product_id": "@types.d3-timer-1.0.7",
"product_identification_helper": {
"purl": "pkg:npm/%40types/d3-timer@1.0.7"
}
}
},
{
"category": "product_version",
"name": "None.emoji-regex-8.0.0",
"product": {
"name": "None.emoji-regex-8.0.0",
"product_id": "None.emoji-regex-8.0.0",
"product_identification_helper": {
"purl": "pkg:npm/emoji-regex@8.0.0"
}
}
},
{
"category": "product_version",
"name": "@types.d3-drag-1.2.1",
"product": {
"name": "@types.d3-drag-1.2.1",
"product_id": "@types.d3-drag-1.2.1",
"product_identification_helper": {
"purl": "pkg:npm/%40types/d3-drag@1.2.1"
}
}
},
{
"category": "product_version",
"name": "None.union-value-1.0.1",
"product": {
"name": "None.union-value-1.0.1",
"product_id": "None.union-value-1.0.1",
"product_identification_helper": {
"purl": "pkg:npm/union-value@1.0.1"
}
}
},
{
"category": "product_version",
"name": "@types.d3-array-1.2.1",
"product": {
"name": "@types.d3-array-1.2.1",
"product_id": "@types.d3-array-1.2.1",
"product_identification_helper": {
"purl": "pkg:npm/%40types/d3-array@1.2.1"
}
}
},
{
"category": "product_version",
"name": "None.unist-util-stringify-position-1.1.2",
"product": {
"name": "None.unist-util-stringify-position-1.1.2",
"product_id": "None.unist-util-stringify-position-1.1.2",
"product_identification_helper": {
"purl": "pkg:npm/unist-util-stringify-position@1.1.2"
}
}
},
{
"category": "product_version",
"name": "None.readable-stream-1.0.33",
"product": {
"name": "None.readable-stream-1.0.33",
"product_id": "None.readable-stream-1.0.33",
"product_identification_helper": {
"purl": "pkg:npm/readable-stream@1.0.33"
}
}
},
{
"category": "product_version",
"name": "None.num2fraction-1.2.2",
"product": {
"name": "None.num2fraction-1.2.2",
"product_id": "None.num2fraction-1.2.2",
"product_identification_helper": {
"purl": "pkg:npm/num2fraction@1.2.2"
}
}
},
{
"category": "product_version",
"name": "None.escape-html-1.0.2",
"product": {
"name": "None.escape-html-1.0.2",
"product_id": "None.escape-html-1.0.2",
"product_identification_helper": {
"purl": "pkg:npm/escape-html@1.0.2"
}
}
},
{
"category": "product_version",
"name": "None.markdown-escapes-1.0.3",
"product": {
"name": "None.markdown-escapes-1.0.3",
"product_id": "None.markdown-escapes-1.0.3",
"product_identification_helper": {
"purl": "pkg:npm/markdown-escapes@1.0.3"
}
}
},
{
"category": "product_version",
"name": "None.continuable-cache-0.3.1",
"product": {
"name": "None.continuable-cache-0.3.1",
"product_id": "None.continuable-cache-0.3.1",
"product_identification_helper": {
"purl": "pkg:npm/continuable-cache@0.3.1"
}
}
},
{
"category": "product_version",
"name": "None.unist-util-visit-parents-2.1.2",
"product": {
"name": "None.unist-util-visit-parents-2.1.2",
"product_id": "None.unist-util-visit-parents-2.1.2",
"product_identification_helper": {
"purl": "pkg:npm/unist-util-visit-parents@2.1.2"
}
}
},
{
"category": "product_version",
"name": "None.yargs-parser-10.1.0",
"product": {
"name": "None.yargs-parser-10.1.0",
"product_id": "None.yargs-parser-10.1.0",
"product_identification_helper": {
"purl": "pkg:npm/yargs-parser@10.1.0"
}
}
},
{
"category": "product_version",
"name": "None.d3-force-1.2.1",
"product": {
"name": "None.d3-force-1.2.1",
"product_id": "None.d3-force-1.2.1",
"product_identification_helper": {
"purl": "pkg:npm/d3-force@1.2.1"
}
}
},
{
"category": "product_version",
"name": "None.through2-3.0.1",
"product": {
"name": "None.through2-3.0.1",
"product_id": "None.through2-3.0.1",
"product_identification_helper": {
"purl": "pkg:npm/through2@3.0.1"
}
}
},
{
"category": "product_version",
"name": "None.trim-newlines-2.0.0",
"product": {
"name": "None.trim-newlines-2.0.0",
"product_id": "None.trim-newlines-2.0.0",
"product_identification_helper": {
"purl": "pkg:npm/trim-newlines@2.0.0"
}
}
},
{
"category": "product_version",
"name": "None.fetch-cookie-0.7.0",
"product": {
"name": "None.fetch-cookie-0.7.0",
"product_id": "None.fetch-cookie-0.7.0",
"product_identification_helper": {
"purl": "pkg:npm/fetch-cookie@0.7.0"
}
}
},
{
"category": "product_version",
"name": "None.cosmiconfig-5.2.1",
"product": {
"name": "None.cosmiconfig-5.2.1",
"product_id": "None.cosmiconfig-5.2.1",
"product_identification_helper": {
"purl": "pkg:npm/cosmiconfig@5.2.1"
}
}
},
{
"category": "product_version",
"name": "@babel.core-7.4.5",
"product": {
"name": "@babel.core-7.4.5",
"product_id": "@babel.core-7.4.5",
"product_identification_helper": {
"purl": "pkg:npm/%40babel/core@7.4.5"
}
}
},
{
"category": "product_version",
"name": "None.string-template-0.2.1",
"product": {
"name": "None.string-template-0.2.1",
"product_id": "None.string-template-0.2.1",
"product_identification_helper": {
"purl": "pkg:npm/string-template@0.2.1"
}
}
},
{
"category": "product_version",
"name": "None.optionator-0.5.0",
"product": {
"name": "None.optionator-0.5.0",
"product_id": "None.optionator-0.5.0",
"product_identification_helper": {
"purl": "pkg:npm/optionator@0.5.0"
}
}
},
{
"category": "product_version",
"name": "None.gonzales-pe-4.2.4",
"product": {
"name": "None.gonzales-pe-4.2.4",
"product_id": "None.gonzales-pe-4.2.4",
"product_identification_helper": {
"purl": "pkg:npm/gonzales-pe@4.2.4"
}
}
},
{
"category": "product_version",
"name": "None.mdast-util-compact-1.0.3",
"product": {
"name": "None.mdast-util-compact-1.0.3",
"product_id": "None.mdast-util-compact-1.0.3",
"product_identification_helper": {
"purl": "pkg:npm/mdast-util-compact@1.0.3"
}
}
},
{
"category": "product_version",
"name": "None.d3-shape-1.3.5",
"product": {
"name": "None.d3-shape-1.3.5",
"product_id": "None.d3-shape-1.3.5",
"product_identification_helper": {
"purl": "pkg:npm/d3-shape@1.3.5"
}
}
},
{
"category": "product_version",
"name": "None.datatables.net-keytable-2.5.0",
"product": {
"name": "None.datatables.net-keytable-2.5.0",
"product_id": "None.datatables.net-keytable-2.5.0",
"product_identification_helper": {
"purl": "pkg:npm/datatables.net-keytable@2.5.0"
}
}
},
{
"category": "product_version",
"name": "None.fs-minipass-1.2.6",
"product": {
"name": "None.fs-minipass-1.2.6",
"product_id": "None.fs-minipass-1.2.6",
"product_identification_helper": {
"purl": "pkg:npm/fs-minipass@1.2.6"
}
}
},
{
"category": "product_version",
"name": "None.levelup-4.0.2",
"product": {
"name": "None.levelup-4.0.2",
"product_id": "None.levelup-4.0.2",
"product_identification_helper": {
"purl": "pkg:npm/levelup@4.0.2"
}
}
},
{
"category": "product_version",
"name": "None.minimist-1.1.1",
"product": {
"name": "None.minimist-1.1.1",
"product_id": "None.minimist-1.1.1",
"product_identification_helper": {
"purl": "pkg:npm/minimist@1.1.1"
}
}
},
{
"category": "product_version",
"name": "None.postcss-7.0.17",
"product": {
"name": "None.postcss-7.0.17",
"product_id": "None.postcss-7.0.17",
"product_identification_helper": {
"purl": "pkg:npm/postcss@7.0.17"
}
}
},
{
"category": "product_version",
"name": "None.strip-bom-2.0.0",
"product": {
"name": "None.strip-bom-2.0.0",
"product_id": "None.strip-bom-2.0.0",
"product_identification_helper": {
"purl": "pkg:npm/strip-bom@2.0.0"
}
}
},
{
"category": "product_version",
"name": "@babel.generator-7.4.4",
"product": {
"name": "@babel.generator-7.4.4",
"product_id": "@babel.generator-7.4.4",
"product_identification_helper": {
"purl": "pkg:npm/%40babel/generator@7.4.4"
}
}
},
{
"category": "product_version",
"name": "None.strip-indent-2.0.0",
"product": {
"name": "None.strip-indent-2.0.0",
"product_id": "None.strip-indent-2.0.0",
"product_identification_helper": {
"purl": "pkg:npm/strip-indent@2.0.0"
}
}
},
{
"category": "product_version",
"name": "None.character-entities-html4-1.1.3",
"product": {
"name": "None.character-entities-html4-1.1.3",
"product_id": "None.character-entities-html4-1.1.3",
"product_identification_helper": {
"purl": "pkg:npm/character-entities-html4@1.1.3"
}
}
},
{
"category": "product_version",
"name": "@types.d3-geo-1.10.3",
"product": {
"name": "@types.d3-geo-1.10.3",
"product_id": "@types.d3-geo-1.10.3",
"product_identification_helper": {
"purl": "pkg:npm/%40types/d3-geo@1.10.3"
}
}
},
{
"category": "product_version",
"name": "None.datatables.net-colreorder-1.4.1",
"product": {
"name": "None.datatables.net-colreorder-1.4.1",
"product_id": "None.datatables.net-colreorder-1.4.1",
"product_identification_helper": {
"purl": "pkg:npm/datatables.net-colreorder@1.4.1"
}
}
},
{
"category": "product_version",
"name": "None.markdown-table-1.1.3",
"product": {
"name": "None.markdown-table-1.1.3",
"product_id": "None.markdown-table-1.1.3",
"product_identification_helper": {
"purl": "pkg:npm/markdown-table@1.1.3"
}
}
},
{
"category": "product_version",
"name": "None.path-root-regex-0.1.2",
"product": {
"name": "None.path-root-regex-0.1.2",
"product_id": "None.path-root-regex-0.1.2",
"product_identification_helper": {
"purl": "pkg:npm/path-root-regex@0.1.2"
}
}
},
{
"category": "product_version",
"name": "None.opencollective-postinstall-2.0.2",
"product": {
"name": "None.opencollective-postinstall-2.0.2",
"product_id": "None.opencollective-postinstall-2.0.2",
"product_identification_helper": {
"purl": "pkg:npm/opencollective-postinstall@2.0.2"
}
}
},
{
"category": "product_version",
"name": "@types.d3-polygon-1.0.6",
"product": {
"name": "@types.d3-polygon-1.0.6",
"product_id": "@types.d3-polygon-1.0.6",
"product_identification_helper": {
"purl": "pkg:npm/%40types/d3-polygon@1.0.6"
}
}
},
{
"category": "product_version",
"name": "None.safe-json-parse-1.0.1",
"product": {
"name": "None.safe-json-parse-1.0.1",
"product_id": "None.safe-json-parse-1.0.1",
"product_identification_helper": {
"purl": "pkg:npm/safe-json-parse@1.0.1"
}
}
},
{
"category": "product_version",
"name": "None.for-own-1.0.0",
"product": {
"name": "None.for-own-1.0.0",
"product_id": "None.for-own-1.0.0",
"product_identification_helper": {
"purl": "pkg:npm/for-own@1.0.0"
}
}
},
{
"category": "product_version",
"name": "None.estraverse-1.9.3",
"product": {
"name": "None.estraverse-1.9.3",
"product_id": "None.estraverse-1.9.3",
"product_identification_helper": {
"purl": "pkg:npm/estraverse@1.9.3"
}
}
},
{
"category": "product_version",
"name": "None.whatwg-url-compat-0.6.5",
"product": {
"name": "None.whatwg-url-compat-0.6.5",
"product_id": "None.whatwg-url-compat-0.6.5",
"product_identification_helper": {
"purl": "pkg:npm/whatwg-url-compat@0.6.5"
}
}
},
{
"category": "product_version",
"name": "None.figures-1.7.0",
"product": {
"name": "None.figures-1.7.0",
"product_id": "None.figures-1.7.0",
"product_identification_helper": {
"purl": "pkg:npm/figures@1.7.0"
}
}
},
{
"category": "product_version",
"name": "None.source-map-0.2.0",
"product": {
"name": "None.source-map-0.2.0",
"product_id": "None.source-map-0.2.0",
"product_identification_helper": {
"purl": "pkg:npm/source-map@0.2.0"
}
}
},
{
"category": "product_version",
"name": "None.console-control-strings-1.1.0",
"product": {
"name": "None.console-control-strings-1.1.0",
"product_id": "None.console-control-strings-1.1.0",
"product_identification_helper": {
"purl": "pkg:npm/console-control-strings@1.1.0"
}
}
},
{
"category": "product_version",
"name": "None.acorn-2.7.0",
"product": {
"name": "None.acorn-2.7.0",
"product_id": "None.acorn-2.7.0",
"product_identification_helper": {
"purl": "pkg:npm/acorn@2.7.0"
}
}
},
{
"category": "product_version",
"name": "None.bootstrap-datepicker-1.9.0",
"product": {
"name": "None.bootstrap-datepicker-1.9.0",
"product_id": "None.bootstrap-datepicker-1.9.0",
"product_identification_helper": {
"purl": "pkg:npm/bootstrap-datepicker@1.9.0"
}
}
},
{
"category": "product_version",
"name": "None.is-word-character-1.0.3",
"product": {
"name": "None.is-word-character-1.0.3",
"product_id": "None.is-word-character-1.0.3",
"product_identification_helper": {
"purl": "pkg:npm/is-word-character@1.0.3"
}
}
},
{
"category": "product_version",
"name": "None.eventemitter2-0.4.14",
"product": {
"name": "None.eventemitter2-0.4.14",
"product_id": "None.eventemitter2-0.4.14",
"product_identification_helper": {
"purl": "pkg:npm/eventemitter2@0.4.14"
}
}
},
{
"category": "product_version",
"name": "None.braces-3.0.2",
"product": {
"name": "None.braces-3.0.2",
"product_id": "None.braces-3.0.2",
"product_identification_helper": {
"purl": "pkg:npm/braces@3.0.2"
}
}
},
{
"category": "product_version",
"name": "None.grunt-contrib-copy-1.0.0",
"product": {
"name": "None.grunt-contrib-copy-1.0.0",
"product_id": "None.grunt-contrib-copy-1.0.0",
"product_identification_helper": {
"purl": "pkg:npm/grunt-contrib-copy@1.0.0"
}
}
},
{
"category": "product_version",
"name": "None.vfile-location-2.0.5",
"product": {
"name": "None.vfile-location-2.0.5",
"product_id": "None.vfile-location-2.0.5",
"product_identification_helper": {
"purl": "pkg:npm/vfile-location@2.0.5"
}
}
},
{
"category": "product_version",
"name": "None.espree-2.2.0",
"product": {
"name": "None.espree-2.2.0",
"product_id": "None.espree-2.2.0",
"product_identification_helper": {
"purl": "pkg:npm/espree@2.2.0"
}
}
},
{
"category": "product_version",
"name": "None.mathml-tag-names-2.1.1",
"product": {
"name": "None.mathml-tag-names-2.1.1",
"product_id": "None.mathml-tag-names-2.1.1",
"product_identification_helper": {
"purl": "pkg:npm/mathml-tag-names@2.1.1"
}
}
},
{
"category": "product_version",
"name": "@types.d3-chord-1.0.7",
"product": {
"name": "@types.d3-chord-1.0.7",
"product_id": "@types.d3-chord-1.0.7",
"product_identification_helper": {
"purl": "pkg:npm/%40types/d3-chord@1.0.7"
}
}
},
{
"category": "product_version",
"name": "None.stringify-entities-1.3.2",
"product": {
"name": "None.stringify-entities-1.3.2",
"product_id": "None.stringify-entities-1.3.2",
"product_identification_helper": {
"purl": "pkg:npm/stringify-entities@1.3.2"
}
}
},
{
"category": "product_version",
"name": "None.postcss-jsx-0.36.1",
"product": {
"name": "None.postcss-jsx-0.36.1",
"product_id": "None.postcss-jsx-0.36.1",
"product_identification_helper": {
"purl": "pkg:npm/postcss-jsx@0.36.1"
}
}
},
{
"category": "product_version",
"name": "None.grunt-1.0.4",
"product": {
"name": "None.grunt-1.0.4",
"product_id": "None.grunt-1.0.4",
"product_identification_helper": {
"purl": "pkg:npm/grunt@1.0.4"
}
}
},
{
"category": "product_version",
"name": "@types.d3-4.13.0",
"product": {
"name": "@types.d3-4.13.0",
"product_id": "@types.d3-4.13.0",
"product_identification_helper": {
"purl": "pkg:npm/%40types/d3@4.13.0"
}
}
},
{
"category": "product_version",
"name": "None.sugarss-2.0.0",
"product": {
"name": "None.sugarss-2.0.0",
"product_id": "None.sugarss-2.0.0",
"product_identification_helper": {
"purl": "pkg:npm/sugarss@2.0.0"
}
}
},
{
"category": "product_version",
"name": "None.tiny-lr-1.1.1",
"product": {
"name": "None.tiny-lr-1.1.1",
"product_id": "None.tiny-lr-1.1.1",
"product_identification_helper": {
"purl": "pkg:npm/tiny-lr@1.1.1"
}
}
},
{
"category": "product_version",
"name": "None.colors-1.1.2",
"product": {
"name": "None.colors-1.1.2",
"product_id": "None.colors-1.1.2",
"product_identification_helper": {
"purl": "pkg:npm/colors@1.1.2"
}
}
},
{
"category": "product_version",
"name": "None.fs-extra-0.26.5",
"product": {
"name": "None.fs-extra-0.26.5",
"product_id": "None.fs-extra-0.26.5",
"product_identification_helper": {
"purl": "pkg:npm/fs-extra@0.26.5"
}
}
},
{
"category": "product_version",
"name": "None.css-parse-2.0.0",
"product": {
"name": "None.css-parse-2.0.0",
"product_id": "None.css-parse-2.0.0",
"product_identification_helper": {
"purl": "pkg:npm/css-parse@2.0.0"
}
}
},
{
"category": "product_version",
"name": "None.leven-3.1.0",
"product": {
"name": "None.leven-3.1.0",
"product_id": "None.leven-3.1.0",
"product_identification_helper": {
"purl": "pkg:npm/leven@3.1.0"
}
}
},
{
"category": "product_version",
"name": "None.nwmatcher-1.4.4",
"product": {
"name": "None.nwmatcher-1.4.4",
"product_id": "None.nwmatcher-1.4.4",
"product_identification_helper": {
"purl": "pkg:npm/nwmatcher@1.4.4"
}
}
},
{
"category": "product_version",
"name": "None.file-sync-cmp-0.1.1",
"product": {
"name": "None.file-sync-cmp-0.1.1",
"product_id": "None.file-sync-cmp-0.1.1",
"product_identification_helper": {
"purl": "pkg:npm/file-sync-cmp@0.1.1"
}
}
},
{
"category": "product_version",
"name": "None.is-utf8-0.2.1",
"product": {
"name": "None.is-utf8-0.2.1",
"product_id": "None.is-utf8-0.2.1",
"product_identification_helper": {
"purl": "pkg:npm/is-utf8@0.2.1"
}
}
},
{
"category": "product_version",
"name": "None.spark-md5-3.0.0",
"product": {
"name": "None.spark-md5-3.0.0",
"product_id": "None.spark-md5-3.0.0",
"product_identification_helper": {
"purl": "pkg:npm/spark-md5@3.0.0"
}
}
},
{
"category": "product_version",
"name": "None.ice-cap-0.0.4",
"product": {
"name": "None.ice-cap-0.0.4",
"product_id": "None.ice-cap-0.0.4",
"product_identification_helper": {
"purl": "pkg:npm/ice-cap@0.0.4"
}
}
},
{
"category": "product_version",
"name": "None.diff-3.5.0",
"product": {
"name": "None.diff-3.5.0",
"product_id": "None.diff-3.5.0",
"product_identification_helper": {
"purl": "pkg:npm/diff@3.5.0"
}
}
},
{
"category": "product_version",
"name": "None.ignore-5.1.2",
"product": {
"name": "None.ignore-5.1.2",
"product_id": "None.ignore-5.1.2",
"product_identification_helper": {
"purl": "pkg:npm/ignore@5.1.2"
}
}
},
{
"category": "product_version",
"name": "None.postcss-markdown-0.36.0",
"product": {
"name": "None.postcss-markdown-0.36.0",
"product_id": "None.postcss-markdown-0.36.0",
"product_identification_helper": {
"purl": "pkg:npm/postcss-markdown@0.36.0"
}
}
},
{
"category": "product_version",
"name": "None.wide-align-1.1.3",
"product": {
"name": "None.wide-align-1.1.3",
"product_id": "None.wide-align-1.1.3",
"product_identification_helper": {
"purl": "pkg:npm/wide-align@1.1.3"
}
}
},
{
"category": "product_version",
"name": "None.html-tags-3.0.0",
"product": {
"name": "None.html-tags-3.0.0",
"product_id": "None.html-tags-3.0.0",
"product_identification_helper": {
"purl": "pkg:npm/html-tags@3.0.0"
}
}
},
{
"category": "product_version",
"name": "None.error-7.0.2",
"product": {
"name": "None.error-7.0.2",
"product_id": "None.error-7.0.2",
"product_identification_helper": {
"purl": "pkg:npm/error@7.0.2"
}
}
},
{
"category": "product_version",
"name": "None.trim-trailing-lines-1.1.2",
"product": {
"name": "None.trim-trailing-lines-1.1.2",
"product_id": "None.trim-trailing-lines-1.1.2",
"product_identification_helper": {
"purl": "pkg:npm/trim-trailing-lines@1.1.2"
}
}
},
{
"category": "product_version",
"name": "@types.d3-quadtree-1.0.5",
"product": {
"name": "@types.d3-quadtree-1.0.5",
"product_id": "@types.d3-quadtree-1.0.5",
"product_identification_helper": {
"purl": "pkg:npm/%40types/d3-quadtree@1.0.5"
}
}
},
{
"category": "product_version",
"name": "None.level-errors-2.0.1",
"product": {
"name": "None.level-errors-2.0.1",
"product_id": "None.level-errors-2.0.1",
"product_identification_helper": {
"purl": "pkg:npm/level-errors@2.0.1"
}
}
},
{
"category": "product_version",
"name": "@types.d3-time-format-2.1.0",
"product": {
"name": "@types.d3-time-format-2.1.0",
"product_id": "@types.d3-time-format-2.1.0",
"product_identification_helper": {
"purl": "pkg:npm/%40types/d3-time-format@2.1.0"
}
}
},
{
"category": "product_version",
"name": "None.livereload-js-2.4.0",
"product": {
"name": "None.livereload-js-2.4.0",
"product_id": "None.livereload-js-2.4.0",
"product_identification_helper": {
"purl": "pkg:npm/livereload-js@2.4.0"
}
}
},
{
"category": "product_version",
"name": "None.camelcase-keys-4.2.0",
"product": {
"name": "None.camelcase-keys-4.2.0",
"product_id": "None.camelcase-keys-4.2.0",
"product_identification_helper": {
"purl": "pkg:npm/camelcase-keys@4.2.0"
}
}
},
{
"category": "product_version",
"name": "None.make-iterator-1.0.1",
"product": {
"name": "None.make-iterator-1.0.1",
"product_id": "None.make-iterator-1.0.1",
"product_identification_helper": {
"purl": "pkg:npm/make-iterator@1.0.1"
}
}
},
{
"category": "product_version",
"name": "None.postcss-sass-0.3.5",
"product": {
"name": "None.postcss-sass-0.3.5",
"product_id": "None.postcss-sass-0.3.5",
"product_identification_helper": {
"purl": "pkg:npm/postcss-sass@0.3.5"
}
}
},
{
"category": "product_version",
"name": "None.path-root-0.1.1",
"product": {
"name": "None.path-root-0.1.1",
"product_id": "None.path-root-0.1.1",
"product_identification_helper": {
"purl": "pkg:npm/path-root@0.1.1"
}
}
},
{
"category": "product_version",
"name": "None.grunt-contrib-watch-1.1.0",
"product": {
"name": "None.grunt-contrib-watch-1.1.0",
"product_id": "None.grunt-contrib-watch-1.1.0",
"product_identification_helper": {
"purl": "pkg:npm/grunt-contrib-watch@1.1.0"
}
}
},
{
"category": "product_version",
"name": "None.log-symbols-2.2.0",
"product": {
"name": "None.log-symbols-2.2.0",
"product_id": "None.log-symbols-2.2.0",
"product_identification_helper": {
"purl": "pkg:npm/log-symbols@2.2.0"
}
}
},
{
"category": "product_version",
"name": "None.cheerio-0.20.0",
"product": {
"name": "None.cheerio-0.20.0",
"product_id": "None.cheerio-0.20.0",
"product_identification_helper": {
"purl": "pkg:npm/cheerio@0.20.0"
}
}
},
{
"category": "product_version",
"name": "None.d3-dsv-1.1.1",
"product": {
"name": "None.d3-dsv-1.1.1",
"product_id": "None.d3-dsv-1.1.1",
"product_identification_helper": {
"purl": "pkg:npm/d3-dsv@1.1.1"
}
}
},
{
"category": "product_version",
"name": "None.is-relative-1.0.0",
"product": {
"name": "None.is-relative-1.0.0",
"product_id": "None.is-relative-1.0.0",
"product_identification_helper": {
"purl": "pkg:npm/is-relative@1.0.0"
}
}
},
{
"category": "product_version",
"name": "None.tr46-0.0.3",
"product": {
"name": "None.tr46-0.0.3",
"product_id": "None.tr46-0.0.3",
"product_identification_helper": {
"purl": "pkg:npm/tr46@0.0.3"
}
}
},
{
"category": "product_version",
"name": "None.liftoff-2.5.0",
"product": {
"name": "None.liftoff-2.5.0",
"product_id": "None.liftoff-2.5.0",
"product_identification_helper": {
"purl": "pkg:npm/liftoff@2.5.0"
}
}
},
{
"category": "product_version",
"name": "None.is-unc-path-1.0.0",
"product": {
"name": "None.is-unc-path-1.0.0",
"product_id": "None.is-unc-path-1.0.0",
"product_identification_helper": {
"purl": "pkg:npm/is-unc-path@1.0.0"
}
}
},
{
"category": "product_version",
"name": "None.d3-brush-1.0.6",
"product": {
"name": "None.d3-brush-1.0.6",
"product_id": "None.d3-brush-1.0.6",
"product_identification_helper": {
"purl": "pkg:npm/d3-brush@1.0.6"
}
}
},
{
"category": "product_version",
"name": "None.strip-indent-1.0.1",
"product": {
"name": "None.strip-indent-1.0.1",
"product_id": "None.strip-indent-1.0.1",
"product_identification_helper": {
"purl": "pkg:npm/strip-indent@1.0.1"
}
}
},
{
"category": "product_version",
"name": "None.c3-0.4.23",
"product": {
"name": "None.c3-0.4.23",
"product_id": "None.c3-0.4.23",
"product_identification_helper": {
"purl": "pkg:npm/c3@0.4.23"
}
}
},
{
"category": "product_version",
"name": "None.npmlog-4.1.2",
"product": {
"name": "None.npmlog-4.1.2",
"product_id": "None.npmlog-4.1.2",
"product_identification_helper": {
"purl": "pkg:npm/npmlog@4.1.2"
}
}
},
{
"category": "product_version",
"name": "None.log-symbols-3.0.0",
"product": {
"name": "None.log-symbols-3.0.0",
"product_id": "None.log-symbols-3.0.0",
"product_identification_helper": {
"purl": "pkg:npm/log-symbols@3.0.0"
}
}
},
{
"category": "product_version",
"name": "None.bootstrap-3.4.1",
"product": {
"name": "None.bootstrap-3.4.1",
"product_id": "None.bootstrap-3.4.1",
"product_identification_helper": {
"purl": "pkg:npm/bootstrap@3.4.1"
}
}
},
{
"category": "product_version",
"name": "None.fast-glob-2.2.7",
"product": {
"name": "None.fast-glob-2.2.7",
"product_id": "None.fast-glob-2.2.7",
"product_identification_helper": {
"purl": "pkg:npm/fast-glob@2.2.7"
}
}
},
{
"category": "product_version",
"name": "None.amdefine-1.0.1",
"product": {
"name": "None.amdefine-1.0.1",
"product_id": "None.amdefine-1.0.1",
"product_identification_helper": {
"purl": "pkg:npm/amdefine@1.0.1"
}
}
},
{
"category": "product_version",
"name": "None.picomatch-2.0.7",
"product": {
"name": "None.picomatch-2.0.7",
"product_id": "None.picomatch-2.0.7",
"product_identification_helper": {
"purl": "pkg:npm/picomatch@2.0.7"
}
}
},
{
"category": "product_version",
"name": "None.readable-stream-0.0.4",
"product": {
"name": "None.readable-stream-0.0.4",
"product_id": "None.readable-stream-0.0.4",
"product_identification_helper": {
"purl": "pkg:npm/readable-stream@0.0.4"
}
}
},
{
"category": "product_version",
"name": "None.unist-util-visit-1.4.1",
"product": {
"name": "None.unist-util-visit-1.4.1",
"product_id": "None.unist-util-visit-1.4.1",
"product_identification_helper": {
"purl": "pkg:npm/unist-util-visit@1.4.1"
}
}
},
{
"category": "product_version",
"name": "None.trim-newlines-1.0.0",
"product": {
"name": "None.trim-newlines-1.0.0",
"product_id": "None.trim-newlines-1.0.0",
"product_identification_helper": {
"purl": "pkg:npm/trim-newlines@1.0.0"
}
}
},
{
"category": "product_version",
"name": "None.underscore.string-3.3.5",
"product": {
"name": "None.underscore.string-3.3.5",
"product_id": "None.underscore.string-3.3.5",
"product_identification_helper": {
"purl": "pkg:npm/underscore.string@3.3.5"
}
}
},
{
"category": "product_version",
"name": "None.grunt-known-options-1.1.1",
"product": {
"name": "None.grunt-known-options-1.1.1",
"product_id": "None.grunt-known-options-1.1.1",
"product_identification_helper": {
"purl": "pkg:npm/grunt-known-options@1.1.1"
}
}
},
{
"category": "product_version",
"name": "None.napi-macros-1.8.2",
"product": {
"name": "None.napi-macros-1.8.2",
"product_id": "None.napi-macros-1.8.2",
"product_identification_helper": {
"purl": "pkg:npm/napi-macros@1.8.2"
}
}
},
{
"category": "product_version",
"name": "None.set-value-2.0.1",
"product": {
"name": "None.set-value-2.0.1",
"product_id": "None.set-value-2.0.1",
"product_identification_helper": {
"purl": "pkg:npm/set-value@2.0.1"
}
}
},
{
"category": "product_version",
"name": "None.is-number-7.0.0",
"product": {
"name": "None.is-number-7.0.0",
"product_id": "None.is-number-7.0.0",
"product_identification_helper": {
"purl": "pkg:npm/is-number@7.0.0"
}
}
},
{
"category": "product_version",
"name": "None.postcss-html-0.36.0",
"product": {
"name": "None.postcss-html-0.36.0",
"product_id": "None.postcss-html-0.36.0",
"product_identification_helper": {
"purl": "pkg:npm/postcss-html@0.36.0"
}
}
},
{
"category": "product_version",
"name": "None.d3-geo-1.11.6",
"product": {
"name": "None.d3-geo-1.11.6",
"product_id": "None.d3-geo-1.11.6",
"product_identification_helper": {
"purl": "pkg:npm/d3-geo@1.11.6"
}
}
},
{
"category": "product_version",
"name": "None.stylelint-10.1.0",
"product": {
"name": "None.stylelint-10.1.0",
"product_id": "None.stylelint-10.1.0",
"product_identification_helper": {
"purl": "pkg:npm/stylelint@10.1.0"
}
}
},
{
"category": "product_version",
"name": "None.path-type-1.1.0",
"product": {
"name": "None.path-type-1.1.0",
"product_id": "None.path-type-1.1.0",
"product_identification_helper": {
"purl": "pkg:npm/path-type@1.1.0"
}
}
},
{
"category": "product_version",
"name": "None.clone-2.1.2",
"product": {
"name": "None.clone-2.1.2",
"product_id": "None.clone-2.1.2",
"product_identification_helper": {
"purl": "pkg:npm/clone@2.1.2"
}
}
},
{
"category": "product_version",
"name": "None.esdoc-1.1.0",
"product": {
"name": "None.esdoc-1.1.0",
"product_id": "None.esdoc-1.1.0",
"product_identification_helper": {
"purl": "pkg:npm/esdoc@1.1.0"
}
}
},
{
"category": "product_version",
"name": "None.klaw-1.3.1",
"product": {
"name": "None.klaw-1.3.1",
"product_id": "None.klaw-1.3.1",
"product_identification_helper": {
"purl": "pkg:npm/klaw@1.3.1"
}
}
},
{
"category": "product_version",
"name": "None.pretty-bytes-3.0.1",
"product": {
"name": "None.pretty-bytes-3.0.1",
"product_id": "None.pretty-bytes-3.0.1",
"product_identification_helper": {
"purl": "pkg:npm/pretty-bytes@3.0.1"
}
}
},
{
"category": "product_version",
"name": "@types.d3-voronoi-1.1.7",
"product": {
"name": "@types.d3-voronoi-1.1.7",
"product_id": "@types.d3-voronoi-1.1.7",
"product_identification_helper": {
"purl": "pkg:npm/%40types/d3-voronoi@1.1.7"
}
}
},
{
"category": "product_version",
"name": "@types.d3-request-1.0.2",
"product": {
"name": "@types.d3-request-1.0.2",
"product_id": "@types.d3-request-1.0.2",
"product_identification_helper": {
"purl": "pkg:npm/%40types/d3-request@1.0.2"
}
}
},
{
"category": "product_version",
"name": "None.postcss-reporter-6.0.1",
"product": {
"name": "None.postcss-reporter-6.0.1",
"product_id": "None.postcss-reporter-6.0.1",
"product_identification_helper": {
"purl": "pkg:npm/postcss-reporter@6.0.1"
}
}
},
{
"category": "product_version",
"name": "None.d3-time-1.0.11",
"product": {
"name": "None.d3-time-1.0.11",
"product_id": "None.d3-time-1.0.11",
"product_identification_helper": {
"purl": "pkg:npm/d3-time@1.0.11"
}
}
},
{
"category": "product_version",
"name": "None.camelcase-2.1.1",
"product": {
"name": "None.camelcase-2.1.1",
"product_id": "None.camelcase-2.1.1",
"product_identification_helper": {
"purl": "pkg:npm/camelcase@2.1.1"
}
}
},
{
"category": "product_version",
"name": "None.trough-1.0.4",
"product": {
"name": "None.trough-1.0.4",
"product_id": "None.trough-1.0.4",
"product_identification_helper": {
"purl": "pkg:npm/trough@1.0.4"
}
}
},
{
"category": "product_version",
"name": "None.remark-stringify-6.0.4",
"product": {
"name": "None.remark-stringify-6.0.4",
"product_id": "None.remark-stringify-6.0.4",
"product_identification_helper": {
"purl": "pkg:npm/remark-stringify@6.0.4"
}
}
},
{
"category": "product_version",
"name": "None.uuid-3.2.1",
"product": {
"name": "None.uuid-3.2.1",
"product_id": "None.uuid-3.2.1",
"product_identification_helper": {
"purl": "pkg:npm/uuid@3.2.1"
}
}
},
{
"category": "product_version",
"name": "None.loud-rejection-1.6.0",
"product": {
"name": "None.loud-rejection-1.6.0",
"product_id": "None.loud-rejection-1.6.0",
"product_identification_helper": {
"purl": "pkg:npm/loud-rejection@1.6.0"
}
}
},
{
"category": "product_version",
"name": "None.grunt-cli-1.3.2",
"product": {
"name": "None.grunt-cli-1.3.2",
"product_id": "None.grunt-cli-1.3.2",
"product_identification_helper": {
"purl": "pkg:npm/grunt-cli@1.3.2"
}
}
},
{
"category": "product_version",
"name": "@types.d3-color-1.2.1",
"product": {
"name": "@types.d3-color-1.2.1",
"product_id": "@types.d3-color-1.2.1",
"product_identification_helper": {
"purl": "pkg:npm/%40types/d3-color@1.2.1"
}
}
},
{
"category": "product_version",
"name": "None.known-css-properties-0.14.0",
"product": {
"name": "None.known-css-properties-0.14.0",
"product_id": "None.known-css-properties-0.14.0",
"product_identification_helper": {
"purl": "pkg:npm/known-css-properties@0.14.0"
}
}
},
{
"category": "product_version",
"name": "None.unherit-1.1.2",
"product": {
"name": "None.unherit-1.1.2",
"product_id": "None.unherit-1.1.2",
"product_identification_helper": {
"purl": "pkg:npm/unherit@1.1.2"
}
}
},
{
"category": "product_version",
"name": "@types.d3-dispatch-1.0.6",
"product": {
"name": "@types.d3-dispatch-1.0.6",
"product_id": "@types.d3-dispatch-1.0.6",
"product_identification_helper": {
"purl": "pkg:npm/%40types/d3-dispatch@1.0.6"
}
}
},
{
"category": "product_version",
"name": "None.datatables.net-1.10.19",
"product": {
"name": "None.datatables.net-1.10.19",
"product_id": "None.datatables.net-1.10.19",
"product_identification_helper": {
"purl": "pkg:npm/datatables.net@1.10.19"
}
}
},
{
"category": "product_version",
"name": "None.postcss-scss-2.0.0",
"product": {
"name": "None.postcss-scss-2.0.0",
"product_id": "None.postcss-scss-2.0.0",
"product_identification_helper": {
"purl": "pkg:npm/postcss-scss@2.0.0"
}
}
},
{
"category": "product_version",
"name": "None.node-fetch-2.4.1",
"product": {
"name": "None.node-fetch-2.4.1",
"product_id": "None.node-fetch-2.4.1",
"product_identification_helper": {
"purl": "pkg:npm/node-fetch@2.4.1"
}
}
},
{
"category": "product_version",
"name": "None.semver-5.3.0",
"product": {
"name": "None.semver-5.3.0",
"product_id": "None.semver-5.3.0",
"product_identification_helper": {
"purl": "pkg:npm/semver@5.3.0"
}
}
},
{
"category": "product_version",
"name": "None.rw-1.3.3",
"product": {
"name": "None.rw-1.3.3",
"product_id": "None.rw-1.3.3",
"product_identification_helper": {
"purl": "pkg:npm/rw@1.3.3"
}
}
},
{
"category": "product_version",
"name": "None.body-5.1.0",
"product": {
"name": "None.body-5.1.0",
"product_id": "None.body-5.1.0",
"product_identification_helper": {
"purl": "pkg:npm/body@5.1.0"
}
}
},
{
"category": "product_version",
"name": "None.level-write-stream-1.0.0",
"product": {
"name": "None.level-write-stream-1.0.0",
"product_id": "None.level-write-stream-1.0.0",
"product_identification_helper": {
"purl": "pkg:npm/level-write-stream@1.0.0"
}
}
},
{
"category": "product_version",
"name": "None.slash-3.0.0",
"product": {
"name": "None.slash-3.0.0",
"product_id": "None.slash-3.0.0",
"product_identification_helper": {
"purl": "pkg:npm/slash@3.0.0"
}
}
},
{
"category": "product_version",
"name": "None.marked-0.3.19",
"product": {
"name": "None.marked-0.3.19",
"product_id": "None.marked-0.3.19",
"product_identification_helper": {
"purl": "pkg:npm/marked@0.3.19"
}
}
},
{
"category": "product_version",
"name": "@types.d3-scale-1.0.13",
"product": {
"name": "@types.d3-scale-1.0.13",
"product_id": "@types.d3-scale-1.0.13",
"product_identification_helper": {
"purl": "pkg:npm/%40types/d3-scale@1.0.13"
}
}
},
{
"category": "product_version",
"name": "None.globule-1.2.1",
"product": {
"name": "None.globule-1.2.1",
"product_id": "None.globule-1.2.1",
"product_identification_helper": {
"purl": "pkg:npm/globule@1.2.1"
}
}
},
{
"category": "product_version",
"name": "None.meow-5.0.0",
"product": {
"name": "None.meow-5.0.0",
"product_id": "None.meow-5.0.0",
"product_identification_helper": {
"purl": "pkg:npm/meow@5.0.0"
}
}
},
{
"category": "product_version",
"name": "None.d3-axis-1.0.12",
"product": {
"name": "None.d3-axis-1.0.12",
"product_id": "None.d3-axis-1.0.12",
"product_identification_helper": {
"purl": "pkg:npm/d3-axis@1.0.12"
}
}
},
{
"category": "product_version",
"name": "@babel.traverse-7.4.5",
"product": {
"name": "@babel.traverse-7.4.5",
"product_id": "@babel.traverse-7.4.5",
"product_identification_helper": {
"purl": "pkg:npm/%40babel/traverse@7.4.5"
}
}
},
{
"category": "product_version",
"name": "@babel.parser-7.4.5",
"product": {
"name": "@babel.parser-7.4.5",
"product_id": "@babel.parser-7.4.5",
"product_identification_helper": {
"purl": "pkg:npm/%40babel/parser@7.4.5"
}
}
},
{
"category": "product_version",
"name": "None.vfile-3.0.1",
"product": {
"name": "None.vfile-3.0.1",
"product_id": "None.vfile-3.0.1",
"product_identification_helper": {
"purl": "pkg:npm/vfile@3.0.1"
}
}
},
{
"category": "product_version",
"name": "None.grunt-legacy-log-utils-2.0.1",
"product": {
"name": "None.grunt-legacy-log-utils-2.0.1",
"product_id": "None.grunt-legacy-log-utils-2.0.1",
"product_identification_helper": {
"purl": "pkg:npm/grunt-legacy-log-utils@2.0.1"
}
}
},
{
"category": "product_version",
"name": "None.deferred-leveldown-5.0.1",
"product": {
"name": "None.deferred-leveldown-5.0.1",
"product_id": "None.deferred-leveldown-5.0.1",
"product_identification_helper": {
"purl": "pkg:npm/deferred-leveldown@5.0.1"
}
}
},
{
"category": "product_version",
"name": "None.browserslist-4.6.3",
"product": {
"name": "None.browserslist-4.6.3",
"product_id": "None.browserslist-4.6.3",
"product_identification_helper": {
"purl": "pkg:npm/browserslist@4.6.3"
}
}
},
{
"category": "product_version",
"name": "None.is-absolute-1.0.0",
"product": {
"name": "None.is-absolute-1.0.0",
"product_id": "None.is-absolute-1.0.0",
"product_identification_helper": {
"purl": "pkg:npm/is-absolute@1.0.0"
}
}
},
{
"category": "product_version",
"name": "None.grunt-legacy-log-2.0.0",
"product": {
"name": "None.grunt-legacy-log-2.0.0",
"product_id": "None.grunt-legacy-log-2.0.0",
"product_identification_helper": {
"purl": "pkg:npm/grunt-legacy-log@2.0.0"
}
}
},
{
"category": "product_version",
"name": "None.datatables.net-select-1.2.7",
"product": {
"name": "None.datatables.net-select-1.2.7",
"product_id": "None.datatables.net-select-1.2.7",
"product_identification_helper": {
"purl": "pkg:npm/datatables.net-select@1.2.7"
}
}
},
{
"category": "product_version",
"name": "None.get-stdin-4.0.1",
"product": {
"name": "None.get-stdin-4.0.1",
"product_id": "None.get-stdin-4.0.1",
"product_identification_helper": {
"purl": "pkg:npm/get-stdin@4.0.1"
}
}
},
{
"category": "product_version",
"name": "@types.d3-hierarchy-1.1.2",
"product": {
"name": "@types.d3-hierarchy-1.1.2",
"product_id": "@types.d3-hierarchy-1.1.2",
"product_identification_helper": {
"purl": "pkg:npm/%40types/d3-hierarchy@1.1.2"
}
}
},
{
"category": "product_version",
"name": "None.end-stream-0.1.0",
"product": {
"name": "None.end-stream-0.1.0",
"product_id": "None.end-stream-0.1.0",
"product_identification_helper": {
"purl": "pkg:npm/end-stream@0.1.0"
}
}
},
{
"category": "product_version",
"name": "None.color-logger-0.0.6",
"product": {
"name": "None.color-logger-0.0.6",
"product_id": "None.color-logger-0.0.6",
"product_identification_helper": {
"purl": "pkg:npm/color-logger@0.0.6"
}
}
},
{
"category": "product_version",
"name": "None.es6-denodeify-0.1.5",
"product": {
"name": "None.es6-denodeify-0.1.5",
"product_id": "None.es6-denodeify-0.1.5",
"product_identification_helper": {
"purl": "pkg:npm/es6-denodeify@0.1.5"
}
}
},
{
"category": "product_version",
"name": "None.style-search-0.1.0",
"product": {
"name": "None.style-search-0.1.0",
"product_id": "None.style-search-0.1.0",
"product_identification_helper": {
"purl": "pkg:npm/style-search@0.1.0"
}
}
},
{
"category": "product_version",
"name": "None.unist-util-is-3.0.0",
"product": {
"name": "None.unist-util-is-3.0.0",
"product_id": "None.unist-util-is-3.0.0",
"product_identification_helper": {
"purl": "pkg:npm/unist-util-is@3.0.0"
}
}
},
{
"category": "product_version",
"name": "None.x-is-string-0.1.0",
"product": {
"name": "None.x-is-string-0.1.0",
"product_id": "None.x-is-string-0.1.0",
"product_identification_helper": {
"purl": "pkg:npm/x-is-string@0.1.0"
}
}
},
{
"category": "product_version",
"name": "None.d3-collection-1.0.7",
"product": {
"name": "None.d3-collection-1.0.7",
"product_id": "None.d3-collection-1.0.7",
"product_identification_helper": {
"purl": "pkg:npm/d3-collection@1.0.7"
}
}
},
{
"category": "product_version",
"name": "None.maxmin-2.1.0",
"product": {
"name": "None.maxmin-2.1.0",
"product_id": "None.maxmin-2.1.0",
"product_identification_helper": {
"purl": "pkg:npm/maxmin@2.1.0"
}
}
},
{
"category": "product_version",
"name": "None.dateformat-1.0.12",
"product": {
"name": "None.dateformat-1.0.12",
"product_id": "None.dateformat-1.0.12",
"product_identification_helper": {
"purl": "pkg:npm/dateformat@1.0.12"
}
}
},
{
"category": "product_version",
"name": "None.read-pkg-up-1.0.1",
"product": {
"name": "None.read-pkg-up-1.0.1",
"product_id": "None.read-pkg-up-1.0.1",
"product_identification_helper": {
"purl": "pkg:npm/read-pkg-up@1.0.1"
}
}
},
{
"category": "product_version",
"name": "None.quick-lru-1.1.0",
"product": {
"name": "None.quick-lru-1.1.0",
"product_id": "None.quick-lru-1.1.0",
"product_identification_helper": {
"purl": "pkg:npm/quick-lru@1.1.0"
}
}
},
{
"category": "product_version",
"name": "None.cssstyle-0.2.37",
"product": {
"name": "None.cssstyle-0.2.37",
"product_id": "None.cssstyle-0.2.37",
"product_identification_helper": {
"purl": "pkg:npm/cssstyle@0.2.37"
}
}
},
{
"category": "product_version",
"name": "None.is-fullwidth-code-point-3.0.0",
"product": {
"name": "None.is-fullwidth-code-point-3.0.0",
"product_id": "None.is-fullwidth-code-point-3.0.0",
"product_identification_helper": {
"purl": "pkg:npm/is-fullwidth-code-point@3.0.0"
}
}
},
{
"category": "product_version",
"name": "None.sprintf-js-1.1.2",
"product": {
"name": "None.sprintf-js-1.1.2",
"product_id": "None.sprintf-js-1.1.2",
"product_identification_helper": {
"purl": "pkg:npm/sprintf-js@1.1.2"
}
}
},
{
"category": "product_version",
"name": "None.longest-streak-2.0.3",
"product": {
"name": "None.longest-streak-2.0.3",
"product_id": "None.longest-streak-2.0.3",
"product_identification_helper": {
"purl": "pkg:npm/longest-streak@2.0.3"
}
}
},
{
"category": "product_version",
"name": "None.grunt-legacy-util-1.1.1",
"product": {
"name": "None.grunt-legacy-util-1.1.1",
"product_id": "None.grunt-legacy-util-1.1.1",
"product_identification_helper": {
"purl": "pkg:npm/grunt-legacy-util@1.1.1"
}
}
},
{
"category": "product_version",
"name": "None.fast-levenshtein-1.0.7",
"product": {
"name": "None.fast-levenshtein-1.0.7",
"product_id": "None.fast-levenshtein-1.0.7",
"product_identification_helper": {
"purl": "pkg:npm/fast-levenshtein@1.0.7"
}
}
},
{
"category": "product_version",
"name": "None.stack-trace-0.0.10",
"product": {
"name": "None.stack-trace-0.0.10",
"product_id": "None.stack-trace-0.0.10",
"product_identification_helper": {
"purl": "pkg:npm/stack-trace@0.0.10"
}
}
},
{
"category": "product_version",
"name": "None.d3-interpolate-1.3.2",
"product": {
"name": "None.d3-interpolate-1.3.2",
"product_id": "None.d3-interpolate-1.3.2",
"product_identification_helper": {
"purl": "pkg:npm/d3-interpolate@1.3.2"
}
}
},
{
"category": "product_version",
"name": "None.is-whitespace-character-1.0.3",
"product": {
"name": "None.is-whitespace-character-1.0.3",
"product_id": "None.is-whitespace-character-1.0.3",
"product_identification_helper": {
"purl": "pkg:npm/is-whitespace-character@1.0.3"
}
}
},
{
"category": "product_version",
"name": "None.bootstrap-datepicker-1.8.0",
"product": {
"name": "None.bootstrap-datepicker-1.8.0",
"product_id": "None.bootstrap-datepicker-1.8.0",
"product_identification_helper": {
"purl": "pkg:npm/bootstrap-datepicker@1.8.0"
}
}
},
{
"category": "product_version",
"name": "None.grunt-contrib-cssmin-3.0.0",
"product": {
"name": "None.grunt-contrib-cssmin-3.0.0",
"product_id": "None.grunt-contrib-cssmin-3.0.0",
"product_identification_helper": {
"purl": "pkg:npm/grunt-contrib-cssmin@3.0.0"
}
}
},
{
"category": "product_version",
"name": "None.to-regex-range-5.0.1",
"product": {
"name": "None.to-regex-range-5.0.1",
"product_id": "None.to-regex-range-5.0.1",
"product_identification_helper": {
"purl": "pkg:npm/to-regex-range@5.0.1"
}
}
},
{
"category": "product_version",
"name": "None.grunt-stylelint-0.11.0",
"product": {
"name": "None.grunt-stylelint-0.11.0",
"product_id": "None.grunt-stylelint-0.11.0",
"product_identification_helper": {
"purl": "pkg:npm/grunt-stylelint@0.11.0"
}
}
},
{
"category": "product_version",
"name": "None.escodegen-1.7.0",
"product": {
"name": "None.escodegen-1.7.0",
"product_id": "None.escodegen-1.7.0",
"product_identification_helper": {
"purl": "pkg:npm/escodegen@1.7.0"
}
}
},
{
"category": "product_version",
"name": "@types.unist-2.0.3",
"product": {
"name": "@types.unist-2.0.3",
"product_id": "@types.unist-2.0.3",
"product_identification_helper": {
"purl": "pkg:npm/%40types/unist@2.0.3"
}
}
},
{
"category": "product_version",
"name": "None.d3-random-1.1.2",
"product": {
"name": "None.d3-random-1.1.2",
"product_id": "None.d3-random-1.1.2",
"product_identification_helper": {
"purl": "pkg:npm/d3-random@1.1.2"
}
}
},
{
"category": "product_version",
"name": "None.decamelize-keys-1.1.0",
"product": {
"name": "None.decamelize-keys-1.1.0",
"product_id": "None.decamelize-keys-1.1.0",
"product_identification_helper": {
"purl": "pkg:npm/decamelize-keys@1.1.0"
}
}
},
{
"category": "product_version",
"name": "None.nopt-3.0.6",
"product": {
"name": "None.nopt-3.0.6",
"product_id": "None.nopt-3.0.6",
"product_identification_helper": {
"purl": "pkg:npm/nopt@3.0.6"
}
}
},
{
"category": "product_version",
"name": "None.grunt-contrib-concat-1.0.1",
"product": {
"name": "None.grunt-contrib-concat-1.0.1",
"product_id": "None.grunt-contrib-concat-1.0.1",
"product_identification_helper": {
"purl": "pkg:npm/grunt-contrib-concat@1.0.1"
}
}
},
{
"category": "product_version",
"name": "None.fs-extra-5.0.0",
"product": {
"name": "None.fs-extra-5.0.0",
"product_id": "None.fs-extra-5.0.0",
"product_identification_helper": {
"purl": "pkg:npm/fs-extra@5.0.0"
}
}
},
{
"category": "product_version",
"name": "None.ltgt-2.2.1",
"product": {
"name": "None.ltgt-2.2.1",
"product_id": "None.ltgt-2.2.1",
"product_identification_helper": {
"purl": "pkg:npm/ltgt@2.2.1"
}
}
},
{
"category": "product_version",
"name": "@types.d3-time-1.0.8",
"product": {
"name": "@types.d3-time-1.0.8",
"product_id": "@types.d3-time-1.0.8",
"product_identification_helper": {
"purl": "pkg:npm/%40types/d3-time@1.0.8"
}
}
},
{
"category": "product_version",
"name": "None.vfile-message-1.1.1",
"product": {
"name": "None.vfile-message-1.1.1",
"product_id": "None.vfile-message-1.1.1",
"product_identification_helper": {
"purl": "pkg:npm/vfile-message@1.1.1"
}
}
},
{
"category": "product_version",
"name": "None.character-entities-legacy-1.1.3",
"product": {
"name": "None.character-entities-legacy-1.1.3",
"product_id": "None.character-entities-legacy-1.1.3",
"product_identification_helper": {
"purl": "pkg:npm/character-entities-legacy@1.1.3"
}
}
},
{
"category": "product_version",
"name": "None.taffydb-2.7.2",
"product": {
"name": "None.taffydb-2.7.2",
"product_id": "None.taffydb-2.7.2",
"product_identification_helper": {
"purl": "pkg:npm/taffydb@2.7.2"
}
}
},
{
"category": "product_version",
"name": "None.bootstrap-sass-3.4.1",
"product": {
"name": "None.bootstrap-sass-3.4.1",
"product_id": "None.bootstrap-sass-3.4.1",
"product_identification_helper": {
"purl": "pkg:npm/bootstrap-sass@3.4.1"
}
}
},
{
"category": "product_version",
"name": "None.normalize-selector-0.2.0",
"product": {
"name": "None.normalize-selector-0.2.0",
"product_id": "None.normalize-selector-0.2.0",
"product_identification_helper": {
"purl": "pkg:npm/normalize-selector@0.2.0"
}
}
},
{
"category": "product_version",
"name": "None.svg-tags-1.0.0",
"product": {
"name": "None.svg-tags-1.0.0",
"product_id": "None.svg-tags-1.0.0",
"product_identification_helper": {
"purl": "pkg:npm/svg-tags@1.0.0"
}
}
},
{
"category": "product_version",
"name": "None.promise-polyfill-8.1.3",
"product": {
"name": "None.promise-polyfill-8.1.3",
"product_id": "None.promise-polyfill-8.1.3",
"product_identification_helper": {
"purl": "pkg:npm/promise-polyfill@8.1.3"
}
}
},
{
"category": "product_version",
"name": "None.pouchdb-7.1.1",
"product": {
"name": "None.pouchdb-7.1.1",
"product_id": "None.pouchdb-7.1.1",
"product_identification_helper": {
"purl": "pkg:npm/pouchdb@7.1.1"
}
}
},
{
"category": "product_version",
"name": "None.postcss-syntax-0.36.2",
"product": {
"name": "None.postcss-syntax-0.36.2",
"product_id": "None.postcss-syntax-0.36.2",
"product_identification_helper": {
"purl": "pkg:npm/postcss-syntax@0.36.2"
}
}
},
{
"category": "product_version",
"name": "None.patternfly-3.59.2",
"product": {
"name": "None.patternfly-3.59.2",
"product_id": "None.patternfly-3.59.2",
"product_identification_helper": {
"purl": "pkg:npm/patternfly@3.59.2"
}
}
},
{
"category": "product_version",
"name": "None.argsarray-0.0.1",
"product": {
"name": "None.argsarray-0.0.1",
"product_id": "None.argsarray-0.0.1",
"product_identification_helper": {
"purl": "pkg:npm/argsarray@0.0.1"
}
}
},
{
"category": "product_version",
"name": "None.is-alphanumeric-1.0.0",
"product": {
"name": "None.is-alphanumeric-1.0.0",
"product_id": "None.is-alphanumeric-1.0.0",
"product_identification_helper": {
"purl": "pkg:npm/is-alphanumeric@1.0.0"
}
}
},
{
"category": "product_version",
"name": "None.globby-9.2.0",
"product": {
"name": "None.globby-9.2.0",
"product_id": "None.globby-9.2.0",
"product_identification_helper": {
"purl": "pkg:npm/globby@9.2.0"
}
}
},
{
"category": "product_version",
"name": "None.node-releases-1.1.23",
"product": {
"name": "None.node-releases-1.1.23",
"product_id": "None.node-releases-1.1.23",
"product_identification_helper": {
"purl": "pkg:npm/node-releases@1.1.23"
}
}
},
{
"category": "product_version",
"name": "None.unified-7.1.0",
"product": {
"name": "None.unified-7.1.0",
"product_id": "None.unified-7.1.0",
"product_identification_helper": {
"purl": "pkg:npm/unified@7.1.0"
}
}
},
{
"category": "product_version",
"name": "None.bootstrap-select-1.12.2",
"product": {
"name": "None.bootstrap-select-1.12.2",
"product_id": "None.bootstrap-select-1.12.2",
"product_identification_helper": {
"purl": "pkg:npm/bootstrap-select@1.12.2"
}
}
},
{
"category": "product_version",
"name": "None.hooker-0.2.3",
"product": {
"name": "None.hooker-0.2.3",
"product_id": "None.hooker-0.2.3",
"product_identification_helper": {
"purl": "pkg:npm/hooker@0.2.3"
}
}
},
{
"category": "product_version",
"name": "None.d3-timer-1.0.9",
"product": {
"name": "None.d3-timer-1.0.9",
"product_id": "None.d3-timer-1.0.9",
"product_identification_helper": {
"purl": "pkg:npm/d3-timer@1.0.9"
}
}
},
{
"category": "product_version",
"name": "None.minimist-options-3.0.2",
"product": {
"name": "None.minimist-options-3.0.2",
"product_id": "None.minimist-options-3.0.2",
"product_identification_helper": {
"purl": "pkg:npm/minimist-options@3.0.2"
}
}
},
{
"category": "product_version",
"name": "None.esprima-1.2.5",
"product": {
"name": "None.esprima-1.2.5",
"product_id": "None.esprima-1.2.5",
"product_identification_helper": {
"purl": "pkg:npm/esprima@1.2.5"
}
}
},
{
"category": "product_version",
"name": "@types.vfile-3.0.2",
"product": {
"name": "@types.vfile-3.0.2",
"product_id": "@types.vfile-3.0.2",
"product_identification_helper": {
"purl": "pkg:npm/%40types/vfile@3.0.2"
}
}
},
{
"category": "product_version",
"name": "None.autoprefixer-9.6.0",
"product": {
"name": "None.autoprefixer-9.6.0",
"product_id": "None.autoprefixer-9.6.0",
"product_identification_helper": {
"purl": "pkg:npm/autoprefixer@9.6.0"
}
}
},
{
"category": "product_version",
"name": "None.are-we-there-yet-1.1.5",
"product": {
"name": "None.are-we-there-yet-1.1.5",
"product_id": "None.are-we-there-yet-1.1.5",
"product_identification_helper": {
"purl": "pkg:npm/are-we-there-yet@1.1.5"
}
}
},
{
"category": "product_version",
"name": "None.d3-chord-1.0.6",
"product": {
"name": "None.d3-chord-1.0.6",
"product_id": "None.d3-chord-1.0.6",
"product_identification_helper": {
"purl": "pkg:npm/d3-chord@1.0.6"
}
}
},
{
"category": "product_version",
"name": "@types.vfile-message-1.0.1",
"product": {
"name": "@types.vfile-message-1.0.1",
"product_id": "@types.vfile-message-1.0.1",
"product_identification_helper": {
"purl": "pkg:npm/%40types/vfile-message@1.0.1"
}
}
},
{
"category": "product_version",
"name": "None.datatables.net-select-1.3.0",
"product": {
"name": "None.datatables.net-select-1.3.0",
"product_id": "None.datatables.net-select-1.3.0",
"product_identification_helper": {
"purl": "pkg:npm/datatables.net-select@1.3.0"
}
}
},
{
"category": "product_version",
"name": "None.parse-filepath-1.0.2",
"product": {
"name": "None.parse-filepath-1.0.2",
"product_id": "None.parse-filepath-1.0.2",
"product_identification_helper": {
"purl": "pkg:npm/parse-filepath@1.0.2"
}
}
},
{
"category": "product_version",
"name": "None.grunt-postcss-0.9.0",
"product": {
"name": "None.grunt-postcss-0.9.0",
"product_id": "None.grunt-postcss-0.9.0",
"product_identification_helper": {
"purl": "pkg:npm/grunt-postcss@0.9.0"
}
}
},
{
"category": "product_version",
"name": "None.abab-1.0.4",
"product": {
"name": "None.abab-1.0.4",
"product_id": "None.abab-1.0.4",
"product_identification_helper": {
"purl": "pkg:npm/abab@1.0.4"
}
}
},
{
"category": "product_version",
"name": "None.minipass-2.3.5",
"product": {
"name": "None.minipass-2.3.5",
"product_id": "None.minipass-2.3.5",
"product_identification_helper": {
"purl": "pkg:npm/minipass@2.3.5"
}
}
},
{
"category": "product_version",
"name": "None.xml-name-validator-2.0.1",
"product": {
"name": "None.xml-name-validator-2.0.1",
"product_id": "None.xml-name-validator-2.0.1",
"product_identification_helper": {
"purl": "pkg:npm/xml-name-validator@2.0.1"
}
}
},
{
"category": "product_version",
"name": "None.color-logger-0.0.3",
"product": {
"name": "None.color-logger-0.0.3",
"product_id": "None.color-logger-0.0.3",
"product_identification_helper": {
"purl": "pkg:npm/color-logger@0.0.3"
}
}
},
{
"category": "product_version",
"name": "None.string-width-4.1.0",
"product": {
"name": "None.string-width-4.1.0",
"product_id": "None.string-width-4.1.0",
"product_identification_helper": {
"purl": "pkg:npm/string-width@4.1.0"
}
}
},
{
"category": "product_version",
"name": "@types.geojson-7946.0.3",
"product": {
"name": "@types.geojson-7946.0.3",
"product_id": "@types.geojson-7946.0.3",
"product_identification_helper": {
"purl": "pkg:npm/%40types/geojson@7946.0.3"
}
}
},
{
"category": "product_version",
"name": "None.esdoc-0.4.8",
"product": {
"name": "None.esdoc-0.4.8",
"product_id": "None.esdoc-0.4.8",
"product_identification_helper": {
"purl": "pkg:npm/esdoc@0.4.8"
}
}
},
{
"category": "product_version",
"name": "None.flagged-respawn-1.0.1",
"product": {
"name": "None.flagged-respawn-1.0.1",
"product_id": "None.flagged-respawn-1.0.1",
"product_identification_helper": {
"purl": "pkg:npm/flagged-respawn@1.0.1"
}
}
},
{
"category": "product_version",
"name": "None.d3-color-1.2.3",
"product": {
"name": "None.d3-color-1.2.3",
"product_id": "None.d3-color-1.2.3",
"product_identification_helper": {
"purl": "pkg:npm/d3-color@1.2.3"
}
}
},
{
"category": "product_version",
"name": "None.d3-zoom-1.7.3",
"product": {
"name": "None.d3-zoom-1.7.3",
"product_id": "None.d3-zoom-1.7.3",
"product_identification_helper": {
"purl": "pkg:npm/d3-zoom@1.7.3"
}
}
},
{
"category": "product_version",
"name": "@types.d3-brush-1.0.8",
"product": {
"name": "@types.d3-brush-1.0.8",
"product_id": "@types.d3-brush-1.0.8",
"product_identification_helper": {
"purl": "pkg:npm/%40types/d3-brush@1.0.8"
}
}
},
{
"category": "product_version",
"name": "None.redent-2.0.0",
"product": {
"name": "None.redent-2.0.0",
"product_id": "None.redent-2.0.0",
"product_identification_helper": {
"purl": "pkg:npm/redent@2.0.0"
}
}
},
{
"category": "product_version",
"name": "None.caniuse-lite-1.0.30000978",
"product": {
"name": "None.caniuse-lite-1.0.30000978",
"product_id": "None.caniuse-lite-1.0.30000978",
"product_identification_helper": {
"purl": "pkg:npm/caniuse-lite@1.0.30000978"
}
}
},
{
"category": "product_version",
"name": "None.object.map-1.0.1",
"product": {
"name": "None.object.map-1.0.1",
"product_id": "None.object.map-1.0.1",
"product_identification_helper": {
"purl": "pkg:npm/object.map@1.0.1"
}
}
},
{
"category": "product_version",
"name": "None.map-obj-2.0.0",
"product": {
"name": "None.map-obj-2.0.0",
"product_id": "None.map-obj-2.0.0",
"product_identification_helper": {
"purl": "pkg:npm/map-obj@2.0.0"
}
}
},
{
"category": "product_version",
"name": "None.get-stdin-7.0.0",
"product": {
"name": "None.get-stdin-7.0.0",
"product_id": "None.get-stdin-7.0.0",
"product_identification_helper": {
"purl": "pkg:npm/get-stdin@7.0.0"
}
}
},
{
"category": "product_version",
"name": "None.d3-5.9.2",
"product": {
"name": "None.d3-5.9.2",
"product_id": "None.d3-5.9.2",
"product_identification_helper": {
"purl": "pkg:npm/d3@5.9.2"
}
}
},
{
"category": "product_version",
"name": "None.d3-selection-1.4.0",
"product": {
"name": "None.d3-selection-1.4.0",
"product_id": "None.d3-selection-1.4.0",
"product_identification_helper": {
"purl": "pkg:npm/d3-selection@1.4.0"
}
}
},
{
"category": "product_version",
"name": "None.webidl-conversions-2.0.1",
"product": {
"name": "None.webidl-conversions-2.0.1",
"product_id": "None.webidl-conversions-2.0.1",
"product_identification_helper": {
"purl": "pkg:npm/webidl-conversions@2.0.1"
}
}
},
{
"category": "product_version",
"name": "None.remark-10.0.1",
"product": {
"name": "None.remark-10.0.1",
"product_id": "None.remark-10.0.1",
"product_identification_helper": {
"purl": "pkg:npm/remark@10.0.1"
}
}
},
{
"category": "product_version",
"name": "@types.d3-queue-3.0.6",
"product": {
"name": "@types.d3-queue-3.0.6",
"product_id": "@types.d3-queue-3.0.6",
"product_identification_helper": {
"purl": "pkg:npm/%40types/d3-queue@3.0.6"
}
}
},
{
"category": "product_version",
"name": "None.grunt-contrib-clean-2.0.0",
"product": {
"name": "None.grunt-contrib-clean-2.0.0",
"product_id": "None.grunt-contrib-clean-2.0.0",
"product_identification_helper": {
"purl": "pkg:npm/grunt-contrib-clean@2.0.0"
}
}
},
{
"category": "product_version",
"name": "@babel.helpers-7.4.4",
"product": {
"name": "@babel.helpers-7.4.4",
"product_id": "@babel.helpers-7.4.4",
"product_identification_helper": {
"purl": "pkg:npm/%40babel/helpers@7.4.4"
}
}
},
{
"category": "product_version",
"name": "None.grunt-cli-1.2.0",
"product": {
"name": "None.grunt-cli-1.2.0",
"product_id": "None.grunt-cli-1.2.0",
"product_identification_helper": {
"purl": "pkg:npm/grunt-cli@1.2.0"
}
}
},
{
"category": "product_version",
"name": "None.redent-1.0.0",
"product": {
"name": "None.redent-1.0.0",
"product_id": "None.redent-1.0.0",
"product_identification_helper": {
"purl": "pkg:npm/redent@1.0.0"
}
}
},
{
"category": "product_version",
"name": "None.parse-entities-1.2.2",
"product": {
"name": "None.parse-entities-1.2.2",
"product_id": "None.parse-entities-1.2.2",
"product_identification_helper": {
"purl": "pkg:npm/parse-entities@1.2.2"
}
}
},
{
"category": "product_version",
"name": "None.flatted-2.0.1",
"product": {
"name": "None.flatted-2.0.1",
"product_id": "None.flatted-2.0.1",
"product_identification_helper": {
"purl": "pkg:npm/flatted@2.0.1"
}
}
},
{
"category": "product_version",
"name": "@types.d3-selection-1.3.1",
"product": {
"name": "@types.d3-selection-1.3.1",
"product_id": "@types.d3-selection-1.3.1",
"product_identification_helper": {
"purl": "pkg:npm/%40types/d3-selection@1.3.1"
}
}
},
{
"category": "product_version",
"name": "None.jsonfile-2.4.0",
"product": {
"name": "None.jsonfile-2.4.0",
"product_id": "None.jsonfile-2.4.0",
"product_identification_helper": {
"purl": "pkg:npm/jsonfile@2.4.0"
}
}
},
{
"category": "product_version",
"name": "None.normalize-range-0.1.2",
"product": {
"name": "None.normalize-range-0.1.2",
"product_id": "None.normalize-range-0.1.2",
"product_identification_helper": {
"purl": "pkg:npm/normalize-range@0.1.2"
}
}
},
{
"category": "product_version",
"name": "None.immediate-3.2.3",
"product": {
"name": "None.immediate-3.2.3",
"product_id": "None.immediate-3.2.3",
"product_identification_helper": {
"purl": "pkg:npm/immediate@3.2.3"
}
}
},
{
"category": "product_version",
"name": "None.marked-0.3.5",
"product": {
"name": "None.marked-0.3.5",
"product_id": "None.marked-0.3.5",
"product_identification_helper": {
"purl": "pkg:npm/marked@0.3.5"
}
}
},
{
"category": "product_version",
"name": "None.meow-3.7.0",
"product": {
"name": "None.meow-3.7.0",
"product_id": "None.meow-3.7.0",
"product_identification_helper": {
"purl": "pkg:npm/meow@3.7.0"
}
}
},
{
"category": "product_version",
"name": "None.d3-hierarchy-1.1.8",
"product": {
"name": "None.d3-hierarchy-1.1.8",
"product_id": "None.d3-hierarchy-1.1.8",
"product_identification_helper": {
"purl": "pkg:npm/d3-hierarchy@1.1.8"
}
}
},
{
"category": "product_version",
"name": "None.d3-scale-chromatic-1.3.3",
"product": {
"name": "None.d3-scale-chromatic-1.3.3",
"product_id": "None.d3-scale-chromatic-1.3.3",
"product_identification_helper": {
"purl": "pkg:npm/d3-scale-chromatic@1.3.3"
}
}
},
{
"category": "product_version",
"name": "None.vuvuzela-1.0.3",
"product": {
"name": "None.vuvuzela-1.0.3",
"product_id": "None.vuvuzela-1.0.3",
"product_identification_helper": {
"purl": "pkg:npm/vuvuzela@1.0.3"
}
}
},
{
"category": "product_version",
"name": "None.reduce-css-calc-2.1.6",
"product": {
"name": "None.reduce-css-calc-2.1.6",
"product_id": "None.reduce-css-calc-2.1.6",
"product_identification_helper": {
"purl": "pkg:npm/reduce-css-calc@2.1.6"
}
}
},
{
"category": "product_version",
"name": "None.is-decimal-1.0.3",
"product": {
"name": "None.is-decimal-1.0.3",
"product_id": "None.is-decimal-1.0.3",
"product_identification_helper": {
"purl": "pkg:npm/is-decimal@1.0.3"
}
}
},
{
"category": "product_version",
"name": "None.array-each-1.0.1",
"product": {
"name": "None.array-each-1.0.1",
"product_id": "None.array-each-1.0.1",
"product_identification_helper": {
"purl": "pkg:npm/array-each@1.0.1"
}
}
},
{
"category": "product_version",
"name": "None.c3-0.7.1",
"product": {
"name": "None.c3-0.7.1",
"product_id": "None.c3-0.7.1",
"product_identification_helper": {
"purl": "pkg:npm/c3@0.7.1"
}
}
},
{
"category": "product_version",
"name": "None.jquery-3.4.1",
"product": {
"name": "None.jquery-3.4.1",
"product_id": "None.jquery-3.4.1",
"product_identification_helper": {
"purl": "pkg:npm/jquery@3.4.1"
}
}
},
{
"category": "product_version",
"name": "None.array-slice-1.1.0",
"product": {
"name": "None.array-slice-1.1.0",
"product_id": "None.array-slice-1.1.0",
"product_identification_helper": {
"purl": "pkg:npm/array-slice@1.1.0"
}
}
},
{
"category": "product_version",
"name": "None.level-concat-iterator-2.0.1",
"product": {
"name": "None.level-concat-iterator-2.0.1",
"product_id": "None.level-concat-iterator-2.0.1",
"product_identification_helper": {
"purl": "pkg:npm/level-concat-iterator@2.0.1"
}
}
},
{
"category": "product_version",
"name": "None.grunt-esdoc-0.0.4",
"product": {
"name": "None.grunt-esdoc-0.0.4",
"product_id": "None.grunt-esdoc-0.0.4",
"product_identification_helper": {
"purl": "pkg:npm/grunt-esdoc@0.0.4"
}
}
},
{
"category": "product_version",
"name": "None.tar-4.4.10",
"product": {
"name": "None.tar-4.4.10",
"product_id": "None.tar-4.4.10",
"product_identification_helper": {
"purl": "pkg:npm/tar@4.4.10"
}
}
},
{
"category": "product_version",
"name": "None.delegates-1.0.0",
"product": {
"name": "None.delegates-1.0.0",
"product_id": "None.delegates-1.0.0",
"product_identification_helper": {
"purl": "pkg:npm/delegates@1.0.0"
}
}
},
{
"category": "product_version",
"name": "None.jsdom-7.2.2",
"product": {
"name": "None.jsdom-7.2.2",
"product_id": "None.jsdom-7.2.2",
"product_identification_helper": {
"purl": "pkg:npm/jsdom@7.2.2"
}
}
},
{
"category": "product_version",
"name": "None.d3-dispatch-1.0.5",
"product": {
"name": "None.d3-dispatch-1.0.5",
"product_id": "None.d3-dispatch-1.0.5",
"product_identification_helper": {
"purl": "pkg:npm/d3-dispatch@1.0.5"
}
}
},
{
"category": "product_version",
"name": "None.has-unicode-2.0.1",
"product": {
"name": "None.has-unicode-2.0.1",
"product_id": "None.has-unicode-2.0.1",
"product_identification_helper": {
"purl": "pkg:npm/has-unicode@2.0.1"
}
}
},
{
"category": "product_version",
"name": "None.globjoin-0.1.4",
"product": {
"name": "None.globjoin-0.1.4",
"product_id": "None.globjoin-0.1.4",
"product_identification_helper": {
"purl": "pkg:npm/globjoin@0.1.4"
}
}
},
{
"category": "product_version",
"name": "None.level-5.0.1",
"product": {
"name": "None.level-5.0.1",
"product_id": "None.level-5.0.1",
"product_identification_helper": {
"purl": "pkg:npm/level@5.0.1"
}
}
},
{
"category": "product_version",
"name": "@types.d3-dsv-1.0.33",
"product": {
"name": "@types.d3-dsv-1.0.33",
"product_id": "@types.d3-dsv-1.0.33",
"product_identification_helper": {
"purl": "pkg:npm/%40types/d3-dsv@1.0.33"
}
}
},
{
"category": "product_version",
"name": "None.taffydb-2.7.3",
"product": {
"name": "None.taffydb-2.7.3",
"product_id": "None.taffydb-2.7.3",
"product_identification_helper": {
"purl": "pkg:npm/taffydb@2.7.3"
}
}
},
{
"category": "product_version",
"name": "None.cheerio-1.0.0-rc.2",
"product": {
"name": "None.cheerio-1.0.0-rc.2",
"product_id": "None.cheerio-1.0.0-rc.2",
"product_identification_helper": {
"purl": "pkg:npm/cheerio@1.0.0-rc.2"
}
}
},
{
"category": "product_version",
"name": "None.d3-format-1.3.2",
"product": {
"name": "None.d3-format-1.3.2",
"product_id": "None.d3-format-1.3.2",
"product_identification_helper": {
"purl": "pkg:npm/d3-format@1.3.2"
}
}
},
{
"category": "product_version",
"name": "None.levn-0.2.5",
"product": {
"name": "None.levn-0.2.5",
"product_id": "None.levn-0.2.5",
"product_identification_helper": {
"purl": "pkg:npm/levn@0.2.5"
}
}
},
{
"category": "product_version",
"name": "None.matchdep-2.0.0",
"product": {
"name": "None.matchdep-2.0.0",
"product_id": "None.matchdep-2.0.0",
"product_identification_helper": {
"purl": "pkg:npm/matchdep@2.0.0"
}
}
},
{
"category": "product_version",
"name": "None.node-gyp-5.0.1",
"product": {
"name": "None.node-gyp-5.0.1",
"product_id": "None.node-gyp-5.0.1",
"product_identification_helper": {
"purl": "pkg:npm/node-gyp@5.0.1"
}
}
},
{
"category": "product_version",
"name": "None.buffer-from-1.1.0",
"product": {
"name": "None.buffer-from-1.1.0",
"product_id": "None.buffer-from-1.1.0",
"product_identification_helper": {
"purl": "pkg:npm/buffer-from@1.1.0"
}
}
},
{
"category": "product_version",
"name": "None.abstract-leveldown-6.0.3",
"product": {
"name": "None.abstract-leveldown-6.0.3",
"product_id": "None.abstract-leveldown-6.0.3",
"product_identification_helper": {
"purl": "pkg:npm/abstract-leveldown@6.0.3"
}
}
},
{
"category": "product_version",
"name": "None.double-ended-queue-2.1.0-0",
"product": {
"name": "None.double-ended-queue-2.1.0-0",
"product_id": "None.double-ended-queue-2.1.0-0",
"product_identification_helper": {
"purl": "pkg:npm/double-ended-queue@2.1.0-0"
}
}
},
{
"category": "product_version",
"name": "None.d3-ease-1.0.5",
"product": {
"name": "None.d3-ease-1.0.5",
"product_id": "None.d3-ease-1.0.5",
"product_identification_helper": {
"purl": "pkg:npm/d3-ease@1.0.5"
}
}
},
{
"category": "product_version",
"name": "None.d3-array-1.2.4",
"product": {
"name": "None.d3-array-1.2.4",
"product_id": "None.d3-array-1.2.4",
"product_identification_helper": {
"purl": "pkg:npm/d3-array@1.2.4"
}
}
},
{
"category": "product_version",
"name": "None.d3-scale-2.2.2",
"product": {
"name": "None.d3-scale-2.2.2",
"product_id": "None.d3-scale-2.2.2",
"product_identification_helper": {
"purl": "pkg:npm/d3-scale@2.2.2"
}
}
},
{
"category": "product_version",
"name": "None.character-entities-1.2.3",
"product": {
"name": "None.character-entities-1.2.3",
"product_id": "None.character-entities-1.2.3",
"product_identification_helper": {
"purl": "pkg:npm/character-entities@1.2.3"
}
}
},
{
"category": "product_version",
"name": "None.bootstrap-slider-10.6.1",
"product": {
"name": "None.bootstrap-slider-10.6.1",
"product_id": "None.bootstrap-slider-10.6.1",
"product_identification_helper": {
"purl": "pkg:npm/bootstrap-slider@10.6.1"
}
}
},
{
"category": "product_version",
"name": "None.fined-1.2.0",
"product": {
"name": "None.fined-1.2.0",
"product_id": "None.fined-1.2.0",
"product_identification_helper": {
"purl": "pkg:npm/fined@1.2.0"
}
}
},
{
"category": "product_version",
"name": "None.unc-path-regex-0.1.2",
"product": {
"name": "None.unc-path-regex-0.1.2",
"product_id": "None.unc-path-regex-0.1.2",
"product_identification_helper": {
"purl": "pkg:npm/unc-path-regex@0.1.2"
}
}
},
{
"category": "product_version",
"name": "None.d3-fetch-1.1.2",
"product": {
"name": "None.d3-fetch-1.1.2",
"product_id": "None.d3-fetch-1.1.2",
"product_identification_helper": {
"purl": "pkg:npm/d3-fetch@1.1.2"
}
}
},
{
"category": "product_version",
"name": "None.read-pkg-1.1.0",
"product": {
"name": "None.read-pkg-1.1.0",
"product_id": "None.read-pkg-1.1.0",
"product_identification_helper": {
"purl": "pkg:npm/read-pkg@1.1.0"
}
}
},
{
"category": "product_version",
"name": "None.getobject-0.1.0",
"product": {
"name": "None.getobject-0.1.0",
"product_id": "None.getobject-0.1.0",
"product_identification_helper": {
"purl": "pkg:npm/getobject@0.1.0"
}
}
},
{
"category": "product_version",
"name": "None.d3-time-format-2.1.3",
"product": {
"name": "None.d3-time-format-2.1.3",
"product_id": "None.d3-time-format-2.1.3",
"product_identification_helper": {
"purl": "pkg:npm/d3-time-format@2.1.3"
}
}
},
{
"category": "product_version",
"name": "None.d3-polygon-1.0.5",
"product": {
"name": "None.d3-polygon-1.0.5",
"product_id": "None.d3-polygon-1.0.5",
"product_identification_helper": {
"purl": "pkg:npm/d3-polygon@1.0.5"
}
}
},
{
"category": "product_version",
"name": "None.postcss-media-query-parser-0.2.3",
"product": {
"name": "None.postcss-media-query-parser-0.2.3",
"product_id": "None.postcss-media-query-parser-0.2.3",
"product_identification_helper": {
"purl": "pkg:npm/postcss-media-query-parser@0.2.3"
}
}
},
{
"category": "product_version",
"name": "None.write-stream-0.4.3",
"product": {
"name": "None.write-stream-0.4.3",
"product_id": "None.write-stream-0.4.3",
"product_identification_helper": {
"purl": "pkg:npm/write-stream@0.4.3"
}
}
},
{
"category": "product_version",
"name": "@types.d3-zoom-1.7.1",
"product": {
"name": "@types.d3-zoom-1.7.1",
"product_id": "@types.d3-zoom-1.7.1",
"product_identification_helper": {
"purl": "pkg:npm/%40types/d3-zoom@1.7.1"
}
}
},
{
"category": "product_version",
"name": "None.is-hexadecimal-1.0.3",
"product": {
"name": "None.is-hexadecimal-1.0.3",
"product_id": "None.is-hexadecimal-1.0.3",
"product_identification_helper": {
"purl": "pkg:npm/is-hexadecimal@1.0.3"
}
}
},
{
"category": "product_version",
"name": "None.d3-quadtree-1.0.6",
"product": {
"name": "None.d3-quadtree-1.0.6",
"product_id": "None.d3-quadtree-1.0.6",
"product_identification_helper": {
"purl": "pkg:npm/d3-quadtree@1.0.6"
}
}
},
{
"category": "product_version",
"name": "@types.d3-transition-1.1.1",
"product": {
"name": "@types.d3-transition-1.1.1",
"product_id": "@types.d3-transition-1.1.1",
"product_identification_helper": {
"purl": "pkg:npm/%40types/d3-transition@1.1.1"
}
}
},
{
"category": "product_version",
"name": "None.clone-buffer-1.0.0",
"product": {
"name": "None.clone-buffer-1.0.0",
"product_id": "None.clone-buffer-1.0.0",
"product_identification_helper": {
"purl": "pkg:npm/clone-buffer@1.0.0"
}
}
},
{
"category": "product_version",
"name": "None.grunt-css-count-0.3.2",
"product": {
"name": "None.grunt-css-count-0.3.2",
"product_id": "None.grunt-css-count-0.3.2",
"product_identification_helper": {
"purl": "pkg:npm/grunt-css-count@0.3.2"
}
}
},
{
"category": "product_version",
"name": "None.datatables.net-buttons-1.5.6",
"product": {
"name": "None.datatables.net-buttons-1.5.6",
"product_id": "None.datatables.net-buttons-1.5.6",
"product_identification_helper": {
"purl": "pkg:npm/datatables.net-buttons@1.5.6"
}
}
},
{
"category": "product_version",
"name": "None.acorn-globals-1.0.9",
"product": {
"name": "None.acorn-globals-1.0.9",
"product_id": "None.acorn-globals-1.0.9",
"product_identification_helper": {
"purl": "pkg:npm/acorn-globals@1.0.9"
}
}
},
{
"category": "product_version",
"name": "None.find-up-1.1.2",
"product": {
"name": "None.find-up-1.1.2",
"product_id": "None.find-up-1.1.2",
"product_identification_helper": {
"purl": "pkg:npm/find-up@1.1.2"
}
}
},
{
"category": "product_version",
"name": "None.js-cookie-2.2.0",
"product": {
"name": "None.js-cookie-2.2.0",
"product_id": "None.js-cookie-2.2.0",
"product_identification_helper": {
"purl": "pkg:npm/js-cookie@2.2.0"
}
}
},
{
"category": "product_version",
"name": "None.fast-future-1.0.2",
"product": {
"name": "None.fast-future-1.0.2",
"product_id": "None.fast-future-1.0.2",
"product_identification_helper": {
"purl": "pkg:npm/fast-future@1.0.2"
}
}
},
{
"category": "product_version",
"name": "None.postcss-resolve-nested-selector-0.1.1",
"product": {
"name": "None.postcss-resolve-nested-selector-0.1.1",
"product_id": "None.postcss-resolve-nested-selector-0.1.1",
"product_identification_helper": {
"purl": "pkg:npm/postcss-resolve-nested-selector@0.1.1"
}
}
},
{
"category": "product_version",
"name": "None.whatwg-fetch-3.0.0",
"product": {
"name": "None.whatwg-fetch-3.0.0",
"product_id": "None.whatwg-fetch-3.0.0",
"product_identification_helper": {
"purl": "pkg:npm/whatwg-fetch@3.0.0"
}
}
},
{
"category": "product_version",
"name": "@types.d3-format-1.3.0",
"product": {
"name": "@types.d3-format-1.3.0",
"product_id": "@types.d3-format-1.3.0",
"product_identification_helper": {
"purl": "pkg:npm/%40types/d3-format@1.3.0"
}
}
},
{
"category": "product_version",
"name": "None.grunt-contrib-less-2.0.0",
"product": {
"name": "None.grunt-contrib-less-2.0.0",
"product_id": "None.grunt-contrib-less-2.0.0",
"product_identification_helper": {
"purl": "pkg:npm/grunt-contrib-less@2.0.0"
}
}
},
{
"category": "product_version",
"name": "None.rechoir-0.6.2",
"product": {
"name": "None.rechoir-0.6.2",
"product_id": "None.rechoir-0.6.2",
"product_identification_helper": {
"purl": "pkg:npm/rechoir@0.6.2"
}
}
},
{
"category": "product_version",
"name": "None.raw-body-1.1.7",
"product": {
"name": "None.raw-body-1.1.7",
"product_id": "None.raw-body-1.1.7",
"product_identification_helper": {
"purl": "pkg:npm/raw-body@1.1.7"
}
}
},
{
"category": "product_version",
"name": "None.trim-0.0.1",
"product": {
"name": "None.trim-0.0.1",
"product_id": "None.trim-0.0.1",
"product_identification_helper": {
"purl": "pkg:npm/trim@0.0.1"
}
}
},
{
"category": "product_version",
"name": "None.fill-range-7.0.1",
"product": {
"name": "None.fill-range-7.0.1",
"product_id": "None.fill-range-7.0.1",
"product_identification_helper": {
"purl": "pkg:npm/fill-range@7.0.1"
}
}
},
{
"category": "product_version",
"name": "None.delegate-3.2.0",
"product": {
"name": "None.delegate-3.2.0",
"product_id": "None.delegate-3.2.0",
"product_identification_helper": {
"purl": "pkg:npm/delegate@3.2.0"
}
}
},
{
"category": "product_version",
"name": "None.select-1.1.2",
"product": {
"name": "None.select-1.1.2",
"product_id": "None.select-1.1.2",
"product_identification_helper": {
"purl": "pkg:npm/select@1.1.2"
}
}
},
{
"category": "product_version",
"name": "None.tiny-emitter-2.1.0",
"product": {
"name": "None.tiny-emitter-2.1.0",
"product_id": "None.tiny-emitter-2.1.0",
"product_identification_helper": {
"purl": "pkg:npm/tiny-emitter@2.1.0"
}
}
},
{
"category": "product_version",
"name": "None.good-listener-1.2.2",
"product": {
"name": "None.good-listener-1.2.2",
"product_id": "None.good-listener-1.2.2",
"product_identification_helper": {
"purl": "pkg:npm/good-listener@1.2.2"
}
}
},
{
"category": "product_version",
"name": "None.minimist-1.2.6",
"product": {
"name": "None.minimist-1.2.6",
"product_id": "None.minimist-1.2.6",
"product_identification_helper": {
"purl": "pkg:npm/minimist@1.2.6"
}
}
},
{
"category": "product_version",
"name": "None.clipboard-2.0.11",
"product": {
"name": "None.clipboard-2.0.11",
"product_id": "None.clipboard-2.0.11",
"product_identification_helper": {
"purl": "pkg:npm/clipboard@2.0.11"
}
}
},
{
"category": "product_version",
"name": "None.moment-2.29.4",
"product": {
"name": "None.moment-2.29.4",
"product_id": "None.moment-2.29.4",
"product_identification_helper": {
"purl": "pkg:npm/moment@2.29.4"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "@babel.code-frame-7.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :@babel.code-frame-7.0.0"
},
"product_reference": "@babel.code-frame-7.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "@babel.core-7.4.5 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :@babel.core-7.4.5"
},
"product_reference": "@babel.core-7.4.5",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "@babel.generator-7.4.4 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :@babel.generator-7.4.4"
},
"product_reference": "@babel.generator-7.4.4",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "@babel.helper-function-name-7.1.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :@babel.helper-function-name-7.1.0"
},
"product_reference": "@babel.helper-function-name-7.1.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "@babel.helper-get-function-arity-7.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :@babel.helper-get-function-arity-7.0.0"
},
"product_reference": "@babel.helper-get-function-arity-7.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "@babel.helper-split-export-declaration-7.4.4 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :@babel.helper-split-export-declaration-7.4.4"
},
"product_reference": "@babel.helper-split-export-declaration-7.4.4",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "@babel.helpers-7.4.4 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :@babel.helpers-7.4.4"
},
"product_reference": "@babel.helpers-7.4.4",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "@babel.highlight-7.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :@babel.highlight-7.0.0"
},
"product_reference": "@babel.highlight-7.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "@babel.parser-7.4.5 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :@babel.parser-7.4.5"
},
"product_reference": "@babel.parser-7.4.5",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "@babel.template-7.4.4 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :@babel.template-7.4.4"
},
"product_reference": "@babel.template-7.4.4",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "@babel.traverse-7.4.5 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :@babel.traverse-7.4.5"
},
"product_reference": "@babel.traverse-7.4.5",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "@babel.types-7.4.4 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :@babel.types-7.4.4"
},
"product_reference": "@babel.types-7.4.4",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "@mrmlnc.readdir-enhanced-2.2.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :@mrmlnc.readdir-enhanced-2.2.1"
},
"product_reference": "@mrmlnc.readdir-enhanced-2.2.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "@nodelib.fs.stat-1.1.3 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :@nodelib.fs.stat-1.1.3"
},
"product_reference": "@nodelib.fs.stat-1.1.3",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "@types.c3-0.6.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :@types.c3-0.6.0"
},
"product_reference": "@types.c3-0.6.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "@types.d3-4.13.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :@types.d3-4.13.0"
},
"product_reference": "@types.d3-4.13.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "@types.d3-array-1.2.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :@types.d3-array-1.2.1"
},
"product_reference": "@types.d3-array-1.2.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "@types.d3-axis-1.0.10 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :@types.d3-axis-1.0.10"
},
"product_reference": "@types.d3-axis-1.0.10",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "@types.d3-brush-1.0.8 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :@types.d3-brush-1.0.8"
},
"product_reference": "@types.d3-brush-1.0.8",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "@types.d3-chord-1.0.7 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :@types.d3-chord-1.0.7"
},
"product_reference": "@types.d3-chord-1.0.7",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "@types.d3-collection-1.0.7 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :@types.d3-collection-1.0.7"
},
"product_reference": "@types.d3-collection-1.0.7",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "@types.d3-color-1.2.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :@types.d3-color-1.2.1"
},
"product_reference": "@types.d3-color-1.2.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "@types.d3-dispatch-1.0.6 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :@types.d3-dispatch-1.0.6"
},
"product_reference": "@types.d3-dispatch-1.0.6",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "@types.d3-drag-1.2.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :@types.d3-drag-1.2.1"
},
"product_reference": "@types.d3-drag-1.2.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "@types.d3-dsv-1.0.33 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :@types.d3-dsv-1.0.33"
},
"product_reference": "@types.d3-dsv-1.0.33",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "@types.d3-ease-1.0.7 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :@types.d3-ease-1.0.7"
},
"product_reference": "@types.d3-ease-1.0.7",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "@types.d3-force-1.1.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :@types.d3-force-1.1.1"
},
"product_reference": "@types.d3-force-1.1.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "@types.d3-format-1.3.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :@types.d3-format-1.3.0"
},
"product_reference": "@types.d3-format-1.3.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "@types.d3-geo-1.10.3 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :@types.d3-geo-1.10.3"
},
"product_reference": "@types.d3-geo-1.10.3",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "@types.d3-hierarchy-1.1.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :@types.d3-hierarchy-1.1.2"
},
"product_reference": "@types.d3-hierarchy-1.1.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "@types.d3-interpolate-1.2.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :@types.d3-interpolate-1.2.0"
},
"product_reference": "@types.d3-interpolate-1.2.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "@types.d3-path-1.0.7 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :@types.d3-path-1.0.7"
},
"product_reference": "@types.d3-path-1.0.7",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "@types.d3-polygon-1.0.6 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :@types.d3-polygon-1.0.6"
},
"product_reference": "@types.d3-polygon-1.0.6",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "@types.d3-quadtree-1.0.5 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :@types.d3-quadtree-1.0.5"
},
"product_reference": "@types.d3-quadtree-1.0.5",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "@types.d3-queue-3.0.6 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :@types.d3-queue-3.0.6"
},
"product_reference": "@types.d3-queue-3.0.6",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "@types.d3-random-1.1.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :@types.d3-random-1.1.1"
},
"product_reference": "@types.d3-random-1.1.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "@types.d3-request-1.0.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :@types.d3-request-1.0.2"
},
"product_reference": "@types.d3-request-1.0.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "@types.d3-scale-1.0.13 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :@types.d3-scale-1.0.13"
},
"product_reference": "@types.d3-scale-1.0.13",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "@types.d3-selection-1.3.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :@types.d3-selection-1.3.1"
},
"product_reference": "@types.d3-selection-1.3.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "@types.d3-shape-1.2.3 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :@types.d3-shape-1.2.3"
},
"product_reference": "@types.d3-shape-1.2.3",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "@types.d3-time-1.0.8 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :@types.d3-time-1.0.8"
},
"product_reference": "@types.d3-time-1.0.8",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "@types.d3-time-format-2.1.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :@types.d3-time-format-2.1.0"
},
"product_reference": "@types.d3-time-format-2.1.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "@types.d3-timer-1.0.7 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :@types.d3-timer-1.0.7"
},
"product_reference": "@types.d3-timer-1.0.7",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "@types.d3-transition-1.1.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :@types.d3-transition-1.1.1"
},
"product_reference": "@types.d3-transition-1.1.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "@types.d3-voronoi-1.1.7 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :@types.d3-voronoi-1.1.7"
},
"product_reference": "@types.d3-voronoi-1.1.7",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "@types.d3-zoom-1.7.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :@types.d3-zoom-1.7.1"
},
"product_reference": "@types.d3-zoom-1.7.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "@types.events-3.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :@types.events-3.0.0"
},
"product_reference": "@types.events-3.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "@types.geojson-7946.0.3 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :@types.geojson-7946.0.3"
},
"product_reference": "@types.geojson-7946.0.3",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "@types.glob-7.1.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :@types.glob-7.1.1"
},
"product_reference": "@types.glob-7.1.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "@types.minimatch-3.0.3 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :@types.minimatch-3.0.3"
},
"product_reference": "@types.minimatch-3.0.3",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "@types.node-12.0.10 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :@types.node-12.0.10"
},
"product_reference": "@types.node-12.0.10",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "@types.unist-2.0.3 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :@types.unist-2.0.3"
},
"product_reference": "@types.unist-2.0.3",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "@types.vfile-3.0.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :@types.vfile-3.0.2"
},
"product_reference": "@types.vfile-3.0.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "@types.vfile-message-1.0.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :@types.vfile-message-1.0.1"
},
"product_reference": "@types.vfile-message-1.0.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.abab-1.0.4 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.abab-1.0.4"
},
"product_reference": "None.abab-1.0.4",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.abbrev-1.1.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.abbrev-1.1.1"
},
"product_reference": "None.abbrev-1.1.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.abstract-leveldown-6.0.3 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.abstract-leveldown-6.0.3"
},
"product_reference": "None.abstract-leveldown-6.0.3",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.ace-builds-1.4.5 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.ace-builds-1.4.5"
},
"product_reference": "None.ace-builds-1.4.5",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.acorn-2.7.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.acorn-2.7.0"
},
"product_reference": "None.acorn-2.7.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.acorn-globals-1.0.9 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.acorn-globals-1.0.9"
},
"product_reference": "None.acorn-globals-1.0.9",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.ajv-6.10.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.ajv-6.10.0"
},
"product_reference": "None.ajv-6.10.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.amdefine-1.0.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.amdefine-1.0.1"
},
"product_reference": "None.amdefine-1.0.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.ansi-regex-2.1.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.ansi-regex-2.1.1"
},
"product_reference": "None.ansi-regex-2.1.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.ansi-regex-4.1.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.ansi-regex-4.1.0"
},
"product_reference": "None.ansi-regex-4.1.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.ansi-styles-2.2.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.ansi-styles-2.2.1"
},
"product_reference": "None.ansi-styles-2.2.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.ansi-styles-3.2.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.ansi-styles-3.2.1"
},
"product_reference": "None.ansi-styles-3.2.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.aproba-1.2.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.aproba-1.2.0"
},
"product_reference": "None.aproba-1.2.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.are-we-there-yet-1.1.5 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.are-we-there-yet-1.1.5"
},
"product_reference": "None.are-we-there-yet-1.1.5",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.argparse-1.0.10 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.argparse-1.0.10"
},
"product_reference": "None.argparse-1.0.10",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.argsarray-0.0.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.argsarray-0.0.1"
},
"product_reference": "None.argsarray-0.0.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.arr-diff-4.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.arr-diff-4.0.0"
},
"product_reference": "None.arr-diff-4.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.arr-flatten-1.1.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.arr-flatten-1.1.0"
},
"product_reference": "None.arr-flatten-1.1.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.arr-union-3.1.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.arr-union-3.1.0"
},
"product_reference": "None.arr-union-3.1.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.array-each-1.0.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.array-each-1.0.1"
},
"product_reference": "None.array-each-1.0.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.array-find-index-1.0.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.array-find-index-1.0.2"
},
"product_reference": "None.array-find-index-1.0.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.array-slice-1.1.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.array-slice-1.1.0"
},
"product_reference": "None.array-slice-1.1.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.array-union-1.0.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.array-union-1.0.2"
},
"product_reference": "None.array-union-1.0.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.array-uniq-1.0.3 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.array-uniq-1.0.3"
},
"product_reference": "None.array-uniq-1.0.3",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.array-unique-0.3.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.array-unique-0.3.2"
},
"product_reference": "None.array-unique-0.3.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.arrify-1.0.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.arrify-1.0.1"
},
"product_reference": "None.arrify-1.0.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.artemis-service.exe-None as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.artemis-service.exe-None"
},
"product_reference": "None.artemis-service.exe-None",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.asap-2.0.6 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.asap-2.0.6"
},
"product_reference": "None.asap-2.0.6",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.asn1-0.2.4 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.asn1-0.2.4"
},
"product_reference": "None.asn1-0.2.4",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.assert-plus-1.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.assert-plus-1.0.0"
},
"product_reference": "None.assert-plus-1.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.assign-symbols-1.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.assign-symbols-1.0.0"
},
"product_reference": "None.assign-symbols-1.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.astral-regex-1.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.astral-regex-1.0.0"
},
"product_reference": "None.astral-regex-1.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.async-1.5.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.async-1.5.2"
},
"product_reference": "None.async-1.5.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.async-2.6.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.async-2.6.2"
},
"product_reference": "None.async-2.6.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.asynckit-0.4.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.asynckit-0.4.0"
},
"product_reference": "None.asynckit-0.4.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.atob-2.1.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.atob-2.1.2"
},
"product_reference": "None.atob-2.1.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.autocompleter-4.0.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.autocompleter-4.0.2"
},
"product_reference": "None.autocompleter-4.0.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.autoprefixer-9.6.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.autoprefixer-9.6.0"
},
"product_reference": "None.autoprefixer-9.6.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.aws-sign2-0.7.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.aws-sign2-0.7.0"
},
"product_reference": "None.aws-sign2-0.7.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.aws4-1.8.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.aws4-1.8.0"
},
"product_reference": "None.aws4-1.8.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.babel-code-frame-6.26.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.babel-code-frame-6.26.0"
},
"product_reference": "None.babel-code-frame-6.26.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.babel-generator-6.26.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.babel-generator-6.26.1"
},
"product_reference": "None.babel-generator-6.26.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.babel-messages-6.23.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.babel-messages-6.23.0"
},
"product_reference": "None.babel-messages-6.23.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.babel-runtime-6.26.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.babel-runtime-6.26.0"
},
"product_reference": "None.babel-runtime-6.26.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.babel-traverse-6.26.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.babel-traverse-6.26.0"
},
"product_reference": "None.babel-traverse-6.26.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.babel-types-6.26.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.babel-types-6.26.0"
},
"product_reference": "None.babel-types-6.26.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.babylon-6.18.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.babylon-6.18.0"
},
"product_reference": "None.babylon-6.18.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.bail-1.0.4 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.bail-1.0.4"
},
"product_reference": "None.bail-1.0.4",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.balanced-match-1.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.balanced-match-1.0.0"
},
"product_reference": "None.balanced-match-1.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.base-0.11.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.base-0.11.2"
},
"product_reference": "None.base-0.11.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.bcrypt-pbkdf-1.0.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.bcrypt-pbkdf-1.0.2"
},
"product_reference": "None.bcrypt-pbkdf-1.0.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.body-5.1.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.body-5.1.0"
},
"product_reference": "None.body-5.1.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.boolbase-1.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.boolbase-1.0.0"
},
"product_reference": "None.boolbase-1.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.bootstrap-3.3.7 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.bootstrap-3.3.7"
},
"product_reference": "None.bootstrap-3.3.7",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.bootstrap-3.4.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.bootstrap-3.4.1"
},
"product_reference": "None.bootstrap-3.4.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.bootstrap-datepicker-1.8.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.bootstrap-datepicker-1.8.0"
},
"product_reference": "None.bootstrap-datepicker-1.8.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.bootstrap-datepicker-1.9.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.bootstrap-datepicker-1.9.0"
},
"product_reference": "None.bootstrap-datepicker-1.9.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.bootstrap-sass-3.4.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.bootstrap-sass-3.4.1"
},
"product_reference": "None.bootstrap-sass-3.4.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.bootstrap-select-1.12.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.bootstrap-select-1.12.2"
},
"product_reference": "None.bootstrap-select-1.12.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.bootstrap-select-1.13.10 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.bootstrap-select-1.13.10"
},
"product_reference": "None.bootstrap-select-1.13.10",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.bootstrap-slider-10.6.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.bootstrap-slider-10.6.1"
},
"product_reference": "None.bootstrap-slider-10.6.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.bootstrap-slider-9.10.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.bootstrap-slider-9.10.0"
},
"product_reference": "None.bootstrap-slider-9.10.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.bootstrap-switch-3.3.4 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.bootstrap-switch-3.3.4"
},
"product_reference": "None.bootstrap-switch-3.3.4",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.bootstrap-switch-3.3.5 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.bootstrap-switch-3.3.5"
},
"product_reference": "None.bootstrap-switch-3.3.5",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.bootstrap-touchspin-3.1.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.bootstrap-touchspin-3.1.1"
},
"product_reference": "None.bootstrap-touchspin-3.1.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.brace-expansion-1.1.11 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.brace-expansion-1.1.11"
},
"product_reference": "None.brace-expansion-1.1.11",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.braces-2.3.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.braces-2.3.2"
},
"product_reference": "None.braces-2.3.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.braces-3.0.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.braces-3.0.2"
},
"product_reference": "None.braces-3.0.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.browserslist-4.6.3 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.browserslist-4.6.3"
},
"product_reference": "None.browserslist-4.6.3",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.buffer-from-1.1.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.buffer-from-1.1.0"
},
"product_reference": "None.buffer-from-1.1.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.bytes-1.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.bytes-1.0.0"
},
"product_reference": "None.bytes-1.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.c3-0.4.23 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.c3-0.4.23"
},
"product_reference": "None.c3-0.4.23",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.c3-0.7.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.c3-0.7.1"
},
"product_reference": "None.c3-0.7.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.cache-base-1.0.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.cache-base-1.0.1"
},
"product_reference": "None.cache-base-1.0.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.call-me-maybe-1.0.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.call-me-maybe-1.0.1"
},
"product_reference": "None.call-me-maybe-1.0.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.caller-callsite-2.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.caller-callsite-2.0.0"
},
"product_reference": "None.caller-callsite-2.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.caller-path-2.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.caller-path-2.0.0"
},
"product_reference": "None.caller-path-2.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.callsites-2.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.callsites-2.0.0"
},
"product_reference": "None.callsites-2.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.camelcase-2.1.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.camelcase-2.1.1"
},
"product_reference": "None.camelcase-2.1.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.camelcase-4.1.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.camelcase-4.1.0"
},
"product_reference": "None.camelcase-4.1.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.camelcase-keys-2.1.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.camelcase-keys-2.1.0"
},
"product_reference": "None.camelcase-keys-2.1.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.camelcase-keys-4.2.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.camelcase-keys-4.2.0"
},
"product_reference": "None.camelcase-keys-4.2.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.caniuse-lite-1.0.30000978 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.caniuse-lite-1.0.30000978"
},
"product_reference": "None.caniuse-lite-1.0.30000978",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.caseless-0.12.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.caseless-0.12.0"
},
"product_reference": "None.caseless-0.12.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.ccount-1.0.4 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.ccount-1.0.4"
},
"product_reference": "None.ccount-1.0.4",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.chalk-1.1.3 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.chalk-1.1.3"
},
"product_reference": "None.chalk-1.1.3",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.chalk-2.4.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.chalk-2.4.2"
},
"product_reference": "None.chalk-2.4.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.character-entities-1.2.3 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.character-entities-1.2.3"
},
"product_reference": "None.character-entities-1.2.3",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.character-entities-html4-1.1.3 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.character-entities-html4-1.1.3"
},
"product_reference": "None.character-entities-html4-1.1.3",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.character-entities-legacy-1.1.3 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.character-entities-legacy-1.1.3"
},
"product_reference": "None.character-entities-legacy-1.1.3",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.character-reference-invalid-1.1.3 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.character-reference-invalid-1.1.3"
},
"product_reference": "None.character-reference-invalid-1.1.3",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.cheerio-0.20.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.cheerio-0.20.0"
},
"product_reference": "None.cheerio-0.20.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.cheerio-1.0.0-rc.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.cheerio-1.0.0-rc.2"
},
"product_reference": "None.cheerio-1.0.0-rc.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.chownr-1.1.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.chownr-1.1.1"
},
"product_reference": "None.chownr-1.1.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.class-utils-0.3.6 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.class-utils-0.3.6"
},
"product_reference": "None.class-utils-0.3.6",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.clean-css-4.2.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.clean-css-4.2.1"
},
"product_reference": "None.clean-css-4.2.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.clipboard-2.0.11 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.clipboard-2.0.11"
},
"product_reference": "None.clipboard-2.0.11",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.clone-2.1.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.clone-2.1.2"
},
"product_reference": "None.clone-2.1.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.clone-buffer-1.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.clone-buffer-1.0.0"
},
"product_reference": "None.clone-buffer-1.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.clone-regexp-2.2.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.clone-regexp-2.2.0"
},
"product_reference": "None.clone-regexp-2.2.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.code-point-at-1.1.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.code-point-at-1.1.0"
},
"product_reference": "None.code-point-at-1.1.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.coffeescript-1.10.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.coffeescript-1.10.0"
},
"product_reference": "None.coffeescript-1.10.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.collapse-white-space-1.0.5 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.collapse-white-space-1.0.5"
},
"product_reference": "None.collapse-white-space-1.0.5",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.collection-visit-1.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.collection-visit-1.0.0"
},
"product_reference": "None.collection-visit-1.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.color-convert-1.9.3 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.color-convert-1.9.3"
},
"product_reference": "None.color-convert-1.9.3",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.color-logger-0.0.3 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.color-logger-0.0.3"
},
"product_reference": "None.color-logger-0.0.3",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.color-logger-0.0.6 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.color-logger-0.0.6"
},
"product_reference": "None.color-logger-0.0.6",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.color-name-1.1.3 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.color-name-1.1.3"
},
"product_reference": "None.color-name-1.1.3",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.colors-1.1.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.colors-1.1.2"
},
"product_reference": "None.colors-1.1.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.combined-stream-1.0.8 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.combined-stream-1.0.8"
},
"product_reference": "None.combined-stream-1.0.8",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.commander-2.20.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.commander-2.20.0"
},
"product_reference": "None.commander-2.20.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.component-emitter-1.3.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.component-emitter-1.3.0"
},
"product_reference": "None.component-emitter-1.3.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.concat-map-0.0.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.concat-map-0.0.1"
},
"product_reference": "None.concat-map-0.0.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.console-control-strings-1.1.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.console-control-strings-1.1.0"
},
"product_reference": "None.console-control-strings-1.1.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.continuable-cache-0.3.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.continuable-cache-0.3.1"
},
"product_reference": "None.continuable-cache-0.3.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.convert-source-map-1.6.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.convert-source-map-1.6.0"
},
"product_reference": "None.convert-source-map-1.6.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.copy-descriptor-0.1.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.copy-descriptor-0.1.1"
},
"product_reference": "None.copy-descriptor-0.1.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.core-js-0.9.18 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.core-js-0.9.18"
},
"product_reference": "None.core-js-0.9.18",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.core-js-2.6.9 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.core-js-2.6.9"
},
"product_reference": "None.core-js-2.6.9",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.core-util-is-1.0.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.core-util-is-1.0.2"
},
"product_reference": "None.core-util-is-1.0.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.cosmiconfig-5.2.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.cosmiconfig-5.2.1"
},
"product_reference": "None.cosmiconfig-5.2.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.css-2.2.4 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.css-2.2.4"
},
"product_reference": "None.css-2.2.4",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.css-parse-2.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.css-parse-2.0.0"
},
"product_reference": "None.css-parse-2.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.css-select-1.2.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.css-select-1.2.0"
},
"product_reference": "None.css-select-1.2.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.css-unit-converter-1.1.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.css-unit-converter-1.1.1"
},
"product_reference": "None.css-unit-converter-1.1.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.css-what-2.1.3 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.css-what-2.1.3"
},
"product_reference": "None.css-what-2.1.3",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.cssom-0.3.6 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.cssom-0.3.6"
},
"product_reference": "None.cssom-0.3.6",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.cssstyle-0.2.37 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.cssstyle-0.2.37"
},
"product_reference": "None.cssstyle-0.2.37",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.currently-unhandled-0.4.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.currently-unhandled-0.4.1"
},
"product_reference": "None.currently-unhandled-0.4.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.d3-3.5.17 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.d3-3.5.17"
},
"product_reference": "None.d3-3.5.17",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.d3-5.9.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.d3-5.9.2"
},
"product_reference": "None.d3-5.9.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.d3-array-1.2.4 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.d3-array-1.2.4"
},
"product_reference": "None.d3-array-1.2.4",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.d3-axis-1.0.12 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.d3-axis-1.0.12"
},
"product_reference": "None.d3-axis-1.0.12",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.d3-brush-1.0.6 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.d3-brush-1.0.6"
},
"product_reference": "None.d3-brush-1.0.6",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.d3-chord-1.0.6 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.d3-chord-1.0.6"
},
"product_reference": "None.d3-chord-1.0.6",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.d3-collection-1.0.7 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.d3-collection-1.0.7"
},
"product_reference": "None.d3-collection-1.0.7",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.d3-color-1.2.3 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.d3-color-1.2.3"
},
"product_reference": "None.d3-color-1.2.3",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.d3-contour-1.3.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.d3-contour-1.3.2"
},
"product_reference": "None.d3-contour-1.3.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.d3-dispatch-1.0.5 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.d3-dispatch-1.0.5"
},
"product_reference": "None.d3-dispatch-1.0.5",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.d3-drag-1.2.3 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.d3-drag-1.2.3"
},
"product_reference": "None.d3-drag-1.2.3",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.d3-dsv-1.1.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.d3-dsv-1.1.1"
},
"product_reference": "None.d3-dsv-1.1.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.d3-ease-1.0.5 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.d3-ease-1.0.5"
},
"product_reference": "None.d3-ease-1.0.5",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.d3-fetch-1.1.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.d3-fetch-1.1.2"
},
"product_reference": "None.d3-fetch-1.1.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.d3-force-1.2.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.d3-force-1.2.1"
},
"product_reference": "None.d3-force-1.2.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.d3-format-1.3.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.d3-format-1.3.2"
},
"product_reference": "None.d3-format-1.3.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.d3-geo-1.11.6 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.d3-geo-1.11.6"
},
"product_reference": "None.d3-geo-1.11.6",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.d3-hierarchy-1.1.8 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.d3-hierarchy-1.1.8"
},
"product_reference": "None.d3-hierarchy-1.1.8",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.d3-interpolate-1.3.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.d3-interpolate-1.3.2"
},
"product_reference": "None.d3-interpolate-1.3.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.d3-path-1.0.7 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.d3-path-1.0.7"
},
"product_reference": "None.d3-path-1.0.7",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.d3-polygon-1.0.5 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.d3-polygon-1.0.5"
},
"product_reference": "None.d3-polygon-1.0.5",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.d3-quadtree-1.0.6 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.d3-quadtree-1.0.6"
},
"product_reference": "None.d3-quadtree-1.0.6",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.d3-random-1.1.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.d3-random-1.1.2"
},
"product_reference": "None.d3-random-1.1.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.d3-scale-2.2.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.d3-scale-2.2.2"
},
"product_reference": "None.d3-scale-2.2.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.d3-scale-chromatic-1.3.3 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.d3-scale-chromatic-1.3.3"
},
"product_reference": "None.d3-scale-chromatic-1.3.3",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.d3-selection-1.4.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.d3-selection-1.4.0"
},
"product_reference": "None.d3-selection-1.4.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.d3-shape-1.3.5 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.d3-shape-1.3.5"
},
"product_reference": "None.d3-shape-1.3.5",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.d3-time-1.0.11 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.d3-time-1.0.11"
},
"product_reference": "None.d3-time-1.0.11",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.d3-time-format-2.1.3 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.d3-time-format-2.1.3"
},
"product_reference": "None.d3-time-format-2.1.3",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.d3-timer-1.0.9 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.d3-timer-1.0.9"
},
"product_reference": "None.d3-timer-1.0.9",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.d3-transition-1.2.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.d3-transition-1.2.0"
},
"product_reference": "None.d3-transition-1.2.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.d3-voronoi-1.1.4 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.d3-voronoi-1.1.4"
},
"product_reference": "None.d3-voronoi-1.1.4",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.d3-zoom-1.7.3 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.d3-zoom-1.7.3"
},
"product_reference": "None.d3-zoom-1.7.3",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.dashdash-1.14.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.dashdash-1.14.1"
},
"product_reference": "None.dashdash-1.14.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.datatables.net-1.10.16 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.datatables.net-1.10.16"
},
"product_reference": "None.datatables.net-1.10.16",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.datatables.net-1.10.19 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.datatables.net-1.10.19"
},
"product_reference": "None.datatables.net-1.10.19",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.datatables.net-bs-1.10.16 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.datatables.net-bs-1.10.16"
},
"product_reference": "None.datatables.net-bs-1.10.16",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.datatables.net-buttons-1.5.6 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.datatables.net-buttons-1.5.6"
},
"product_reference": "None.datatables.net-buttons-1.5.6",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.datatables.net-colreorder-1.4.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.datatables.net-colreorder-1.4.1"
},
"product_reference": "None.datatables.net-colreorder-1.4.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.datatables.net-colreorder-bs-1.3.3 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.datatables.net-colreorder-bs-1.3.3"
},
"product_reference": "None.datatables.net-colreorder-bs-1.3.3",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.datatables.net-keytable-2.5.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.datatables.net-keytable-2.5.0"
},
"product_reference": "None.datatables.net-keytable-2.5.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.datatables.net-select-1.2.7 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.datatables.net-select-1.2.7"
},
"product_reference": "None.datatables.net-select-1.2.7",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.datatables.net-select-1.3.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.datatables.net-select-1.3.0"
},
"product_reference": "None.datatables.net-select-1.3.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.dateformat-1.0.12 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.dateformat-1.0.12"
},
"product_reference": "None.dateformat-1.0.12",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.debug-2.6.9 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.debug-2.6.9"
},
"product_reference": "None.debug-2.6.9",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.debug-3.2.6 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.debug-3.2.6"
},
"product_reference": "None.debug-3.2.6",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.debug-4.1.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.debug-4.1.1"
},
"product_reference": "None.debug-4.1.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.decamelize-1.2.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.decamelize-1.2.0"
},
"product_reference": "None.decamelize-1.2.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.decamelize-keys-1.1.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.decamelize-keys-1.1.0"
},
"product_reference": "None.decamelize-keys-1.1.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.decode-uri-component-0.2.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.decode-uri-component-0.2.0"
},
"product_reference": "None.decode-uri-component-0.2.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.deep-is-0.1.3 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.deep-is-0.1.3"
},
"product_reference": "None.deep-is-0.1.3",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.deferred-leveldown-5.0.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.deferred-leveldown-5.0.1"
},
"product_reference": "None.deferred-leveldown-5.0.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.define-property-0.2.5 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.define-property-0.2.5"
},
"product_reference": "None.define-property-0.2.5",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.define-property-1.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.define-property-1.0.0"
},
"product_reference": "None.define-property-1.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.define-property-2.0.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.define-property-2.0.2"
},
"product_reference": "None.define-property-2.0.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.delayed-stream-1.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.delayed-stream-1.0.0"
},
"product_reference": "None.delayed-stream-1.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.delegate-3.2.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.delegate-3.2.0"
},
"product_reference": "None.delegate-3.2.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.delegates-1.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.delegates-1.0.0"
},
"product_reference": "None.delegates-1.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.detect-file-1.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.detect-file-1.0.0"
},
"product_reference": "None.detect-file-1.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.detect-indent-4.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.detect-indent-4.0.0"
},
"product_reference": "None.detect-indent-4.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.diff-3.5.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.diff-3.5.0"
},
"product_reference": "None.diff-3.5.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.dir-glob-2.2.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.dir-glob-2.2.2"
},
"product_reference": "None.dir-glob-2.2.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.dom-serializer-0.1.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.dom-serializer-0.1.1"
},
"product_reference": "None.dom-serializer-0.1.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.domelementtype-1.3.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.domelementtype-1.3.1"
},
"product_reference": "None.domelementtype-1.3.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.domhandler-2.3.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.domhandler-2.3.0"
},
"product_reference": "None.domhandler-2.3.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.domhandler-2.4.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.domhandler-2.4.2"
},
"product_reference": "None.domhandler-2.4.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.domutils-1.5.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.domutils-1.5.1"
},
"product_reference": "None.domutils-1.5.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.dot-prop-4.2.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.dot-prop-4.2.0"
},
"product_reference": "None.dot-prop-4.2.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.double-ended-queue-2.1.0-0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.double-ended-queue-2.1.0-0"
},
"product_reference": "None.double-ended-queue-2.1.0-0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.drmonty-datatables-colvis-1.1.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.drmonty-datatables-colvis-1.1.2"
},
"product_reference": "None.drmonty-datatables-colvis-1.1.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.duplexer-0.1.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.duplexer-0.1.1"
},
"product_reference": "None.duplexer-0.1.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.ecc-jsbn-0.1.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.ecc-jsbn-0.1.2"
},
"product_reference": "None.ecc-jsbn-0.1.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.electron-to-chromium-1.3.174 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.electron-to-chromium-1.3.174"
},
"product_reference": "None.electron-to-chromium-1.3.174",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.emoji-regex-7.0.3 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.emoji-regex-7.0.3"
},
"product_reference": "None.emoji-regex-7.0.3",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.emoji-regex-8.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.emoji-regex-8.0.0"
},
"product_reference": "None.emoji-regex-8.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.encoding-down-6.1.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.encoding-down-6.1.0"
},
"product_reference": "None.encoding-down-6.1.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.end-stream-0.1.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.end-stream-0.1.0"
},
"product_reference": "None.end-stream-0.1.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.entities-1.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.entities-1.0.0"
},
"product_reference": "None.entities-1.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.entities-1.1.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.entities-1.1.2"
},
"product_reference": "None.entities-1.1.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.env-paths-1.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.env-paths-1.0.0"
},
"product_reference": "None.env-paths-1.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.eonasdan-bootstrap-datetimepicker-4.17.47 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.eonasdan-bootstrap-datetimepicker-4.17.47"
},
"product_reference": "None.eonasdan-bootstrap-datetimepicker-4.17.47",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.errno-0.1.7 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.errno-0.1.7"
},
"product_reference": "None.errno-0.1.7",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.error-7.0.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.error-7.0.2"
},
"product_reference": "None.error-7.0.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.error-ex-1.3.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.error-ex-1.3.2"
},
"product_reference": "None.error-ex-1.3.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.es6-denodeify-0.1.5 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.es6-denodeify-0.1.5"
},
"product_reference": "None.es6-denodeify-0.1.5",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.escape-html-1.0.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.escape-html-1.0.2"
},
"product_reference": "None.escape-html-1.0.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.escape-html-1.0.3 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.escape-html-1.0.3"
},
"product_reference": "None.escape-html-1.0.3",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.escape-string-regexp-1.0.5 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.escape-string-regexp-1.0.5"
},
"product_reference": "None.escape-string-regexp-1.0.5",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.escodegen-1.11.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.escodegen-1.11.1"
},
"product_reference": "None.escodegen-1.11.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.escodegen-1.7.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.escodegen-1.7.0"
},
"product_reference": "None.escodegen-1.7.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.esdoc-0.4.8 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.esdoc-0.4.8"
},
"product_reference": "None.esdoc-0.4.8",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.esdoc-1.1.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.esdoc-1.1.0"
},
"product_reference": "None.esdoc-1.1.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.espree-2.2.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.espree-2.2.0"
},
"product_reference": "None.espree-2.2.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.esprima-1.2.5 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.esprima-1.2.5"
},
"product_reference": "None.esprima-1.2.5",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.esprima-3.1.3 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.esprima-3.1.3"
},
"product_reference": "None.esprima-3.1.3",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.esprima-4.0.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.esprima-4.0.1"
},
"product_reference": "None.esprima-4.0.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.estraverse-1.9.3 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.estraverse-1.9.3"
},
"product_reference": "None.estraverse-1.9.3",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.estraverse-4.1.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.estraverse-4.1.0"
},
"product_reference": "None.estraverse-4.1.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.estraverse-4.2.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.estraverse-4.2.0"
},
"product_reference": "None.estraverse-4.2.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.esutils-2.0.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.esutils-2.0.2"
},
"product_reference": "None.esutils-2.0.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.eventemitter2-0.4.14 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.eventemitter2-0.4.14"
},
"product_reference": "None.eventemitter2-0.4.14",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.execall-2.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.execall-2.0.0"
},
"product_reference": "None.execall-2.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.exit-0.1.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.exit-0.1.2"
},
"product_reference": "None.exit-0.1.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.expand-brackets-2.1.4 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.expand-brackets-2.1.4"
},
"product_reference": "None.expand-brackets-2.1.4",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.expand-tilde-2.0.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.expand-tilde-2.0.2"
},
"product_reference": "None.expand-tilde-2.0.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.extend-3.0.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.extend-3.0.2"
},
"product_reference": "None.extend-3.0.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.extend-shallow-2.0.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.extend-shallow-2.0.1"
},
"product_reference": "None.extend-shallow-2.0.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.extend-shallow-3.0.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.extend-shallow-3.0.2"
},
"product_reference": "None.extend-shallow-3.0.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.extglob-2.0.4 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.extglob-2.0.4"
},
"product_reference": "None.extglob-2.0.4",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.extsprintf-1.3.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.extsprintf-1.3.0"
},
"product_reference": "None.extsprintf-1.3.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.fast-deep-equal-2.0.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.fast-deep-equal-2.0.1"
},
"product_reference": "None.fast-deep-equal-2.0.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.fast-future-1.0.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.fast-future-1.0.2"
},
"product_reference": "None.fast-future-1.0.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.fast-glob-2.2.7 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.fast-glob-2.2.7"
},
"product_reference": "None.fast-glob-2.2.7",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.fast-json-stable-stringify-2.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.fast-json-stable-stringify-2.0.0"
},
"product_reference": "None.fast-json-stable-stringify-2.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.fast-levenshtein-1.0.7 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.fast-levenshtein-1.0.7"
},
"product_reference": "None.fast-levenshtein-1.0.7",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.fast-levenshtein-2.0.6 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.fast-levenshtein-2.0.6"
},
"product_reference": "None.fast-levenshtein-2.0.6",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.faye-websocket-0.10.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.faye-websocket-0.10.0"
},
"product_reference": "None.faye-websocket-0.10.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.fetch-cookie-0.7.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.fetch-cookie-0.7.0"
},
"product_reference": "None.fetch-cookie-0.7.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.figures-1.7.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.figures-1.7.0"
},
"product_reference": "None.figures-1.7.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.file-entry-cache-5.0.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.file-entry-cache-5.0.1"
},
"product_reference": "None.file-entry-cache-5.0.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.file-sync-cmp-0.1.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.file-sync-cmp-0.1.1"
},
"product_reference": "None.file-sync-cmp-0.1.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.fill-range-4.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.fill-range-4.0.0"
},
"product_reference": "None.fill-range-4.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.fill-range-7.0.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.fill-range-7.0.1"
},
"product_reference": "None.fill-range-7.0.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.find-up-1.1.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.find-up-1.1.2"
},
"product_reference": "None.find-up-1.1.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.find-up-2.1.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.find-up-2.1.0"
},
"product_reference": "None.find-up-2.1.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.findup-sync-0.3.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.findup-sync-0.3.0"
},
"product_reference": "None.findup-sync-0.3.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.findup-sync-2.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.findup-sync-2.0.0"
},
"product_reference": "None.findup-sync-2.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.fined-1.2.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.fined-1.2.0"
},
"product_reference": "None.fined-1.2.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.flagged-respawn-1.0.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.flagged-respawn-1.0.1"
},
"product_reference": "None.flagged-respawn-1.0.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.flat-cache-2.0.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.flat-cache-2.0.1"
},
"product_reference": "None.flat-cache-2.0.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.flatted-2.0.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.flatted-2.0.1"
},
"product_reference": "None.flatted-2.0.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.font-awesome-4.7.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.font-awesome-4.7.0"
},
"product_reference": "None.font-awesome-4.7.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.font-awesome-sass-4.7.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.font-awesome-sass-4.7.0"
},
"product_reference": "None.font-awesome-sass-4.7.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.for-in-1.0.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.for-in-1.0.2"
},
"product_reference": "None.for-in-1.0.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.for-own-1.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.for-own-1.0.0"
},
"product_reference": "None.for-own-1.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.forever-agent-0.6.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.forever-agent-0.6.1"
},
"product_reference": "None.forever-agent-0.6.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.form-data-2.3.3 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.form-data-2.3.3"
},
"product_reference": "None.form-data-2.3.3",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.fragment-cache-0.2.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.fragment-cache-0.2.1"
},
"product_reference": "None.fragment-cache-0.2.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.fs-extra-0.26.5 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.fs-extra-0.26.5"
},
"product_reference": "None.fs-extra-0.26.5",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.fs-extra-5.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.fs-extra-5.0.0"
},
"product_reference": "None.fs-extra-5.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.fs-minipass-1.2.6 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.fs-minipass-1.2.6"
},
"product_reference": "None.fs-minipass-1.2.6",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.fs.realpath-1.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.fs.realpath-1.0.0"
},
"product_reference": "None.fs.realpath-1.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.gauge-2.7.4 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.gauge-2.7.4"
},
"product_reference": "None.gauge-2.7.4",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.gaze-1.1.3 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.gaze-1.1.3"
},
"product_reference": "None.gaze-1.1.3",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.get-stdin-4.0.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.get-stdin-4.0.1"
},
"product_reference": "None.get-stdin-4.0.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.get-stdin-7.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.get-stdin-7.0.0"
},
"product_reference": "None.get-stdin-7.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.get-value-2.0.6 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.get-value-2.0.6"
},
"product_reference": "None.get-value-2.0.6",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.getobject-0.1.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.getobject-0.1.0"
},
"product_reference": "None.getobject-0.1.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.getpass-0.1.7 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.getpass-0.1.7"
},
"product_reference": "None.getpass-0.1.7",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.glob-5.0.15 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.glob-5.0.15"
},
"product_reference": "None.glob-5.0.15",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.glob-7.0.6 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.glob-7.0.6"
},
"product_reference": "None.glob-7.0.6",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.glob-7.1.4 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.glob-7.1.4"
},
"product_reference": "None.glob-7.1.4",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.glob-parent-3.1.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.glob-parent-3.1.0"
},
"product_reference": "None.glob-parent-3.1.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.glob-to-regexp-0.3.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.glob-to-regexp-0.3.0"
},
"product_reference": "None.glob-to-regexp-0.3.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.global-modules-1.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.global-modules-1.0.0"
},
"product_reference": "None.global-modules-1.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.global-modules-2.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.global-modules-2.0.0"
},
"product_reference": "None.global-modules-2.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.global-prefix-1.0.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.global-prefix-1.0.2"
},
"product_reference": "None.global-prefix-1.0.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.global-prefix-3.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.global-prefix-3.0.0"
},
"product_reference": "None.global-prefix-3.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.globals-11.12.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.globals-11.12.0"
},
"product_reference": "None.globals-11.12.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.globals-9.18.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.globals-9.18.0"
},
"product_reference": "None.globals-9.18.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.globby-9.2.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.globby-9.2.0"
},
"product_reference": "None.globby-9.2.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.globjoin-0.1.4 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.globjoin-0.1.4"
},
"product_reference": "None.globjoin-0.1.4",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.globule-1.2.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.globule-1.2.1"
},
"product_reference": "None.globule-1.2.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.gonzales-pe-4.2.4 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.gonzales-pe-4.2.4"
},
"product_reference": "None.gonzales-pe-4.2.4",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.good-listener-1.2.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.good-listener-1.2.2"
},
"product_reference": "None.good-listener-1.2.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.google-code-prettify-1.0.5 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.google-code-prettify-1.0.5"
},
"product_reference": "None.google-code-prettify-1.0.5",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.graceful-fs-4.1.15 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.graceful-fs-4.1.15"
},
"product_reference": "None.graceful-fs-4.1.15",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.grunt-1.0.4 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.grunt-1.0.4"
},
"product_reference": "None.grunt-1.0.4",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.grunt-cli-1.2.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.grunt-cli-1.2.0"
},
"product_reference": "None.grunt-cli-1.2.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.grunt-cli-1.3.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.grunt-cli-1.3.2"
},
"product_reference": "None.grunt-cli-1.3.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.grunt-contrib-clean-2.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.grunt-contrib-clean-2.0.0"
},
"product_reference": "None.grunt-contrib-clean-2.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.grunt-contrib-concat-1.0.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.grunt-contrib-concat-1.0.1"
},
"product_reference": "None.grunt-contrib-concat-1.0.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.grunt-contrib-copy-1.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.grunt-contrib-copy-1.0.0"
},
"product_reference": "None.grunt-contrib-copy-1.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.grunt-contrib-cssmin-3.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.grunt-contrib-cssmin-3.0.0"
},
"product_reference": "None.grunt-contrib-cssmin-3.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.grunt-contrib-less-2.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.grunt-contrib-less-2.0.0"
},
"product_reference": "None.grunt-contrib-less-2.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.grunt-contrib-watch-1.1.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.grunt-contrib-watch-1.1.0"
},
"product_reference": "None.grunt-contrib-watch-1.1.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.grunt-css-count-0.3.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.grunt-css-count-0.3.2"
},
"product_reference": "None.grunt-css-count-0.3.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.grunt-esdoc-0.0.4 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.grunt-esdoc-0.0.4"
},
"product_reference": "None.grunt-esdoc-0.0.4",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.grunt-known-options-1.1.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.grunt-known-options-1.1.1"
},
"product_reference": "None.grunt-known-options-1.1.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.grunt-legacy-log-2.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.grunt-legacy-log-2.0.0"
},
"product_reference": "None.grunt-legacy-log-2.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.grunt-legacy-log-utils-2.0.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.grunt-legacy-log-utils-2.0.1"
},
"product_reference": "None.grunt-legacy-log-utils-2.0.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.grunt-legacy-util-1.1.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.grunt-legacy-util-1.1.1"
},
"product_reference": "None.grunt-legacy-util-1.1.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.grunt-postcss-0.9.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.grunt-postcss-0.9.0"
},
"product_reference": "None.grunt-postcss-0.9.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.grunt-stylelint-0.11.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.grunt-stylelint-0.11.0"
},
"product_reference": "None.grunt-stylelint-0.11.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.gzip-size-3.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.gzip-size-3.0.0"
},
"product_reference": "None.gzip-size-3.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.har-schema-2.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.har-schema-2.0.0"
},
"product_reference": "None.har-schema-2.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.har-validator-5.1.3 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.har-validator-5.1.3"
},
"product_reference": "None.har-validator-5.1.3",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.has-ansi-2.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.has-ansi-2.0.0"
},
"product_reference": "None.has-ansi-2.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.has-flag-3.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.has-flag-3.0.0"
},
"product_reference": "None.has-flag-3.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.has-unicode-2.0.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.has-unicode-2.0.1"
},
"product_reference": "None.has-unicode-2.0.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.has-value-0.3.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.has-value-0.3.1"
},
"product_reference": "None.has-value-0.3.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.has-value-1.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.has-value-1.0.0"
},
"product_reference": "None.has-value-1.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.has-values-0.1.4 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.has-values-0.1.4"
},
"product_reference": "None.has-values-0.1.4",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.has-values-1.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.has-values-1.0.0"
},
"product_reference": "None.has-values-1.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.homedir-polyfill-1.0.3 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.homedir-polyfill-1.0.3"
},
"product_reference": "None.homedir-polyfill-1.0.3",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.hooker-0.2.3 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.hooker-0.2.3"
},
"product_reference": "None.hooker-0.2.3",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.hosted-git-info-2.7.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.hosted-git-info-2.7.1"
},
"product_reference": "None.hosted-git-info-2.7.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.html-tags-3.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.html-tags-3.0.0"
},
"product_reference": "None.html-tags-3.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.htmlparser2-3.10.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.htmlparser2-3.10.1"
},
"product_reference": "None.htmlparser2-3.10.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.htmlparser2-3.8.3 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.htmlparser2-3.8.3"
},
"product_reference": "None.htmlparser2-3.8.3",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.http-parser-js-0.4.10 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.http-parser-js-0.4.10"
},
"product_reference": "None.http-parser-js-0.4.10",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.http-signature-1.2.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.http-signature-1.2.0"
},
"product_reference": "None.http-signature-1.2.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.ice-cap-0.0.4 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.ice-cap-0.0.4"
},
"product_reference": "None.ice-cap-0.0.4",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.iconv-lite-0.4.24 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.iconv-lite-0.4.24"
},
"product_reference": "None.iconv-lite-0.4.24",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.ignore-4.0.6 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.ignore-4.0.6"
},
"product_reference": "None.ignore-4.0.6",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.ignore-5.1.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.ignore-5.1.2"
},
"product_reference": "None.ignore-5.1.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.image-size-0.5.5 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.image-size-0.5.5"
},
"product_reference": "None.image-size-0.5.5",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.immediate-3.0.6 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.immediate-3.0.6"
},
"product_reference": "None.immediate-3.0.6",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.immediate-3.2.3 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.immediate-3.2.3"
},
"product_reference": "None.immediate-3.2.3",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.import-fresh-2.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.import-fresh-2.0.0"
},
"product_reference": "None.import-fresh-2.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.import-lazy-4.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.import-lazy-4.0.0"
},
"product_reference": "None.import-lazy-4.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.imurmurhash-0.1.4 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.imurmurhash-0.1.4"
},
"product_reference": "None.imurmurhash-0.1.4",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.indent-string-2.1.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.indent-string-2.1.0"
},
"product_reference": "None.indent-string-2.1.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.indent-string-3.2.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.indent-string-3.2.0"
},
"product_reference": "None.indent-string-3.2.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.indexes-of-1.0.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.indexes-of-1.0.1"
},
"product_reference": "None.indexes-of-1.0.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.inflight-1.0.6 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.inflight-1.0.6"
},
"product_reference": "None.inflight-1.0.6",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.inherits-2.0.3 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.inherits-2.0.3"
},
"product_reference": "None.inherits-2.0.3",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.ini-1.3.5 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.ini-1.3.5"
},
"product_reference": "None.ini-1.3.5",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.interpret-1.1.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.interpret-1.1.0"
},
"product_reference": "None.interpret-1.1.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.invariant-2.2.4 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.invariant-2.2.4"
},
"product_reference": "None.invariant-2.2.4",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.is-absolute-1.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.is-absolute-1.0.0"
},
"product_reference": "None.is-absolute-1.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.is-accessor-descriptor-0.1.6 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.is-accessor-descriptor-0.1.6"
},
"product_reference": "None.is-accessor-descriptor-0.1.6",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.is-accessor-descriptor-1.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.is-accessor-descriptor-1.0.0"
},
"product_reference": "None.is-accessor-descriptor-1.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.is-alphabetical-1.0.3 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.is-alphabetical-1.0.3"
},
"product_reference": "None.is-alphabetical-1.0.3",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.is-alphanumeric-1.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.is-alphanumeric-1.0.0"
},
"product_reference": "None.is-alphanumeric-1.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.is-alphanumerical-1.0.3 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.is-alphanumerical-1.0.3"
},
"product_reference": "None.is-alphanumerical-1.0.3",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.is-arrayish-0.2.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.is-arrayish-0.2.1"
},
"product_reference": "None.is-arrayish-0.2.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.is-buffer-1.1.6 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.is-buffer-1.1.6"
},
"product_reference": "None.is-buffer-1.1.6",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.is-buffer-2.0.3 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.is-buffer-2.0.3"
},
"product_reference": "None.is-buffer-2.0.3",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.is-data-descriptor-0.1.4 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.is-data-descriptor-0.1.4"
},
"product_reference": "None.is-data-descriptor-0.1.4",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.is-data-descriptor-1.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.is-data-descriptor-1.0.0"
},
"product_reference": "None.is-data-descriptor-1.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.is-decimal-1.0.3 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.is-decimal-1.0.3"
},
"product_reference": "None.is-decimal-1.0.3",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.is-descriptor-0.1.6 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.is-descriptor-0.1.6"
},
"product_reference": "None.is-descriptor-0.1.6",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.is-descriptor-1.0.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.is-descriptor-1.0.2"
},
"product_reference": "None.is-descriptor-1.0.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.is-directory-0.3.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.is-directory-0.3.1"
},
"product_reference": "None.is-directory-0.3.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.is-extendable-0.1.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.is-extendable-0.1.1"
},
"product_reference": "None.is-extendable-0.1.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.is-extendable-1.0.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.is-extendable-1.0.1"
},
"product_reference": "None.is-extendable-1.0.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.is-extglob-2.1.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.is-extglob-2.1.1"
},
"product_reference": "None.is-extglob-2.1.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.is-finite-1.0.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.is-finite-1.0.2"
},
"product_reference": "None.is-finite-1.0.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.is-fullwidth-code-point-1.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.is-fullwidth-code-point-1.0.0"
},
"product_reference": "None.is-fullwidth-code-point-1.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.is-fullwidth-code-point-2.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.is-fullwidth-code-point-2.0.0"
},
"product_reference": "None.is-fullwidth-code-point-2.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.is-fullwidth-code-point-3.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.is-fullwidth-code-point-3.0.0"
},
"product_reference": "None.is-fullwidth-code-point-3.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.is-glob-3.1.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.is-glob-3.1.0"
},
"product_reference": "None.is-glob-3.1.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.is-glob-4.0.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.is-glob-4.0.1"
},
"product_reference": "None.is-glob-4.0.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.is-hexadecimal-1.0.3 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.is-hexadecimal-1.0.3"
},
"product_reference": "None.is-hexadecimal-1.0.3",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.is-number-3.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.is-number-3.0.0"
},
"product_reference": "None.is-number-3.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.is-number-7.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.is-number-7.0.0"
},
"product_reference": "None.is-number-7.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.is-obj-1.0.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.is-obj-1.0.1"
},
"product_reference": "None.is-obj-1.0.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.is-plain-obj-1.1.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.is-plain-obj-1.1.0"
},
"product_reference": "None.is-plain-obj-1.1.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.is-plain-object-2.0.4 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.is-plain-object-2.0.4"
},
"product_reference": "None.is-plain-object-2.0.4",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.is-regexp-2.1.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.is-regexp-2.1.0"
},
"product_reference": "None.is-regexp-2.1.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.is-relative-1.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.is-relative-1.0.0"
},
"product_reference": "None.is-relative-1.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.is-typedarray-1.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.is-typedarray-1.0.0"
},
"product_reference": "None.is-typedarray-1.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.is-unc-path-1.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.is-unc-path-1.0.0"
},
"product_reference": "None.is-unc-path-1.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.is-utf8-0.2.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.is-utf8-0.2.1"
},
"product_reference": "None.is-utf8-0.2.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.is-whitespace-character-1.0.3 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.is-whitespace-character-1.0.3"
},
"product_reference": "None.is-whitespace-character-1.0.3",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.is-windows-1.0.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.is-windows-1.0.2"
},
"product_reference": "None.is-windows-1.0.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.is-word-character-1.0.3 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.is-word-character-1.0.3"
},
"product_reference": "None.is-word-character-1.0.3",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.isarray-0.0.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.isarray-0.0.1"
},
"product_reference": "None.isarray-0.0.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.isarray-1.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.isarray-1.0.0"
},
"product_reference": "None.isarray-1.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.isexe-2.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.isexe-2.0.0"
},
"product_reference": "None.isexe-2.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.isobject-2.1.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.isobject-2.1.0"
},
"product_reference": "None.isobject-2.1.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.isobject-3.0.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.isobject-3.0.1"
},
"product_reference": "None.isobject-3.0.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.isstream-0.1.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.isstream-0.1.2"
},
"product_reference": "None.isstream-0.1.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.jansi.dll-None as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.jansi.dll-None"
},
"product_reference": "None.jansi.dll-None",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.jboss-eap-7.4.7-runtime-maven-repository.zip-None as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.jboss-eap-7.4.7-runtime-maven-repository.zip-None"
},
"product_reference": "None.jboss-eap-7.4.7-runtime-maven-repository.zip-None",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.jquery-3.2.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.jquery-3.2.1"
},
"product_reference": "None.jquery-3.2.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.jquery-3.4.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.jquery-3.4.1"
},
"product_reference": "None.jquery-3.4.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.jquery-match-height-0.7.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.jquery-match-height-0.7.2"
},
"product_reference": "None.jquery-match-height-0.7.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.js-cookie-2.2.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.js-cookie-2.2.0"
},
"product_reference": "None.js-cookie-2.2.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.js-tokens-3.0.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.js-tokens-3.0.2"
},
"product_reference": "None.js-tokens-3.0.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.js-tokens-4.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.js-tokens-4.0.0"
},
"product_reference": "None.js-tokens-4.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.js-yaml-3.13.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.js-yaml-3.13.1"
},
"product_reference": "None.js-yaml-3.13.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.jsbn-0.1.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.jsbn-0.1.1"
},
"product_reference": "None.jsbn-0.1.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.jsdom-7.2.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.jsdom-7.2.2"
},
"product_reference": "None.jsdom-7.2.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.jsesc-1.3.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.jsesc-1.3.0"
},
"product_reference": "None.jsesc-1.3.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.jsesc-2.5.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.jsesc-2.5.2"
},
"product_reference": "None.jsesc-2.5.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.json-parse-better-errors-1.0.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.json-parse-better-errors-1.0.2"
},
"product_reference": "None.json-parse-better-errors-1.0.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.json-schema-0.2.3 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.json-schema-0.2.3"
},
"product_reference": "None.json-schema-0.2.3",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.json-schema-traverse-0.4.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.json-schema-traverse-0.4.1"
},
"product_reference": "None.json-schema-traverse-0.4.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.json-stringify-safe-5.0.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.json-stringify-safe-5.0.1"
},
"product_reference": "None.json-stringify-safe-5.0.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.json5-2.1.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.json5-2.1.0"
},
"product_reference": "None.json5-2.1.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.jsonfile-2.4.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.jsonfile-2.4.0"
},
"product_reference": "None.jsonfile-2.4.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.jsonfile-4.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.jsonfile-4.0.0"
},
"product_reference": "None.jsonfile-4.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.jsprim-1.4.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.jsprim-1.4.1"
},
"product_reference": "None.jsprim-1.4.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.jstree-3.3.8 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.jstree-3.3.8"
},
"product_reference": "None.jstree-3.3.8",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.kind-of-3.2.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.kind-of-3.2.2"
},
"product_reference": "None.kind-of-3.2.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.kind-of-4.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.kind-of-4.0.0"
},
"product_reference": "None.kind-of-4.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.kind-of-5.1.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.kind-of-5.1.0"
},
"product_reference": "None.kind-of-5.1.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.kind-of-6.0.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.kind-of-6.0.2"
},
"product_reference": "None.kind-of-6.0.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.klaw-1.3.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.klaw-1.3.1"
},
"product_reference": "None.klaw-1.3.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.known-css-properties-0.14.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.known-css-properties-0.14.0"
},
"product_reference": "None.known-css-properties-0.14.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.less-3.9.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.less-3.9.0"
},
"product_reference": "None.less-3.9.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.level-5.0.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.level-5.0.1"
},
"product_reference": "None.level-5.0.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.level-codec-9.0.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.level-codec-9.0.1"
},
"product_reference": "None.level-codec-9.0.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.level-concat-iterator-2.0.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.level-concat-iterator-2.0.1"
},
"product_reference": "None.level-concat-iterator-2.0.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.level-errors-2.0.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.level-errors-2.0.1"
},
"product_reference": "None.level-errors-2.0.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.level-iterator-stream-4.0.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.level-iterator-stream-4.0.1"
},
"product_reference": "None.level-iterator-stream-4.0.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.level-js-4.0.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.level-js-4.0.1"
},
"product_reference": "None.level-js-4.0.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.level-packager-5.0.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.level-packager-5.0.2"
},
"product_reference": "None.level-packager-5.0.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.level-write-stream-1.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.level-write-stream-1.0.0"
},
"product_reference": "None.level-write-stream-1.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.leveldown-5.0.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.leveldown-5.0.2"
},
"product_reference": "None.leveldown-5.0.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.levelup-4.0.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.levelup-4.0.2"
},
"product_reference": "None.levelup-4.0.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.leven-3.1.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.leven-3.1.0"
},
"product_reference": "None.leven-3.1.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.levn-0.2.5 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.levn-0.2.5"
},
"product_reference": "None.levn-0.2.5",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.levn-0.3.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.levn-0.3.0"
},
"product_reference": "None.levn-0.3.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.libjansi.so-None as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.libjansi.so-None"
},
"product_reference": "None.libjansi.so-None",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.libnetty_transport_native_epoll_x86_64.so-None as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.libnetty_transport_native_epoll_x86_64.so-None"
},
"product_reference": "None.libnetty_transport_native_epoll_x86_64.so-None",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.liftoff-2.5.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.liftoff-2.5.0"
},
"product_reference": "None.liftoff-2.5.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.livereload-js-2.4.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.livereload-js-2.4.0"
},
"product_reference": "None.livereload-js-2.4.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.load-json-file-1.1.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.load-json-file-1.1.0"
},
"product_reference": "None.load-json-file-1.1.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.load-json-file-4.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.load-json-file-4.0.0"
},
"product_reference": "None.load-json-file-4.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.locate-path-2.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.locate-path-2.0.0"
},
"product_reference": "None.locate-path-2.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.lodash-4.17.11 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.lodash-4.17.11"
},
"product_reference": "None.lodash-4.17.11",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.log-symbols-2.2.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.log-symbols-2.2.0"
},
"product_reference": "None.log-symbols-2.2.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.log-symbols-3.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.log-symbols-3.0.0"
},
"product_reference": "None.log-symbols-3.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.longest-streak-2.0.3 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.longest-streak-2.0.3"
},
"product_reference": "None.longest-streak-2.0.3",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.loose-envify-1.4.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.loose-envify-1.4.0"
},
"product_reference": "None.loose-envify-1.4.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.loud-rejection-1.6.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.loud-rejection-1.6.0"
},
"product_reference": "None.loud-rejection-1.6.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.ltgt-2.2.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.ltgt-2.2.1"
},
"product_reference": "None.ltgt-2.2.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.make-iterator-1.0.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.make-iterator-1.0.1"
},
"product_reference": "None.make-iterator-1.0.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.map-cache-0.2.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.map-cache-0.2.2"
},
"product_reference": "None.map-cache-0.2.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.map-obj-1.0.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.map-obj-1.0.1"
},
"product_reference": "None.map-obj-1.0.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.map-obj-2.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.map-obj-2.0.0"
},
"product_reference": "None.map-obj-2.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.map-visit-1.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.map-visit-1.0.0"
},
"product_reference": "None.map-visit-1.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.markdown-escapes-1.0.3 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.markdown-escapes-1.0.3"
},
"product_reference": "None.markdown-escapes-1.0.3",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.markdown-table-1.1.3 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.markdown-table-1.1.3"
},
"product_reference": "None.markdown-table-1.1.3",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.marked-0.3.19 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.marked-0.3.19"
},
"product_reference": "None.marked-0.3.19",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.marked-0.3.5 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.marked-0.3.5"
},
"product_reference": "None.marked-0.3.5",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.marked-0.7.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.marked-0.7.0"
},
"product_reference": "None.marked-0.7.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.matchdep-2.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.matchdep-2.0.0"
},
"product_reference": "None.matchdep-2.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.mathml-tag-names-2.1.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.mathml-tag-names-2.1.1"
},
"product_reference": "None.mathml-tag-names-2.1.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.maxmin-2.1.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.maxmin-2.1.0"
},
"product_reference": "None.maxmin-2.1.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.mdast-util-compact-1.0.3 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.mdast-util-compact-1.0.3"
},
"product_reference": "None.mdast-util-compact-1.0.3",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.meow-3.7.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.meow-3.7.0"
},
"product_reference": "None.meow-3.7.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.meow-5.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.meow-5.0.0"
},
"product_reference": "None.meow-5.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.merge2-1.2.3 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.merge2-1.2.3"
},
"product_reference": "None.merge2-1.2.3",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.micromatch-3.1.10 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.micromatch-3.1.10"
},
"product_reference": "None.micromatch-3.1.10",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.micromatch-4.0.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.micromatch-4.0.2"
},
"product_reference": "None.micromatch-4.0.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.mime-1.6.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.mime-1.6.0"
},
"product_reference": "None.mime-1.6.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.mime-db-1.40.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.mime-db-1.40.0"
},
"product_reference": "None.mime-db-1.40.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.mime-types-2.1.24 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.mime-types-2.1.24"
},
"product_reference": "None.mime-types-2.1.24",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.minimatch-3.0.4 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.minimatch-3.0.4"
},
"product_reference": "None.minimatch-3.0.4",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.minimist-0.0.8 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.minimist-0.0.8"
},
"product_reference": "None.minimist-0.0.8",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.minimist-1.1.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.minimist-1.1.1"
},
"product_reference": "None.minimist-1.1.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.minimist-1.1.3 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.minimist-1.1.3"
},
"product_reference": "None.minimist-1.1.3",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.minimist-1.2.6 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.minimist-1.2.6"
},
"product_reference": "None.minimist-1.2.6",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.minimist-options-3.0.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.minimist-options-3.0.2"
},
"product_reference": "None.minimist-options-3.0.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.minipass-2.3.5 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.minipass-2.3.5"
},
"product_reference": "None.minipass-2.3.5",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.minizlib-1.2.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.minizlib-1.2.1"
},
"product_reference": "None.minizlib-1.2.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.mixin-deep-1.3.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.mixin-deep-1.3.2"
},
"product_reference": "None.mixin-deep-1.3.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.mkdirp-0.5.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.mkdirp-0.5.1"
},
"product_reference": "None.mkdirp-0.5.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.moment-2.29.4 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.moment-2.29.4"
},
"product_reference": "None.moment-2.29.4",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.moment-timezone-0.4.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.moment-timezone-0.4.1"
},
"product_reference": "None.moment-timezone-0.4.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.ms-2.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.ms-2.0.0"
},
"product_reference": "None.ms-2.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.ms-2.1.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.ms-2.1.2"
},
"product_reference": "None.ms-2.1.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.nanomatch-1.2.13 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.nanomatch-1.2.13"
},
"product_reference": "None.nanomatch-1.2.13",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.napi-macros-1.8.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.napi-macros-1.8.2"
},
"product_reference": "None.napi-macros-1.8.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.node-fetch-2.4.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.node-fetch-2.4.1"
},
"product_reference": "None.node-fetch-2.4.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.node-gyp-5.0.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.node-gyp-5.0.1"
},
"product_reference": "None.node-gyp-5.0.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.node-gyp-build-3.8.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.node-gyp-build-3.8.0"
},
"product_reference": "None.node-gyp-build-3.8.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.node-releases-1.1.23 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.node-releases-1.1.23"
},
"product_reference": "None.node-releases-1.1.23",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.nopt-3.0.6 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.nopt-3.0.6"
},
"product_reference": "None.nopt-3.0.6",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.nopt-4.0.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.nopt-4.0.1"
},
"product_reference": "None.nopt-4.0.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.normalize-package-data-2.5.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.normalize-package-data-2.5.0"
},
"product_reference": "None.normalize-package-data-2.5.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.normalize-range-0.1.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.normalize-range-0.1.2"
},
"product_reference": "None.normalize-range-0.1.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.normalize-selector-0.2.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.normalize-selector-0.2.0"
},
"product_reference": "None.normalize-selector-0.2.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.npmlog-4.1.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.npmlog-4.1.2"
},
"product_reference": "None.npmlog-4.1.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.nth-check-1.0.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.nth-check-1.0.2"
},
"product_reference": "None.nth-check-1.0.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.num2fraction-1.2.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.num2fraction-1.2.2"
},
"product_reference": "None.num2fraction-1.2.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.number-is-nan-1.0.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.number-is-nan-1.0.1"
},
"product_reference": "None.number-is-nan-1.0.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.nwmatcher-1.4.4 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.nwmatcher-1.4.4"
},
"product_reference": "None.nwmatcher-1.4.4",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.oauth-sign-0.9.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.oauth-sign-0.9.0"
},
"product_reference": "None.oauth-sign-0.9.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.object-assign-4.1.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.object-assign-4.1.1"
},
"product_reference": "None.object-assign-4.1.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.object-copy-0.1.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.object-copy-0.1.0"
},
"product_reference": "None.object-copy-0.1.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.object-visit-1.0.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.object-visit-1.0.1"
},
"product_reference": "None.object-visit-1.0.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.object.defaults-1.1.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.object.defaults-1.1.0"
},
"product_reference": "None.object.defaults-1.1.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.object.map-1.0.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.object.map-1.0.1"
},
"product_reference": "None.object.map-1.0.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.object.pick-1.3.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.object.pick-1.3.0"
},
"product_reference": "None.object.pick-1.3.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.once-1.4.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.once-1.4.0"
},
"product_reference": "None.once-1.4.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.opencollective-postinstall-2.0.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.opencollective-postinstall-2.0.2"
},
"product_reference": "None.opencollective-postinstall-2.0.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.optionator-0.5.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.optionator-0.5.0"
},
"product_reference": "None.optionator-0.5.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.optionator-0.8.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.optionator-0.8.2"
},
"product_reference": "None.optionator-0.8.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.os-homedir-1.0.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.os-homedir-1.0.2"
},
"product_reference": "None.os-homedir-1.0.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.os-tmpdir-1.0.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.os-tmpdir-1.0.2"
},
"product_reference": "None.os-tmpdir-1.0.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.osenv-0.1.5 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.osenv-0.1.5"
},
"product_reference": "None.osenv-0.1.5",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.p-limit-1.3.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.p-limit-1.3.0"
},
"product_reference": "None.p-limit-1.3.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.p-locate-2.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.p-locate-2.0.0"
},
"product_reference": "None.p-locate-2.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.p-try-1.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.p-try-1.0.0"
},
"product_reference": "None.p-try-1.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.parse-entities-1.2.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.parse-entities-1.2.2"
},
"product_reference": "None.parse-entities-1.2.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.parse-filepath-1.0.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.parse-filepath-1.0.2"
},
"product_reference": "None.parse-filepath-1.0.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.parse-json-2.2.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.parse-json-2.2.0"
},
"product_reference": "None.parse-json-2.2.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.parse-json-4.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.parse-json-4.0.0"
},
"product_reference": "None.parse-json-4.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.parse-passwd-1.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.parse-passwd-1.0.0"
},
"product_reference": "None.parse-passwd-1.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.parse5-1.5.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.parse5-1.5.1"
},
"product_reference": "None.parse5-1.5.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.parse5-3.0.3 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.parse5-3.0.3"
},
"product_reference": "None.parse5-3.0.3",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.pascalcase-0.1.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.pascalcase-0.1.1"
},
"product_reference": "None.pascalcase-0.1.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.path-dirname-1.0.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.path-dirname-1.0.2"
},
"product_reference": "None.path-dirname-1.0.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.path-exists-2.1.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.path-exists-2.1.0"
},
"product_reference": "None.path-exists-2.1.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.path-exists-3.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.path-exists-3.0.0"
},
"product_reference": "None.path-exists-3.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.path-is-absolute-1.0.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.path-is-absolute-1.0.1"
},
"product_reference": "None.path-is-absolute-1.0.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.path-parse-1.0.6 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.path-parse-1.0.6"
},
"product_reference": "None.path-parse-1.0.6",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.path-root-0.1.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.path-root-0.1.1"
},
"product_reference": "None.path-root-0.1.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.path-root-regex-0.1.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.path-root-regex-0.1.2"
},
"product_reference": "None.path-root-regex-0.1.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.path-type-1.1.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.path-type-1.1.0"
},
"product_reference": "None.path-type-1.1.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.path-type-3.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.path-type-3.0.0"
},
"product_reference": "None.path-type-3.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.patternfly-3.59.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.patternfly-3.59.2"
},
"product_reference": "None.patternfly-3.59.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.patternfly-bootstrap-combobox-1.1.7 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.patternfly-bootstrap-combobox-1.1.7"
},
"product_reference": "None.patternfly-bootstrap-combobox-1.1.7",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.patternfly-bootstrap-treeview-2.1.5 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.patternfly-bootstrap-treeview-2.1.5"
},
"product_reference": "None.patternfly-bootstrap-treeview-2.1.5",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.performance-now-2.1.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.performance-now-2.1.0"
},
"product_reference": "None.performance-now-2.1.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.picomatch-2.0.7 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.picomatch-2.0.7"
},
"product_reference": "None.picomatch-2.0.7",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.pify-2.3.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.pify-2.3.0"
},
"product_reference": "None.pify-2.3.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.pify-3.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.pify-3.0.0"
},
"product_reference": "None.pify-3.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.pify-4.0.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.pify-4.0.1"
},
"product_reference": "None.pify-4.0.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.pinkie-2.0.4 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.pinkie-2.0.4"
},
"product_reference": "None.pinkie-2.0.4",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.pinkie-promise-2.0.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.pinkie-promise-2.0.1"
},
"product_reference": "None.pinkie-promise-2.0.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.pixrem-5.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.pixrem-5.0.0"
},
"product_reference": "None.pixrem-5.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.pom.xml-None as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.pom.xml-None"
},
"product_reference": "None.pom.xml-None",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.posix-character-classes-0.1.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.posix-character-classes-0.1.1"
},
"product_reference": "None.posix-character-classes-0.1.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.postcss-6.0.23 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.postcss-6.0.23"
},
"product_reference": "None.postcss-6.0.23",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.postcss-7.0.17 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.postcss-7.0.17"
},
"product_reference": "None.postcss-7.0.17",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.postcss-html-0.36.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.postcss-html-0.36.0"
},
"product_reference": "None.postcss-html-0.36.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.postcss-jsx-0.36.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.postcss-jsx-0.36.1"
},
"product_reference": "None.postcss-jsx-0.36.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.postcss-less-3.1.4 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.postcss-less-3.1.4"
},
"product_reference": "None.postcss-less-3.1.4",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.postcss-markdown-0.36.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.postcss-markdown-0.36.0"
},
"product_reference": "None.postcss-markdown-0.36.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.postcss-media-query-parser-0.2.3 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.postcss-media-query-parser-0.2.3"
},
"product_reference": "None.postcss-media-query-parser-0.2.3",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.postcss-reporter-6.0.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.postcss-reporter-6.0.1"
},
"product_reference": "None.postcss-reporter-6.0.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.postcss-resolve-nested-selector-0.1.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.postcss-resolve-nested-selector-0.1.1"
},
"product_reference": "None.postcss-resolve-nested-selector-0.1.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.postcss-safe-parser-4.0.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.postcss-safe-parser-4.0.1"
},
"product_reference": "None.postcss-safe-parser-4.0.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.postcss-sass-0.3.5 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.postcss-sass-0.3.5"
},
"product_reference": "None.postcss-sass-0.3.5",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.postcss-scss-2.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.postcss-scss-2.0.0"
},
"product_reference": "None.postcss-scss-2.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.postcss-selector-parser-3.1.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.postcss-selector-parser-3.1.1"
},
"product_reference": "None.postcss-selector-parser-3.1.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.postcss-syntax-0.36.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.postcss-syntax-0.36.2"
},
"product_reference": "None.postcss-syntax-0.36.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.postcss-value-parser-3.3.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.postcss-value-parser-3.3.1"
},
"product_reference": "None.postcss-value-parser-3.3.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.pouchdb-7.1.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.pouchdb-7.1.1"
},
"product_reference": "None.pouchdb-7.1.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.prelude-ls-1.1.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.prelude-ls-1.1.2"
},
"product_reference": "None.prelude-ls-1.1.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.pretty-bytes-3.0.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.pretty-bytes-3.0.1"
},
"product_reference": "None.pretty-bytes-3.0.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.process-nextick-args-2.0.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.process-nextick-args-2.0.1"
},
"product_reference": "None.process-nextick-args-2.0.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.promise-7.3.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.promise-7.3.1"
},
"product_reference": "None.promise-7.3.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.promise-polyfill-8.1.3 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.promise-polyfill-8.1.3"
},
"product_reference": "None.promise-polyfill-8.1.3",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.prr-1.0.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.prr-1.0.1"
},
"product_reference": "None.prr-1.0.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.psl-1.1.33 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.psl-1.1.33"
},
"product_reference": "None.psl-1.1.33",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.punycode-1.4.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.punycode-1.4.1"
},
"product_reference": "None.punycode-1.4.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.punycode-2.1.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.punycode-2.1.1"
},
"product_reference": "None.punycode-2.1.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.qs-6.5.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.qs-6.5.2"
},
"product_reference": "None.qs-6.5.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.quick-lru-1.1.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.quick-lru-1.1.0"
},
"product_reference": "None.quick-lru-1.1.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.raw-body-1.1.7 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.raw-body-1.1.7"
},
"product_reference": "None.raw-body-1.1.7",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.read-pkg-1.1.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.read-pkg-1.1.0"
},
"product_reference": "None.read-pkg-1.1.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.read-pkg-3.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.read-pkg-3.0.0"
},
"product_reference": "None.read-pkg-3.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.read-pkg-up-1.0.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.read-pkg-up-1.0.1"
},
"product_reference": "None.read-pkg-up-1.0.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.read-pkg-up-3.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.read-pkg-up-3.0.0"
},
"product_reference": "None.read-pkg-up-3.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.readable-stream-0.0.4 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.readable-stream-0.0.4"
},
"product_reference": "None.readable-stream-0.0.4",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.readable-stream-1.0.33 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.readable-stream-1.0.33"
},
"product_reference": "None.readable-stream-1.0.33",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.readable-stream-1.1.14 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.readable-stream-1.1.14"
},
"product_reference": "None.readable-stream-1.1.14",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.readable-stream-2.3.6 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.readable-stream-2.3.6"
},
"product_reference": "None.readable-stream-2.3.6",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.readable-stream-3.4.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.readable-stream-3.4.0"
},
"product_reference": "None.readable-stream-3.4.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.rechoir-0.6.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.rechoir-0.6.2"
},
"product_reference": "None.rechoir-0.6.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.redent-1.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.redent-1.0.0"
},
"product_reference": "None.redent-1.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.redent-2.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.redent-2.0.0"
},
"product_reference": "None.redent-2.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.reduce-css-calc-2.1.6 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.reduce-css-calc-2.1.6"
},
"product_reference": "None.reduce-css-calc-2.1.6",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.regenerator-runtime-0.11.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.regenerator-runtime-0.11.1"
},
"product_reference": "None.regenerator-runtime-0.11.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.regex-not-1.0.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.regex-not-1.0.2"
},
"product_reference": "None.regex-not-1.0.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.remark-10.0.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.remark-10.0.1"
},
"product_reference": "None.remark-10.0.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.remark-parse-6.0.3 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.remark-parse-6.0.3"
},
"product_reference": "None.remark-parse-6.0.3",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.remark-stringify-6.0.4 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.remark-stringify-6.0.4"
},
"product_reference": "None.remark-stringify-6.0.4",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.repeat-element-1.1.3 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.repeat-element-1.1.3"
},
"product_reference": "None.repeat-element-1.1.3",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.repeat-string-1.6.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.repeat-string-1.6.1"
},
"product_reference": "None.repeat-string-1.6.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.repeating-2.0.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.repeating-2.0.1"
},
"product_reference": "None.repeating-2.0.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.replace-ext-1.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.replace-ext-1.0.0"
},
"product_reference": "None.replace-ext-1.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.request-2.88.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.request-2.88.0"
},
"product_reference": "None.request-2.88.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.resolve-1.1.7 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.resolve-1.1.7"
},
"product_reference": "None.resolve-1.1.7",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.resolve-1.11.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.resolve-1.11.1"
},
"product_reference": "None.resolve-1.11.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.resolve-dir-1.0.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.resolve-dir-1.0.1"
},
"product_reference": "None.resolve-dir-1.0.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.resolve-from-3.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.resolve-from-3.0.0"
},
"product_reference": "None.resolve-from-3.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.resolve-from-5.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.resolve-from-5.0.0"
},
"product_reference": "None.resolve-from-5.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.resolve-url-0.2.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.resolve-url-0.2.1"
},
"product_reference": "None.resolve-url-0.2.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.ret-0.1.15 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.ret-0.1.15"
},
"product_reference": "None.ret-0.1.15",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.rimraf-2.6.3 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.rimraf-2.6.3"
},
"product_reference": "None.rimraf-2.6.3",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.rw-1.3.3 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.rw-1.3.3"
},
"product_reference": "None.rw-1.3.3",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.safe-buffer-5.1.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.safe-buffer-5.1.2"
},
"product_reference": "None.safe-buffer-5.1.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.safe-json-parse-1.0.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.safe-json-parse-1.0.1"
},
"product_reference": "None.safe-json-parse-1.0.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.safe-regex-1.1.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.safe-regex-1.1.0"
},
"product_reference": "None.safe-regex-1.1.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.safer-buffer-2.1.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.safer-buffer-2.1.2"
},
"product_reference": "None.safer-buffer-2.1.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.sax-1.2.4 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.sax-1.2.4"
},
"product_reference": "None.sax-1.2.4",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.select-1.1.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.select-1.1.2"
},
"product_reference": "None.select-1.1.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.semver-5.3.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.semver-5.3.0"
},
"product_reference": "None.semver-5.3.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.semver-5.7.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.semver-5.7.0"
},
"product_reference": "None.semver-5.7.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.set-blocking-2.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.set-blocking-2.0.0"
},
"product_reference": "None.set-blocking-2.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.set-value-2.0.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.set-value-2.0.1"
},
"product_reference": "None.set-value-2.0.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.signal-exit-3.0.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.signal-exit-3.0.2"
},
"product_reference": "None.signal-exit-3.0.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.slash-2.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.slash-2.0.0"
},
"product_reference": "None.slash-2.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.slash-3.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.slash-3.0.0"
},
"product_reference": "None.slash-3.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.slice-ansi-2.1.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.slice-ansi-2.1.0"
},
"product_reference": "None.slice-ansi-2.1.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.snapdragon-0.8.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.snapdragon-0.8.2"
},
"product_reference": "None.snapdragon-0.8.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.snapdragon-node-2.1.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.snapdragon-node-2.1.1"
},
"product_reference": "None.snapdragon-node-2.1.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.snapdragon-util-3.0.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.snapdragon-util-3.0.1"
},
"product_reference": "None.snapdragon-util-3.0.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.source-map-0.2.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.source-map-0.2.0"
},
"product_reference": "None.source-map-0.2.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.source-map-0.5.7 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.source-map-0.5.7"
},
"product_reference": "None.source-map-0.5.7",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.source-map-0.6.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.source-map-0.6.1"
},
"product_reference": "None.source-map-0.6.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.source-map-resolve-0.5.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.source-map-resolve-0.5.2"
},
"product_reference": "None.source-map-resolve-0.5.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.source-map-url-0.4.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.source-map-url-0.4.0"
},
"product_reference": "None.source-map-url-0.4.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.spark-md5-3.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.spark-md5-3.0.0"
},
"product_reference": "None.spark-md5-3.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.spdx-correct-3.1.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.spdx-correct-3.1.0"
},
"product_reference": "None.spdx-correct-3.1.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.spdx-exceptions-2.2.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.spdx-exceptions-2.2.0"
},
"product_reference": "None.spdx-exceptions-2.2.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.spdx-expression-parse-3.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.spdx-expression-parse-3.0.0"
},
"product_reference": "None.spdx-expression-parse-3.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.spdx-license-ids-3.0.4 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.spdx-license-ids-3.0.4"
},
"product_reference": "None.spdx-license-ids-3.0.4",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.specificity-0.4.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.specificity-0.4.1"
},
"product_reference": "None.specificity-0.4.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.split-string-3.1.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.split-string-3.1.0"
},
"product_reference": "None.split-string-3.1.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.sprintf-js-1.0.3 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.sprintf-js-1.0.3"
},
"product_reference": "None.sprintf-js-1.0.3",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.sprintf-js-1.1.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.sprintf-js-1.1.2"
},
"product_reference": "None.sprintf-js-1.1.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.sshpk-1.16.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.sshpk-1.16.1"
},
"product_reference": "None.sshpk-1.16.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.stack-trace-0.0.10 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.stack-trace-0.0.10"
},
"product_reference": "None.stack-trace-0.0.10",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.state-toggle-1.0.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.state-toggle-1.0.2"
},
"product_reference": "None.state-toggle-1.0.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.static-extend-0.1.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.static-extend-0.1.2"
},
"product_reference": "None.static-extend-0.1.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.string-template-0.2.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.string-template-0.2.1"
},
"product_reference": "None.string-template-0.2.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.string-width-1.0.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.string-width-1.0.2"
},
"product_reference": "None.string-width-1.0.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.string-width-3.1.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.string-width-3.1.0"
},
"product_reference": "None.string-width-3.1.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.string-width-4.1.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.string-width-4.1.0"
},
"product_reference": "None.string-width-4.1.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.string_decoder-0.10.31 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.string_decoder-0.10.31"
},
"product_reference": "None.string_decoder-0.10.31",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.string_decoder-1.1.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.string_decoder-1.1.1"
},
"product_reference": "None.string_decoder-1.1.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.stringify-entities-1.3.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.stringify-entities-1.3.2"
},
"product_reference": "None.stringify-entities-1.3.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.strip-ansi-3.0.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.strip-ansi-3.0.1"
},
"product_reference": "None.strip-ansi-3.0.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.strip-ansi-5.2.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.strip-ansi-5.2.0"
},
"product_reference": "None.strip-ansi-5.2.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.strip-bom-2.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.strip-bom-2.0.0"
},
"product_reference": "None.strip-bom-2.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.strip-bom-3.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.strip-bom-3.0.0"
},
"product_reference": "None.strip-bom-3.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.strip-indent-1.0.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.strip-indent-1.0.1"
},
"product_reference": "None.strip-indent-1.0.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.strip-indent-2.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.strip-indent-2.0.0"
},
"product_reference": "None.strip-indent-2.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.style-search-0.1.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.style-search-0.1.0"
},
"product_reference": "None.style-search-0.1.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.stylelint-10.1.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.stylelint-10.1.0"
},
"product_reference": "None.stylelint-10.1.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.sugarss-2.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.sugarss-2.0.0"
},
"product_reference": "None.sugarss-2.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.supports-color-2.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.supports-color-2.0.0"
},
"product_reference": "None.supports-color-2.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.supports-color-5.5.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.supports-color-5.5.0"
},
"product_reference": "None.supports-color-5.5.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.supports-color-6.1.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.supports-color-6.1.0"
},
"product_reference": "None.supports-color-6.1.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.svg-tags-1.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.svg-tags-1.0.0"
},
"product_reference": "None.svg-tags-1.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.symbol-tree-3.2.4 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.symbol-tree-3.2.4"
},
"product_reference": "None.symbol-tree-3.2.4",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.table-5.4.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.table-5.4.1"
},
"product_reference": "None.table-5.4.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.taffydb-2.7.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.taffydb-2.7.2"
},
"product_reference": "None.taffydb-2.7.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.taffydb-2.7.3 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.taffydb-2.7.3"
},
"product_reference": "None.taffydb-2.7.3",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.tar-4.4.10 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.tar-4.4.10"
},
"product_reference": "None.tar-4.4.10",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.through2-3.0.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.through2-3.0.1"
},
"product_reference": "None.through2-3.0.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.tiny-emitter-2.1.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.tiny-emitter-2.1.0"
},
"product_reference": "None.tiny-emitter-2.1.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.tiny-lr-1.1.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.tiny-lr-1.1.1"
},
"product_reference": "None.tiny-lr-1.1.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.to-fast-properties-1.0.3 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.to-fast-properties-1.0.3"
},
"product_reference": "None.to-fast-properties-1.0.3",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.to-fast-properties-2.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.to-fast-properties-2.0.0"
},
"product_reference": "None.to-fast-properties-2.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.to-object-path-0.3.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.to-object-path-0.3.0"
},
"product_reference": "None.to-object-path-0.3.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.to-regex-3.0.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.to-regex-3.0.2"
},
"product_reference": "None.to-regex-3.0.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.to-regex-range-2.1.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.to-regex-range-2.1.1"
},
"product_reference": "None.to-regex-range-2.1.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.to-regex-range-5.0.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.to-regex-range-5.0.1"
},
"product_reference": "None.to-regex-range-5.0.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.tough-cookie-2.4.3 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.tough-cookie-2.4.3"
},
"product_reference": "None.tough-cookie-2.4.3",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.tough-cookie-2.5.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.tough-cookie-2.5.0"
},
"product_reference": "None.tough-cookie-2.5.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.tr46-0.0.3 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.tr46-0.0.3"
},
"product_reference": "None.tr46-0.0.3",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.trim-0.0.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.trim-0.0.1"
},
"product_reference": "None.trim-0.0.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.trim-newlines-1.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.trim-newlines-1.0.0"
},
"product_reference": "None.trim-newlines-1.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.trim-newlines-2.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.trim-newlines-2.0.0"
},
"product_reference": "None.trim-newlines-2.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.trim-right-1.0.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.trim-right-1.0.1"
},
"product_reference": "None.trim-right-1.0.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.trim-trailing-lines-1.1.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.trim-trailing-lines-1.1.2"
},
"product_reference": "None.trim-trailing-lines-1.1.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.trough-1.0.4 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.trough-1.0.4"
},
"product_reference": "None.trough-1.0.4",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.tunnel-agent-0.6.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.tunnel-agent-0.6.0"
},
"product_reference": "None.tunnel-agent-0.6.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.tweetnacl-0.14.5 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.tweetnacl-0.14.5"
},
"product_reference": "None.tweetnacl-0.14.5",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.type-check-0.3.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.type-check-0.3.2"
},
"product_reference": "None.type-check-0.3.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.typedarray-to-buffer-3.1.5 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.typedarray-to-buffer-3.1.5"
},
"product_reference": "None.typedarray-to-buffer-3.1.5",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.unc-path-regex-0.1.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.unc-path-regex-0.1.2"
},
"product_reference": "None.unc-path-regex-0.1.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.underscore.string-3.3.5 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.underscore.string-3.3.5"
},
"product_reference": "None.underscore.string-3.3.5",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.unherit-1.1.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.unherit-1.1.2"
},
"product_reference": "None.unherit-1.1.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.unified-7.1.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.unified-7.1.0"
},
"product_reference": "None.unified-7.1.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.union-value-1.0.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.union-value-1.0.1"
},
"product_reference": "None.union-value-1.0.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.uniq-1.0.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.uniq-1.0.1"
},
"product_reference": "None.uniq-1.0.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.unist-util-find-all-after-1.0.4 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.unist-util-find-all-after-1.0.4"
},
"product_reference": "None.unist-util-find-all-after-1.0.4",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.unist-util-is-3.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.unist-util-is-3.0.0"
},
"product_reference": "None.unist-util-is-3.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.unist-util-remove-position-1.1.3 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.unist-util-remove-position-1.1.3"
},
"product_reference": "None.unist-util-remove-position-1.1.3",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.unist-util-stringify-position-1.1.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.unist-util-stringify-position-1.1.2"
},
"product_reference": "None.unist-util-stringify-position-1.1.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.unist-util-visit-1.4.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.unist-util-visit-1.4.1"
},
"product_reference": "None.unist-util-visit-1.4.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.unist-util-visit-parents-2.1.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.unist-util-visit-parents-2.1.2"
},
"product_reference": "None.unist-util-visit-parents-2.1.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.universalify-0.1.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.universalify-0.1.2"
},
"product_reference": "None.universalify-0.1.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.unset-value-1.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.unset-value-1.0.0"
},
"product_reference": "None.unset-value-1.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.uri-js-4.2.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.uri-js-4.2.2"
},
"product_reference": "None.uri-js-4.2.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.urix-0.1.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.urix-0.1.0"
},
"product_reference": "None.urix-0.1.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.use-3.1.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.use-3.1.1"
},
"product_reference": "None.use-3.1.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.util-deprecate-1.0.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.util-deprecate-1.0.2"
},
"product_reference": "None.util-deprecate-1.0.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.uuid-3.2.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.uuid-3.2.1"
},
"product_reference": "None.uuid-3.2.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.uuid-3.3.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.uuid-3.3.2"
},
"product_reference": "None.uuid-3.3.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.v8flags-3.1.3 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.v8flags-3.1.3"
},
"product_reference": "None.v8flags-3.1.3",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.validate-npm-package-license-3.0.4 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.validate-npm-package-license-3.0.4"
},
"product_reference": "None.validate-npm-package-license-3.0.4",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.verror-1.10.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.verror-1.10.0"
},
"product_reference": "None.verror-1.10.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.vfile-3.0.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.vfile-3.0.1"
},
"product_reference": "None.vfile-3.0.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.vfile-location-2.0.5 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.vfile-location-2.0.5"
},
"product_reference": "None.vfile-location-2.0.5",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.vfile-message-1.1.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.vfile-message-1.1.1"
},
"product_reference": "None.vfile-message-1.1.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.vuvuzela-1.0.3 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.vuvuzela-1.0.3"
},
"product_reference": "None.vuvuzela-1.0.3",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.webidl-conversions-2.0.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.webidl-conversions-2.0.1"
},
"product_reference": "None.webidl-conversions-2.0.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.websocket-driver-0.7.3 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.websocket-driver-0.7.3"
},
"product_reference": "None.websocket-driver-0.7.3",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.websocket-extensions-0.1.3 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.websocket-extensions-0.1.3"
},
"product_reference": "None.websocket-extensions-0.1.3",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.whatwg-fetch-3.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.whatwg-fetch-3.0.0"
},
"product_reference": "None.whatwg-fetch-3.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.whatwg-url-compat-0.6.5 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.whatwg-url-compat-0.6.5"
},
"product_reference": "None.whatwg-url-compat-0.6.5",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.which-1.3.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.which-1.3.1"
},
"product_reference": "None.which-1.3.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.wide-align-1.1.3 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.wide-align-1.1.3"
},
"product_reference": "None.wide-align-1.1.3",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.wordwrap-0.0.3 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.wordwrap-0.0.3"
},
"product_reference": "None.wordwrap-0.0.3",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.wordwrap-1.0.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.wordwrap-1.0.0"
},
"product_reference": "None.wordwrap-1.0.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.wrappy-1.0.2 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.wrappy-1.0.2"
},
"product_reference": "None.wrappy-1.0.2",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.write-1.0.3 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.write-1.0.3"
},
"product_reference": "None.write-1.0.3",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.write-stream-0.4.3 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.write-stream-0.4.3"
},
"product_reference": "None.write-stream-0.4.3",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.x-is-string-0.1.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.x-is-string-0.1.0"
},
"product_reference": "None.x-is-string-0.1.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.xml-name-validator-2.0.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.xml-name-validator-2.0.1"
},
"product_reference": "None.xml-name-validator-2.0.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.xtend-4.0.1 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.xtend-4.0.1"
},
"product_reference": "None.xtend-4.0.1",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.yallist-3.0.3 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.yallist-3.0.3"
},
"product_reference": "None.yallist-3.0.3",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "None.yargs-parser-10.1.0 as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :None.yargs-parser-10.1.0"
},
"product_reference": "None.yargs-parser-10.1.0",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "antlr.antlr-2.7.7.redhat-7.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :antlr.antlr-2.7.7.redhat-7.jar"
},
"product_reference": "antlr.antlr-2.7.7.redhat-7.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "antlr.antlr-2.7.7.redhat-7.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :antlr.antlr-2.7.7.redhat-7.pom"
},
"product_reference": "antlr.antlr-2.7.7.redhat-7.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ch.qos.cal10n.cal10n-api-0.8.1.redhat-1.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :ch.qos.cal10n.cal10n-api-0.8.1.redhat-1.jar"
},
"product_reference": "ch.qos.cal10n.cal10n-api-0.8.1.redhat-1.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ch.qos.cal10n.cal10n-api-0.8.1.redhat-1.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :ch.qos.cal10n.cal10n-api-0.8.1.redhat-1.pom"
},
"product_reference": "ch.qos.cal10n.cal10n-api-0.8.1.redhat-1.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "com.fasterxml.classmate-1.5.1.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :com.fasterxml.classmate-1.5.1.redhat-00001.jar"
},
"product_reference": "com.fasterxml.classmate-1.5.1.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "com.fasterxml.classmate-1.5.1.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :com.fasterxml.classmate-1.5.1.redhat-00001.pom"
},
"product_reference": "com.fasterxml.classmate-1.5.1.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "com.fasterxml.jackson.core.jackson-annotations-2.11.3.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-annotations-2.11.3.redhat-00001.pom"
},
"product_reference": "com.fasterxml.jackson.core.jackson-annotations-2.11.3.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "com.fasterxml.jackson.core.jackson-annotations-2.12.6.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-annotations-2.12.6.redhat-00001.jar"
},
"product_reference": "com.fasterxml.jackson.core.jackson-annotations-2.12.6.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "com.fasterxml.jackson.core.jackson-annotations-2.12.6.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-annotations-2.12.6.redhat-00001.pom"
},
"product_reference": "com.fasterxml.jackson.core.jackson-annotations-2.12.6.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "com.fasterxml.jackson.core.jackson-core-2.11.3.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-core-2.11.3.redhat-00001.pom"
},
"product_reference": "com.fasterxml.jackson.core.jackson-core-2.11.3.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "com.fasterxml.jackson.core.jackson-core-2.12.6.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-core-2.12.6.redhat-00001.jar"
},
"product_reference": "com.fasterxml.jackson.core.jackson-core-2.12.6.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "com.fasterxml.jackson.core.jackson-core-2.12.6.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-core-2.12.6.redhat-00001.pom"
},
"product_reference": "com.fasterxml.jackson.core.jackson-core-2.12.6.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "com.fasterxml.jackson.core.jackson-databind-2.11.3.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-databind-2.11.3.redhat-00001.pom"
},
"product_reference": "com.fasterxml.jackson.core.jackson-databind-2.11.3.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "com.fasterxml.jackson.core.jackson-databind-2.12.6.1-redhat-00004.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-databind-2.12.6.1-redhat-00004.jar"
},
"product_reference": "com.fasterxml.jackson.core.jackson-databind-2.12.6.1-redhat-00004.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "com.fasterxml.jackson.core.jackson-databind-2.12.6.1-redhat-00004.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-databind-2.12.6.1-redhat-00004.pom"
},
"product_reference": "com.fasterxml.jackson.core.jackson-databind-2.12.6.1-redhat-00004.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "com.fasterxml.jackson.datatype.jackson-datatype-jdk8-2.12.6.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.datatype.jackson-datatype-jdk8-2.12.6.redhat-00001.jar"
},
"product_reference": "com.fasterxml.jackson.datatype.jackson-datatype-jdk8-2.12.6.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "com.fasterxml.jackson.datatype.jackson-datatype-jdk8-2.12.6.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.datatype.jackson-datatype-jdk8-2.12.6.redhat-00001.pom"
},
"product_reference": "com.fasterxml.jackson.datatype.jackson-datatype-jdk8-2.12.6.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "com.fasterxml.jackson.datatype.jackson-datatype-jsr310-2.12.6.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.datatype.jackson-datatype-jsr310-2.12.6.redhat-00001.jar"
},
"product_reference": "com.fasterxml.jackson.datatype.jackson-datatype-jsr310-2.12.6.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "com.fasterxml.jackson.datatype.jackson-datatype-jsr310-2.12.6.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.datatype.jackson-datatype-jsr310-2.12.6.redhat-00001.pom"
},
"product_reference": "com.fasterxml.jackson.datatype.jackson-datatype-jsr310-2.12.6.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "com.fasterxml.jackson.jaxrs.jackson-jaxrs-base-2.12.6.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.jaxrs.jackson-jaxrs-base-2.12.6.redhat-00001.jar"
},
"product_reference": "com.fasterxml.jackson.jaxrs.jackson-jaxrs-base-2.12.6.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "com.fasterxml.jackson.jaxrs.jackson-jaxrs-base-2.12.6.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.jaxrs.jackson-jaxrs-base-2.12.6.redhat-00001.pom"
},
"product_reference": "com.fasterxml.jackson.jaxrs.jackson-jaxrs-base-2.12.6.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "com.fasterxml.jackson.jaxrs.jackson-jaxrs-json-provider-2.12.6.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.jaxrs.jackson-jaxrs-json-provider-2.12.6.redhat-00001.jar"
},
"product_reference": "com.fasterxml.jackson.jaxrs.jackson-jaxrs-json-provider-2.12.6.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "com.fasterxml.jackson.jaxrs.jackson-jaxrs-json-provider-2.12.6.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.jaxrs.jackson-jaxrs-json-provider-2.12.6.redhat-00001.pom"
},
"product_reference": "com.fasterxml.jackson.jaxrs.jackson-jaxrs-json-provider-2.12.6.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "com.fasterxml.jackson.module.jackson-module-jaxb-annotations-2.12.6.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.module.jackson-module-jaxb-annotations-2.12.6.redhat-00001.jar"
},
"product_reference": "com.fasterxml.jackson.module.jackson-module-jaxb-annotations-2.12.6.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "com.fasterxml.jackson.module.jackson-module-jaxb-annotations-2.12.6.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.module.jackson-module-jaxb-annotations-2.12.6.redhat-00001.pom"
},
"product_reference": "com.fasterxml.jackson.module.jackson-module-jaxb-annotations-2.12.6.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "com.fasterxml.woodstox.woodstox-core-6.0.3.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :com.fasterxml.woodstox.woodstox-core-6.0.3.redhat-00001.jar"
},
"product_reference": "com.fasterxml.woodstox.woodstox-core-6.0.3.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "com.github.ben-manes.caffeine.caffeine-2.8.8.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :com.github.ben-manes.caffeine.caffeine-2.8.8.redhat-00001.jar"
},
"product_reference": "com.github.ben-manes.caffeine.caffeine-2.8.8.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "com.github.fge.btf-1.2.0.redhat-00007.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :com.github.fge.btf-1.2.0.redhat-00007.jar"
},
"product_reference": "com.github.fge.btf-1.2.0.redhat-00007.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "com.github.fge.jackson-coreutils-1.8.0.redhat-00002.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :com.github.fge.jackson-coreutils-1.8.0.redhat-00002.jar"
},
"product_reference": "com.github.fge.jackson-coreutils-1.8.0.redhat-00002.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "com.github.fge.json-patch-1.9.0.redhat-00002.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :com.github.fge.json-patch-1.9.0.redhat-00002.jar"
},
"product_reference": "com.github.fge.json-patch-1.9.0.redhat-00002.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "com.github.fge.msg-simple-1.1.0.redhat-00007.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :com.github.fge.msg-simple-1.1.0.redhat-00007.jar"
},
"product_reference": "com.github.fge.msg-simple-1.1.0.redhat-00007.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "com.github.spullara.mustache.java.compiler-0.9.6.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :com.github.spullara.mustache.java.compiler-0.9.6.redhat-00001.jar"
},
"product_reference": "com.github.spullara.mustache.java.compiler-0.9.6.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "com.github.spullara.mustache.java.compiler-0.9.6.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :com.github.spullara.mustache.java.compiler-0.9.6.redhat-00001.pom"
},
"product_reference": "com.github.spullara.mustache.java.compiler-0.9.6.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "com.google.code.gson.gson-2.8.5.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :com.google.code.gson.gson-2.8.5.redhat-00001.pom"
},
"product_reference": "com.google.code.gson.gson-2.8.5.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "com.google.code.gson.gson-2.8.9.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :com.google.code.gson.gson-2.8.9.redhat-00001.jar"
},
"product_reference": "com.google.code.gson.gson-2.8.9.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "com.google.code.gson.gson-2.8.9.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :com.google.code.gson.gson-2.8.9.redhat-00001.pom"
},
"product_reference": "com.google.code.gson.gson-2.8.9.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "com.google.guava.failureaccess-1.0.1.redhat-00002.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :com.google.guava.failureaccess-1.0.1.redhat-00002.jar"
},
"product_reference": "com.google.guava.failureaccess-1.0.1.redhat-00002.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "com.google.guava.failureaccess-1.0.1.redhat-00002.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :com.google.guava.failureaccess-1.0.1.redhat-00002.pom"
},
"product_reference": "com.google.guava.failureaccess-1.0.1.redhat-00002.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "com.google.guava.guava-30.1.0.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :com.google.guava.guava-30.1.0.redhat-00001.jar"
},
"product_reference": "com.google.guava.guava-30.1.0.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "com.google.guava.guava-30.1.0.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :com.google.guava.guava-30.1.0.redhat-00001.pom"
},
"product_reference": "com.google.guava.guava-30.1.0.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "com.google.protobuf.protobuf-java-3.12.2.redhat-00002.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :com.google.protobuf.protobuf-java-3.12.2.redhat-00002.pom"
},
"product_reference": "com.google.protobuf.protobuf-java-3.12.2.redhat-00002.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "com.googlecode.javaewah.JavaEWAH-1.1.7.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :com.googlecode.javaewah.JavaEWAH-1.1.7.redhat-00001.jar"
},
"product_reference": "com.googlecode.javaewah.JavaEWAH-1.1.7.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "com.googlecode.javaewah.JavaEWAH-1.1.7.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :com.googlecode.javaewah.JavaEWAH-1.1.7.redhat-00001.pom"
},
"product_reference": "com.googlecode.javaewah.JavaEWAH-1.1.7.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "com.h2database.h2-1.4.197.redhat-00004.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :com.h2database.h2-1.4.197.redhat-00004.jar"
},
"product_reference": "com.h2database.h2-1.4.197.redhat-00004.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "com.h2database.h2-1.4.197.redhat-00004.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :com.h2database.h2-1.4.197.redhat-00004.pom"
},
"product_reference": "com.h2database.h2-1.4.197.redhat-00004.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "com.h2database.h2-1.4.197.redhat-00004.zip as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :com.h2database.h2-1.4.197.redhat-00004.zip"
},
"product_reference": "com.h2database.h2-1.4.197.redhat-00004.zip",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "com.microsoft.azure.azure-storage-8.6.6.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :com.microsoft.azure.azure-storage-8.6.6.redhat-00001.jar"
},
"product_reference": "com.microsoft.azure.azure-storage-8.6.6.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "com.microsoft.azure.azure-storage-8.6.6.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :com.microsoft.azure.azure-storage-8.6.6.redhat-00001.pom"
},
"product_reference": "com.microsoft.azure.azure-storage-8.6.6.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "com.squareup.protoparser-4.0.3.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :com.squareup.protoparser-4.0.3.redhat-00001.pom"
},
"product_reference": "com.squareup.protoparser-4.0.3.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "com.sun.activation.jakarta.activation-1.2.2.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :com.sun.activation.jakarta.activation-1.2.2.redhat-00001.jar"
},
"product_reference": "com.sun.activation.jakarta.activation-1.2.2.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "com.sun.activation.jakarta.activation-1.2.2.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :com.sun.activation.jakarta.activation-1.2.2.redhat-00001.pom"
},
"product_reference": "com.sun.activation.jakarta.activation-1.2.2.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "com.sun.faces.jsf-impl-2.3.14.SP06-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :com.sun.faces.jsf-impl-2.3.14.SP06-redhat-00001.jar"
},
"product_reference": "com.sun.faces.jsf-impl-2.3.14.SP06-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "com.sun.faces.jsf-impl-2.3.14.SP06-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :com.sun.faces.jsf-impl-2.3.14.SP06-redhat-00001.pom"
},
"product_reference": "com.sun.faces.jsf-impl-2.3.14.SP06-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "com.sun.istack.istack-commons-runtime-3.0.10.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :com.sun.istack.istack-commons-runtime-3.0.10.redhat-00001.jar"
},
"product_reference": "com.sun.istack.istack-commons-runtime-3.0.10.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "com.sun.istack.istack-commons-runtime-3.0.10.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :com.sun.istack.istack-commons-runtime-3.0.10.redhat-00001.pom"
},
"product_reference": "com.sun.istack.istack-commons-runtime-3.0.10.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "com.sun.istack.istack-commons-tools-3.0.10.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :com.sun.istack.istack-commons-tools-3.0.10.redhat-00001.jar"
},
"product_reference": "com.sun.istack.istack-commons-tools-3.0.10.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "com.sun.istack.istack-commons-tools-3.0.10.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :com.sun.istack.istack-commons-tools-3.0.10.redhat-00001.pom"
},
"product_reference": "com.sun.istack.istack-commons-tools-3.0.10.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "com.sun.mail.jakarta.mail-1.6.5.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :com.sun.mail.jakarta.mail-1.6.5.redhat-00001.jar"
},
"product_reference": "com.sun.mail.jakarta.mail-1.6.5.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "com.sun.mail.jakarta.mail-1.6.5.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :com.sun.mail.jakarta.mail-1.6.5.redhat-00001.pom"
},
"product_reference": "com.sun.mail.jakarta.mail-1.6.5.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "com.sun.xml.bind.external.relaxng-datatype-2.3.3.b02-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :com.sun.xml.bind.external.relaxng-datatype-2.3.3.b02-redhat-00001.jar"
},
"product_reference": "com.sun.xml.bind.external.relaxng-datatype-2.3.3.b02-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "com.sun.xml.bind.external.relaxng-datatype-2.3.3.b02-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :com.sun.xml.bind.external.relaxng-datatype-2.3.3.b02-redhat-00001.pom"
},
"product_reference": "com.sun.xml.bind.external.relaxng-datatype-2.3.3.b02-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "com.sun.xml.bind.external.rngom-2.3.3.b02-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :com.sun.xml.bind.external.rngom-2.3.3.b02-redhat-00001.jar"
},
"product_reference": "com.sun.xml.bind.external.rngom-2.3.3.b02-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "com.sun.xml.bind.external.rngom-2.3.3.b02-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :com.sun.xml.bind.external.rngom-2.3.3.b02-redhat-00001.pom"
},
"product_reference": "com.sun.xml.bind.external.rngom-2.3.3.b02-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "com.sun.xml.bind.jaxb.isorelax-20090621.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :com.sun.xml.bind.jaxb.isorelax-20090621.pom"
},
"product_reference": "com.sun.xml.bind.jaxb.isorelax-20090621.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "com.sun.xml.fastinfoset.FastInfoset-1.2.13.redhat-1.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :com.sun.xml.fastinfoset.FastInfoset-1.2.13.redhat-1.jar"
},
"product_reference": "com.sun.xml.fastinfoset.FastInfoset-1.2.13.redhat-1.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "com.sun.xml.fastinfoset.FastInfoset-1.2.13.redhat-1.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :com.sun.xml.fastinfoset.FastInfoset-1.2.13.redhat-1.pom"
},
"product_reference": "com.sun.xml.fastinfoset.FastInfoset-1.2.13.redhat-1.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "com.sun.xml.messaging.saaj.saaj-impl-1.4.1.SP1-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :com.sun.xml.messaging.saaj.saaj-impl-1.4.1.SP1-redhat-00001.jar"
},
"product_reference": "com.sun.xml.messaging.saaj.saaj-impl-1.4.1.SP1-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "com.sun.xml.messaging.saaj.saaj-impl-1.4.1.SP1-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :com.sun.xml.messaging.saaj.saaj-impl-1.4.1.SP1-redhat-00001.pom"
},
"product_reference": "com.sun.xml.messaging.saaj.saaj-impl-1.4.1.SP1-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "commons-beanutils.commons-beanutils-1.9.4.redhat-00002.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :commons-beanutils.commons-beanutils-1.9.4.redhat-00002.jar"
},
"product_reference": "commons-beanutils.commons-beanutils-1.9.4.redhat-00002.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "commons-beanutils.commons-beanutils-1.9.4.redhat-00002.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :commons-beanutils.commons-beanutils-1.9.4.redhat-00002.pom"
},
"product_reference": "commons-beanutils.commons-beanutils-1.9.4.redhat-00002.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "commons-cli.commons-cli-1.2.0.redhat-10.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :commons-cli.commons-cli-1.2.0.redhat-10.pom"
},
"product_reference": "commons-cli.commons-cli-1.2.0.redhat-10.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "commons-cli.commons-cli-1.4.0.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :commons-cli.commons-cli-1.4.0.redhat-00001.jar"
},
"product_reference": "commons-cli.commons-cli-1.4.0.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "commons-cli.commons-cli-1.4.0.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :commons-cli.commons-cli-1.4.0.redhat-00001.pom"
},
"product_reference": "commons-cli.commons-cli-1.4.0.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "commons-codec.commons-codec-1.11.0.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :commons-codec.commons-codec-1.11.0.redhat-00001.pom"
},
"product_reference": "commons-codec.commons-codec-1.11.0.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "commons-codec.commons-codec-1.15.0.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :commons-codec.commons-codec-1.15.0.redhat-00001.jar"
},
"product_reference": "commons-codec.commons-codec-1.15.0.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "commons-codec.commons-codec-1.15.0.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :commons-codec.commons-codec-1.15.0.redhat-00001.pom"
},
"product_reference": "commons-codec.commons-codec-1.15.0.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "commons-collections.commons-collections-3.2.2.redhat-2.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :commons-collections.commons-collections-3.2.2.redhat-2.jar"
},
"product_reference": "commons-collections.commons-collections-3.2.2.redhat-2.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "commons-collections.commons-collections-3.2.2.redhat-2.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :commons-collections.commons-collections-3.2.2.redhat-2.pom"
},
"product_reference": "commons-collections.commons-collections-3.2.2.redhat-2.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "commons-io.commons-io-2.10.0.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :commons-io.commons-io-2.10.0.redhat-00001.jar"
},
"product_reference": "commons-io.commons-io-2.10.0.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "commons-io.commons-io-2.10.0.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :commons-io.commons-io-2.10.0.redhat-00001.pom"
},
"product_reference": "commons-io.commons-io-2.10.0.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "commons-io.commons-io-2.8.0.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :commons-io.commons-io-2.8.0.redhat-00001.pom"
},
"product_reference": "commons-io.commons-io-2.8.0.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "commons-lang.commons-lang-2.6.0.redhat-7.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :commons-lang.commons-lang-2.6.0.redhat-7.jar"
},
"product_reference": "commons-lang.commons-lang-2.6.0.redhat-7.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "commons-lang.commons-lang-2.6.0.redhat-7.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :commons-lang.commons-lang-2.6.0.redhat-7.pom"
},
"product_reference": "commons-lang.commons-lang-2.6.0.redhat-7.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "commons-logging.commons-logging-1.2.0.redhat-00004.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :commons-logging.commons-logging-1.2.0.redhat-00004.pom"
},
"product_reference": "commons-logging.commons-logging-1.2.0.redhat-00004.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnu.getopt.java-getopt-1.0.13.redhat-5.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :gnu.getopt.java-getopt-1.0.13.redhat-5.jar"
},
"product_reference": "gnu.getopt.java-getopt-1.0.13.redhat-5.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnu.getopt.java-getopt-1.0.13.redhat-5.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :gnu.getopt.java-getopt-1.0.13.redhat-5.pom"
},
"product_reference": "gnu.getopt.java-getopt-1.0.13.redhat-5.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "io.agroal.agroal-api-1.3.0.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :io.agroal.agroal-api-1.3.0.redhat-00001.jar"
},
"product_reference": "io.agroal.agroal-api-1.3.0.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "io.agroal.agroal-api-1.3.0.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :io.agroal.agroal-api-1.3.0.redhat-00001.pom"
},
"product_reference": "io.agroal.agroal-api-1.3.0.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "io.agroal.agroal-narayana-1.3.0.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :io.agroal.agroal-narayana-1.3.0.redhat-00001.jar"
},
"product_reference": "io.agroal.agroal-narayana-1.3.0.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "io.agroal.agroal-narayana-1.3.0.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :io.agroal.agroal-narayana-1.3.0.redhat-00001.pom"
},
"product_reference": "io.agroal.agroal-narayana-1.3.0.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "io.agroal.agroal-pool-1.3.0.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :io.agroal.agroal-pool-1.3.0.redhat-00001.jar"
},
"product_reference": "io.agroal.agroal-pool-1.3.0.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "io.agroal.agroal-pool-1.3.0.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :io.agroal.agroal-pool-1.3.0.redhat-00001.pom"
},
"product_reference": "io.agroal.agroal-pool-1.3.0.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "io.netty.netty-buffer-4.1.77.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :io.netty.netty-buffer-4.1.77.Final-redhat-00001.jar"
},
"product_reference": "io.netty.netty-buffer-4.1.77.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "io.netty.netty-buffer-4.1.77.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :io.netty.netty-buffer-4.1.77.Final-redhat-00001.pom"
},
"product_reference": "io.netty.netty-buffer-4.1.77.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "io.netty.netty-codec-4.1.77.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-4.1.77.Final-redhat-00001.jar"
},
"product_reference": "io.netty.netty-codec-4.1.77.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "io.netty.netty-codec-4.1.77.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-4.1.77.Final-redhat-00001.pom"
},
"product_reference": "io.netty.netty-codec-4.1.77.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "io.netty.netty-codec-dns-4.1.77.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-dns-4.1.77.Final-redhat-00001.jar"
},
"product_reference": "io.netty.netty-codec-dns-4.1.77.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "io.netty.netty-codec-dns-4.1.77.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-dns-4.1.77.Final-redhat-00001.pom"
},
"product_reference": "io.netty.netty-codec-dns-4.1.77.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "io.netty.netty-codec-haproxy-4.1.77.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-haproxy-4.1.77.Final-redhat-00001.jar"
},
"product_reference": "io.netty.netty-codec-haproxy-4.1.77.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "io.netty.netty-codec-haproxy-4.1.77.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-haproxy-4.1.77.Final-redhat-00001.pom"
},
"product_reference": "io.netty.netty-codec-haproxy-4.1.77.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "io.netty.netty-codec-http-4.1.77.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-http-4.1.77.Final-redhat-00001.jar"
},
"product_reference": "io.netty.netty-codec-http-4.1.77.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "io.netty.netty-codec-http-4.1.77.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-http-4.1.77.Final-redhat-00001.pom"
},
"product_reference": "io.netty.netty-codec-http-4.1.77.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "io.netty.netty-codec-http2-4.1.77.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-http2-4.1.77.Final-redhat-00001.jar"
},
"product_reference": "io.netty.netty-codec-http2-4.1.77.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "io.netty.netty-codec-http2-4.1.77.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-http2-4.1.77.Final-redhat-00001.pom"
},
"product_reference": "io.netty.netty-codec-http2-4.1.77.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "io.netty.netty-codec-memcache-4.1.77.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-memcache-4.1.77.Final-redhat-00001.jar"
},
"product_reference": "io.netty.netty-codec-memcache-4.1.77.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "io.netty.netty-codec-memcache-4.1.77.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-memcache-4.1.77.Final-redhat-00001.pom"
},
"product_reference": "io.netty.netty-codec-memcache-4.1.77.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "io.netty.netty-codec-mqtt-4.1.77.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-mqtt-4.1.77.Final-redhat-00001.jar"
},
"product_reference": "io.netty.netty-codec-mqtt-4.1.77.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "io.netty.netty-codec-mqtt-4.1.77.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-mqtt-4.1.77.Final-redhat-00001.pom"
},
"product_reference": "io.netty.netty-codec-mqtt-4.1.77.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "io.netty.netty-codec-redis-4.1.77.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-redis-4.1.77.Final-redhat-00001.jar"
},
"product_reference": "io.netty.netty-codec-redis-4.1.77.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "io.netty.netty-codec-redis-4.1.77.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-redis-4.1.77.Final-redhat-00001.pom"
},
"product_reference": "io.netty.netty-codec-redis-4.1.77.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "io.netty.netty-codec-smtp-4.1.77.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-smtp-4.1.77.Final-redhat-00001.jar"
},
"product_reference": "io.netty.netty-codec-smtp-4.1.77.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "io.netty.netty-codec-smtp-4.1.77.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-smtp-4.1.77.Final-redhat-00001.pom"
},
"product_reference": "io.netty.netty-codec-smtp-4.1.77.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "io.netty.netty-codec-socks-4.1.77.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-socks-4.1.77.Final-redhat-00001.jar"
},
"product_reference": "io.netty.netty-codec-socks-4.1.77.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "io.netty.netty-codec-socks-4.1.77.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-socks-4.1.77.Final-redhat-00001.pom"
},
"product_reference": "io.netty.netty-codec-socks-4.1.77.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "io.netty.netty-codec-stomp-4.1.77.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-stomp-4.1.77.Final-redhat-00001.jar"
},
"product_reference": "io.netty.netty-codec-stomp-4.1.77.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "io.netty.netty-codec-stomp-4.1.77.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-stomp-4.1.77.Final-redhat-00001.pom"
},
"product_reference": "io.netty.netty-codec-stomp-4.1.77.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "io.netty.netty-codec-xml-4.1.77.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-xml-4.1.77.Final-redhat-00001.jar"
},
"product_reference": "io.netty.netty-codec-xml-4.1.77.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "io.netty.netty-codec-xml-4.1.77.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-xml-4.1.77.Final-redhat-00001.pom"
},
"product_reference": "io.netty.netty-codec-xml-4.1.77.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "io.netty.netty-common-4.1.77.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :io.netty.netty-common-4.1.77.Final-redhat-00001.jar"
},
"product_reference": "io.netty.netty-common-4.1.77.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "io.netty.netty-handler-4.1.77.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :io.netty.netty-handler-4.1.77.Final-redhat-00001.jar"
},
"product_reference": "io.netty.netty-handler-4.1.77.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "io.netty.netty-handler-4.1.77.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :io.netty.netty-handler-4.1.77.Final-redhat-00001.pom"
},
"product_reference": "io.netty.netty-handler-4.1.77.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "io.netty.netty-handler-proxy-4.1.77.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :io.netty.netty-handler-proxy-4.1.77.Final-redhat-00001.jar"
},
"product_reference": "io.netty.netty-handler-proxy-4.1.77.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "io.netty.netty-handler-proxy-4.1.77.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :io.netty.netty-handler-proxy-4.1.77.Final-redhat-00001.pom"
},
"product_reference": "io.netty.netty-handler-proxy-4.1.77.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "io.netty.netty-resolver-4.1.77.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :io.netty.netty-resolver-4.1.77.Final-redhat-00001.jar"
},
"product_reference": "io.netty.netty-resolver-4.1.77.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "io.netty.netty-resolver-4.1.77.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :io.netty.netty-resolver-4.1.77.Final-redhat-00001.pom"
},
"product_reference": "io.netty.netty-resolver-4.1.77.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "io.netty.netty-resolver-dns-4.1.77.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :io.netty.netty-resolver-dns-4.1.77.Final-redhat-00001.jar"
},
"product_reference": "io.netty.netty-resolver-dns-4.1.77.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "io.netty.netty-resolver-dns-4.1.77.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :io.netty.netty-resolver-dns-4.1.77.Final-redhat-00001.pom"
},
"product_reference": "io.netty.netty-resolver-dns-4.1.77.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "io.netty.netty-resolver-dns-classes-macos-4.1.77.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :io.netty.netty-resolver-dns-classes-macos-4.1.77.Final-redhat-00001.jar"
},
"product_reference": "io.netty.netty-resolver-dns-classes-macos-4.1.77.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "io.netty.netty-resolver-dns-classes-macos-4.1.77.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :io.netty.netty-resolver-dns-classes-macos-4.1.77.Final-redhat-00001.pom"
},
"product_reference": "io.netty.netty-resolver-dns-classes-macos-4.1.77.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "io.netty.netty-tcnative-classes-2.0.52.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :io.netty.netty-tcnative-classes-2.0.52.Final-redhat-00001.jar"
},
"product_reference": "io.netty.netty-tcnative-classes-2.0.52.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "io.netty.netty-tcnative-classes-2.0.52.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :io.netty.netty-tcnative-classes-2.0.52.Final-redhat-00001.pom"
},
"product_reference": "io.netty.netty-tcnative-classes-2.0.52.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "io.netty.netty-transport-4.1.77.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-4.1.77.Final-redhat-00001.jar"
},
"product_reference": "io.netty.netty-transport-4.1.77.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "io.netty.netty-transport-4.1.77.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-4.1.77.Final-redhat-00001.pom"
},
"product_reference": "io.netty.netty-transport-4.1.77.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "io.netty.netty-transport-classes-epoll-4.1.77.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-classes-epoll-4.1.77.Final-redhat-00001.jar"
},
"product_reference": "io.netty.netty-transport-classes-epoll-4.1.77.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "io.netty.netty-transport-classes-epoll-4.1.77.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-classes-epoll-4.1.77.Final-redhat-00001.pom"
},
"product_reference": "io.netty.netty-transport-classes-epoll-4.1.77.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "io.netty.netty-transport-classes-kqueue-4.1.77.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-classes-kqueue-4.1.77.Final-redhat-00001.jar"
},
"product_reference": "io.netty.netty-transport-classes-kqueue-4.1.77.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "io.netty.netty-transport-classes-kqueue-4.1.77.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-classes-kqueue-4.1.77.Final-redhat-00001.pom"
},
"product_reference": "io.netty.netty-transport-classes-kqueue-4.1.77.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "io.netty.netty-transport-native-epoll-4.1.77.Final-redhat-00001-linux-x86_64.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-native-epoll-4.1.77.Final-redhat-00001-linux-x86_64.jar"
},
"product_reference": "io.netty.netty-transport-native-epoll-4.1.77.Final-redhat-00001-linux-x86_64.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "io.netty.netty-transport-native-epoll-4.1.77.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-native-epoll-4.1.77.Final-redhat-00001.pom"
},
"product_reference": "io.netty.netty-transport-native-epoll-4.1.77.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "io.netty.netty-transport-native-unix-common-4.1.77.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-native-unix-common-4.1.77.Final-redhat-00001.jar"
},
"product_reference": "io.netty.netty-transport-native-unix-common-4.1.77.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "io.netty.netty-transport-native-unix-common-4.1.77.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-native-unix-common-4.1.77.Final-redhat-00001.pom"
},
"product_reference": "io.netty.netty-transport-native-unix-common-4.1.77.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "io.netty.netty-transport-rxtx-4.1.77.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-rxtx-4.1.77.Final-redhat-00001.jar"
},
"product_reference": "io.netty.netty-transport-rxtx-4.1.77.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "io.netty.netty-transport-rxtx-4.1.77.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-rxtx-4.1.77.Final-redhat-00001.pom"
},
"product_reference": "io.netty.netty-transport-rxtx-4.1.77.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "io.netty.netty-transport-sctp-4.1.77.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-sctp-4.1.77.Final-redhat-00001.jar"
},
"product_reference": "io.netty.netty-transport-sctp-4.1.77.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "io.netty.netty-transport-sctp-4.1.77.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-sctp-4.1.77.Final-redhat-00001.pom"
},
"product_reference": "io.netty.netty-transport-sctp-4.1.77.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "io.netty.netty-transport-udt-4.1.77.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-udt-4.1.77.Final-redhat-00001.jar"
},
"product_reference": "io.netty.netty-transport-udt-4.1.77.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "io.netty.netty-transport-udt-4.1.77.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-udt-4.1.77.Final-redhat-00001.pom"
},
"product_reference": "io.netty.netty-transport-udt-4.1.77.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "io.reactivex.rxjava2.rxjava-2.2.20.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :io.reactivex.rxjava2.rxjava-2.2.20.redhat-00001.jar"
},
"product_reference": "io.reactivex.rxjava2.rxjava-2.2.20.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "io.reactivex.rxjava3.rxjava-3.0.9.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :io.reactivex.rxjava3.rxjava-3.0.9.redhat-00001.jar"
},
"product_reference": "io.reactivex.rxjava3.rxjava-3.0.9.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "io.undertow.jastow.jastow-2.0.11.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :io.undertow.jastow.jastow-2.0.11.Final-redhat-00001.jar"
},
"product_reference": "io.undertow.jastow.jastow-2.0.11.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "io.undertow.jastow.jastow-2.0.11.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :io.undertow.jastow.jastow-2.0.11.Final-redhat-00001.pom"
},
"product_reference": "io.undertow.jastow.jastow-2.0.11.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "io.undertow.js.undertow-js-1.0.2.Final-redhat-1.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :io.undertow.js.undertow-js-1.0.2.Final-redhat-1.jar"
},
"product_reference": "io.undertow.js.undertow-js-1.0.2.Final-redhat-1.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "io.undertow.js.undertow-js-1.0.2.Final-redhat-1.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :io.undertow.js.undertow-js-1.0.2.Final-redhat-1.pom"
},
"product_reference": "io.undertow.js.undertow-js-1.0.2.Final-redhat-1.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "io.undertow.undertow-core-2.2.19.SP2-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :io.undertow.undertow-core-2.2.19.SP2-redhat-00001.jar"
},
"product_reference": "io.undertow.undertow-core-2.2.19.SP2-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "io.undertow.undertow-core-2.2.19.SP2-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :io.undertow.undertow-core-2.2.19.SP2-redhat-00001.pom"
},
"product_reference": "io.undertow.undertow-core-2.2.19.SP2-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "io.undertow.undertow-servlet-2.2.19.SP2-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :io.undertow.undertow-servlet-2.2.19.SP2-redhat-00001.jar"
},
"product_reference": "io.undertow.undertow-servlet-2.2.19.SP2-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "io.undertow.undertow-servlet-2.2.19.SP2-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :io.undertow.undertow-servlet-2.2.19.SP2-redhat-00001.pom"
},
"product_reference": "io.undertow.undertow-servlet-2.2.19.SP2-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "io.undertow.undertow-websockets-jsr-2.2.19.SP2-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :io.undertow.undertow-websockets-jsr-2.2.19.SP2-redhat-00001.jar"
},
"product_reference": "io.undertow.undertow-websockets-jsr-2.2.19.SP2-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "io.undertow.undertow-websockets-jsr-2.2.19.SP2-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :io.undertow.undertow-websockets-jsr-2.2.19.SP2-redhat-00001.pom"
},
"product_reference": "io.undertow.undertow-websockets-jsr-2.2.19.SP2-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jakarta.enterprise.jakarta.enterprise.cdi-api-2.0.2.redhat-00002.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :jakarta.enterprise.jakarta.enterprise.cdi-api-2.0.2.redhat-00002.jar"
},
"product_reference": "jakarta.enterprise.jakarta.enterprise.cdi-api-2.0.2.redhat-00002.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jakarta.enterprise.jakarta.enterprise.cdi-api-2.0.2.redhat-00002.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :jakarta.enterprise.jakarta.enterprise.cdi-api-2.0.2.redhat-00002.pom"
},
"product_reference": "jakarta.enterprise.jakarta.enterprise.cdi-api-2.0.2.redhat-00002.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jakarta.inject.jakarta.inject-api-1.0.3.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :jakarta.inject.jakarta.inject-api-1.0.3.redhat-00001.jar"
},
"product_reference": "jakarta.inject.jakarta.inject-api-1.0.3.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jakarta.inject.jakarta.inject-api-1.0.3.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :jakarta.inject.jakarta.inject-api-1.0.3.redhat-00001.pom"
},
"product_reference": "jakarta.inject.jakarta.inject-api-1.0.3.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jakarta.json.bind.jakarta.json.bind-api-1.0.2.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :jakarta.json.bind.jakarta.json.bind-api-1.0.2.redhat-00001.jar"
},
"product_reference": "jakarta.json.bind.jakarta.json.bind-api-1.0.2.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jakarta.json.bind.jakarta.json.bind-api-1.0.2.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :jakarta.json.bind.jakarta.json.bind-api-1.0.2.redhat-00001.pom"
},
"product_reference": "jakarta.json.bind.jakarta.json.bind-api-1.0.2.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jakarta.json.jakarta.json-api-1.1.6.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :jakarta.json.jakarta.json-api-1.1.6.redhat-00001.jar"
},
"product_reference": "jakarta.json.jakarta.json-api-1.1.6.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jakarta.json.jakarta.json-api-1.1.6.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :jakarta.json.jakarta.json-api-1.1.6.redhat-00001.pom"
},
"product_reference": "jakarta.json.jakarta.json-api-1.1.6.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jakarta.persistence.jakarta.persistence-api-2.2.3.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :jakarta.persistence.jakarta.persistence-api-2.2.3.redhat-00001.jar"
},
"product_reference": "jakarta.persistence.jakarta.persistence-api-2.2.3.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jakarta.persistence.jakarta.persistence-api-2.2.3.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :jakarta.persistence.jakarta.persistence-api-2.2.3.redhat-00001.pom"
},
"product_reference": "jakarta.persistence.jakarta.persistence-api-2.2.3.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jakarta.security.enterprise.jakarta.security.enterprise-api-1.0.2.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :jakarta.security.enterprise.jakarta.security.enterprise-api-1.0.2.redhat-00001.jar"
},
"product_reference": "jakarta.security.enterprise.jakarta.security.enterprise-api-1.0.2.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jakarta.security.enterprise.jakarta.security.enterprise-api-1.0.2.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :jakarta.security.enterprise.jakarta.security.enterprise-api-1.0.2.redhat-00001.pom"
},
"product_reference": "jakarta.security.enterprise.jakarta.security.enterprise-api-1.0.2.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jakarta.validation.jakarta.validation-api-2.0.2.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :jakarta.validation.jakarta.validation-api-2.0.2.redhat-00001.jar"
},
"product_reference": "jakarta.validation.jakarta.validation-api-2.0.2.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jakarta.validation.jakarta.validation-api-2.0.2.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :jakarta.validation.jakarta.validation-api-2.0.2.redhat-00001.pom"
},
"product_reference": "jakarta.validation.jakarta.validation-api-2.0.2.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "javax.jws.jsr181-api-1.0.0.MR1-redhat-8.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :javax.jws.jsr181-api-1.0.0.MR1-redhat-8.jar"
},
"product_reference": "javax.jws.jsr181-api-1.0.0.MR1-redhat-8.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "javax.jws.jsr181-api-1.0.0.MR1-redhat-8.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :javax.jws.jsr181-api-1.0.0.MR1-redhat-8.pom"
},
"product_reference": "javax.jws.jsr181-api-1.0.0.MR1-redhat-8.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jaxen.jaxen-1.1.6.redhat-2.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :jaxen.jaxen-1.1.6.redhat-2.jar"
},
"product_reference": "jaxen.jaxen-1.1.6.redhat-2.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jaxen.jaxen-1.1.6.redhat-2.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :jaxen.jaxen-1.1.6.redhat-2.pom"
},
"product_reference": "jaxen.jaxen-1.1.6.redhat-2.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss.jaxbintros.jboss-jaxb-intros-1.0.3.GA-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :jboss.jaxbintros.jboss-jaxb-intros-1.0.3.GA-redhat-00001.jar"
},
"product_reference": "jboss.jaxbintros.jboss-jaxb-intros-1.0.3.GA-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss.jaxbintros.jboss-jaxb-intros-1.0.3.GA-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :jboss.jaxbintros.jboss-jaxb-intros-1.0.3.GA-redhat-00001.pom"
},
"product_reference": "jboss.jaxbintros.jboss-jaxb-intros-1.0.3.GA-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "joda-time.joda-time-2.9.7.redhat-1.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :joda-time.joda-time-2.9.7.redhat-1.jar"
},
"product_reference": "joda-time.joda-time-2.9.7.redhat-1.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "joda-time.joda-time-2.9.7.redhat-1.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :joda-time.joda-time-2.9.7.redhat-1.pom"
},
"product_reference": "joda-time.joda-time-2.9.7.redhat-1.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "net.bytebuddy.byte-buddy-1.11.12.redhat-00002.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :net.bytebuddy.byte-buddy-1.11.12.redhat-00002.jar"
},
"product_reference": "net.bytebuddy.byte-buddy-1.11.12.redhat-00002.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "net.bytebuddy.byte-buddy-dep-1.11.12.redhat-00002.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :net.bytebuddy.byte-buddy-dep-1.11.12.redhat-00002.pom"
},
"product_reference": "net.bytebuddy.byte-buddy-dep-1.11.12.redhat-00002.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "net.java.dev.msv.msv-core-2013.6.1.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :net.java.dev.msv.msv-core-2013.6.1.pom"
},
"product_reference": "net.java.dev.msv.msv-core-2013.6.1.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "net.java.dev.msv.xsdlib-2013.6.1.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :net.java.dev.msv.xsdlib-2013.6.1.pom"
},
"product_reference": "net.java.dev.msv.xsdlib-2013.6.1.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "net.jcip.jcip-annotations-1.0.0.redhat-8.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :net.jcip.jcip-annotations-1.0.0.redhat-8.jar"
},
"product_reference": "net.jcip.jcip-annotations-1.0.0.redhat-8.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "net.jcip.jcip-annotations-1.0.0.redhat-8.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :net.jcip.jcip-annotations-1.0.0.redhat-8.pom"
},
"product_reference": "net.jcip.jcip-annotations-1.0.0.redhat-8.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "net.shibboleth.utilities.java-support-7.3.0.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :net.shibboleth.utilities.java-support-7.3.0.redhat-00001.jar"
},
"product_reference": "net.shibboleth.utilities.java-support-7.3.0.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "net.shibboleth.utilities.java-support-7.3.0.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :net.shibboleth.utilities.java-support-7.3.0.redhat-00001.pom"
},
"product_reference": "net.shibboleth.utilities.java-support-7.3.0.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.aesh.aesh-2.4.0.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.aesh.aesh-2.4.0.redhat-00001.jar"
},
"product_reference": "org.aesh.aesh-2.4.0.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.aesh.aesh-2.4.0.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.aesh.aesh-2.4.0.redhat-00001.pom"
},
"product_reference": "org.aesh.aesh-2.4.0.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.aesh.aesh-extensions-1.8.0.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.aesh.aesh-extensions-1.8.0.redhat-00001.jar"
},
"product_reference": "org.aesh.aesh-extensions-1.8.0.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.aesh.aesh-extensions-1.8.0.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.aesh.aesh-extensions-1.8.0.redhat-00001.pom"
},
"product_reference": "org.aesh.aesh-extensions-1.8.0.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.aesh.readline-2.2.0.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.aesh.readline-2.2.0.redhat-00001.jar"
},
"product_reference": "org.aesh.readline-2.2.0.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.aesh.readline-2.2.0.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.aesh.readline-2.2.0.redhat-00001.pom"
},
"product_reference": "org.aesh.readline-2.2.0.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.aesh.terminal-api-2.2.0.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.aesh.terminal-api-2.2.0.redhat-00001.pom"
},
"product_reference": "org.aesh.terminal-api-2.2.0.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.activemq.activemq-artemis-native-1.0.2.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.activemq.activemq-artemis-native-1.0.2.redhat-00001.jar"
},
"product_reference": "org.apache.activemq.activemq-artemis-native-1.0.2.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.activemq.activemq-artemis-native-1.0.2.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.activemq.activemq-artemis-native-1.0.2.redhat-00001.pom"
},
"product_reference": "org.apache.activemq.activemq-artemis-native-1.0.2.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.activemq.artemis-cli-2.16.0.redhat-00045.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-cli-2.16.0.redhat-00045.jar"
},
"product_reference": "org.apache.activemq.artemis-cli-2.16.0.redhat-00045.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.activemq.artemis-cli-2.16.0.redhat-00045.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-cli-2.16.0.redhat-00045.pom"
},
"product_reference": "org.apache.activemq.artemis-cli-2.16.0.redhat-00045.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.activemq.artemis-commons-2.16.0.redhat-00045.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-commons-2.16.0.redhat-00045.jar"
},
"product_reference": "org.apache.activemq.artemis-commons-2.16.0.redhat-00045.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.activemq.artemis-commons-2.16.0.redhat-00045.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-commons-2.16.0.redhat-00045.pom"
},
"product_reference": "org.apache.activemq.artemis-commons-2.16.0.redhat-00045.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.activemq.artemis-core-client-2.16.0.redhat-00045.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-core-client-2.16.0.redhat-00045.jar"
},
"product_reference": "org.apache.activemq.artemis-core-client-2.16.0.redhat-00045.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.activemq.artemis-core-client-2.16.0.redhat-00045.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-core-client-2.16.0.redhat-00045.pom"
},
"product_reference": "org.apache.activemq.artemis-core-client-2.16.0.redhat-00045.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.activemq.artemis-dto-2.16.0.redhat-00045.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-dto-2.16.0.redhat-00045.jar"
},
"product_reference": "org.apache.activemq.artemis-dto-2.16.0.redhat-00045.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.activemq.artemis-dto-2.16.0.redhat-00045.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-dto-2.16.0.redhat-00045.pom"
},
"product_reference": "org.apache.activemq.artemis-dto-2.16.0.redhat-00045.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.activemq.artemis-hornetq-protocol-2.16.0.redhat-00045.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-hornetq-protocol-2.16.0.redhat-00045.jar"
},
"product_reference": "org.apache.activemq.artemis-hornetq-protocol-2.16.0.redhat-00045.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.activemq.artemis-hornetq-protocol-2.16.0.redhat-00045.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-hornetq-protocol-2.16.0.redhat-00045.pom"
},
"product_reference": "org.apache.activemq.artemis-hornetq-protocol-2.16.0.redhat-00045.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.activemq.artemis-hqclient-protocol-2.16.0.redhat-00045.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-hqclient-protocol-2.16.0.redhat-00045.jar"
},
"product_reference": "org.apache.activemq.artemis-hqclient-protocol-2.16.0.redhat-00045.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.activemq.artemis-hqclient-protocol-2.16.0.redhat-00045.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-hqclient-protocol-2.16.0.redhat-00045.pom"
},
"product_reference": "org.apache.activemq.artemis-hqclient-protocol-2.16.0.redhat-00045.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.activemq.artemis-jdbc-store-2.16.0.redhat-00045.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-jdbc-store-2.16.0.redhat-00045.jar"
},
"product_reference": "org.apache.activemq.artemis-jdbc-store-2.16.0.redhat-00045.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.activemq.artemis-jdbc-store-2.16.0.redhat-00045.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-jdbc-store-2.16.0.redhat-00045.pom"
},
"product_reference": "org.apache.activemq.artemis-jdbc-store-2.16.0.redhat-00045.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.activemq.artemis-jms-client-2.16.0.redhat-00045.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-jms-client-2.16.0.redhat-00045.jar"
},
"product_reference": "org.apache.activemq.artemis-jms-client-2.16.0.redhat-00045.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.activemq.artemis-jms-client-2.16.0.redhat-00045.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-jms-client-2.16.0.redhat-00045.pom"
},
"product_reference": "org.apache.activemq.artemis-jms-client-2.16.0.redhat-00045.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.activemq.artemis-jms-server-2.16.0.redhat-00045.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-jms-server-2.16.0.redhat-00045.jar"
},
"product_reference": "org.apache.activemq.artemis-jms-server-2.16.0.redhat-00045.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.activemq.artemis-jms-server-2.16.0.redhat-00045.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-jms-server-2.16.0.redhat-00045.pom"
},
"product_reference": "org.apache.activemq.artemis-jms-server-2.16.0.redhat-00045.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.activemq.artemis-journal-2.16.0.redhat-00045.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-journal-2.16.0.redhat-00045.jar"
},
"product_reference": "org.apache.activemq.artemis-journal-2.16.0.redhat-00045.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.activemq.artemis-journal-2.16.0.redhat-00045.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-journal-2.16.0.redhat-00045.pom"
},
"product_reference": "org.apache.activemq.artemis-journal-2.16.0.redhat-00045.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.activemq.artemis-ra-2.16.0.redhat-00045.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-ra-2.16.0.redhat-00045.jar"
},
"product_reference": "org.apache.activemq.artemis-ra-2.16.0.redhat-00045.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.activemq.artemis-ra-2.16.0.redhat-00045.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-ra-2.16.0.redhat-00045.pom"
},
"product_reference": "org.apache.activemq.artemis-ra-2.16.0.redhat-00045.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.activemq.artemis-selector-2.16.0.redhat-00045.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-selector-2.16.0.redhat-00045.jar"
},
"product_reference": "org.apache.activemq.artemis-selector-2.16.0.redhat-00045.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.activemq.artemis-selector-2.16.0.redhat-00045.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-selector-2.16.0.redhat-00045.pom"
},
"product_reference": "org.apache.activemq.artemis-selector-2.16.0.redhat-00045.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.activemq.artemis-server-2.16.0.redhat-00045.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-server-2.16.0.redhat-00045.jar"
},
"product_reference": "org.apache.activemq.artemis-server-2.16.0.redhat-00045.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.activemq.artemis-server-2.16.0.redhat-00045.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-server-2.16.0.redhat-00045.pom"
},
"product_reference": "org.apache.activemq.artemis-server-2.16.0.redhat-00045.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.activemq.artemis-service-extensions-2.16.0.redhat-00045.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-service-extensions-2.16.0.redhat-00045.jar"
},
"product_reference": "org.apache.activemq.artemis-service-extensions-2.16.0.redhat-00045.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.activemq.artemis-service-extensions-2.16.0.redhat-00045.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-service-extensions-2.16.0.redhat-00045.pom"
},
"product_reference": "org.apache.activemq.artemis-service-extensions-2.16.0.redhat-00045.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.activemq.artemis-tools-2.16.0.redhat-00045.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-tools-2.16.0.redhat-00045.jar"
},
"product_reference": "org.apache.activemq.artemis-tools-2.16.0.redhat-00045.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.activemq.artemis-tools-2.16.0.redhat-00045.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-tools-2.16.0.redhat-00045.pom"
},
"product_reference": "org.apache.activemq.artemis-tools-2.16.0.redhat-00045.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.avro.avro-1.7.6.redhat-2.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.avro.avro-1.7.6.redhat-2.jar"
},
"product_reference": "org.apache.avro.avro-1.7.6.redhat-2.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.avro.avro-1.7.6.redhat-2.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.avro.avro-1.7.6.redhat-2.pom"
},
"product_reference": "org.apache.avro.avro-1.7.6.redhat-2.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.commons.commons-lang3-3.11.0.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.commons.commons-lang3-3.11.0.redhat-00001.jar"
},
"product_reference": "org.apache.commons.commons-lang3-3.11.0.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.commons.commons-lang3-3.11.0.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.commons.commons-lang3-3.11.0.redhat-00001.pom"
},
"product_reference": "org.apache.commons.commons-lang3-3.11.0.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.cxf.cxf-core-3.3.13.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-core-3.3.13.redhat-00001.jar"
},
"product_reference": "org.apache.cxf.cxf-core-3.3.13.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.cxf.cxf-core-3.3.13.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-core-3.3.13.redhat-00001.pom"
},
"product_reference": "org.apache.cxf.cxf-core-3.3.13.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.cxf.cxf-rt-bindings-coloc-3.3.13.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-bindings-coloc-3.3.13.redhat-00001.jar"
},
"product_reference": "org.apache.cxf.cxf-rt-bindings-coloc-3.3.13.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.cxf.cxf-rt-bindings-coloc-3.3.13.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-bindings-coloc-3.3.13.redhat-00001.pom"
},
"product_reference": "org.apache.cxf.cxf-rt-bindings-coloc-3.3.13.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.cxf.cxf-rt-bindings-soap-3.3.13.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-bindings-soap-3.3.13.redhat-00001.jar"
},
"product_reference": "org.apache.cxf.cxf-rt-bindings-soap-3.3.13.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.cxf.cxf-rt-bindings-soap-3.3.13.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-bindings-soap-3.3.13.redhat-00001.pom"
},
"product_reference": "org.apache.cxf.cxf-rt-bindings-soap-3.3.13.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.cxf.cxf-rt-bindings-xml-3.3.13.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-bindings-xml-3.3.13.redhat-00001.jar"
},
"product_reference": "org.apache.cxf.cxf-rt-bindings-xml-3.3.13.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.cxf.cxf-rt-bindings-xml-3.3.13.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-bindings-xml-3.3.13.redhat-00001.pom"
},
"product_reference": "org.apache.cxf.cxf-rt-bindings-xml-3.3.13.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.cxf.cxf-rt-databinding-aegis-3.3.13.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-databinding-aegis-3.3.13.redhat-00001.jar"
},
"product_reference": "org.apache.cxf.cxf-rt-databinding-aegis-3.3.13.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.cxf.cxf-rt-databinding-aegis-3.3.13.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-databinding-aegis-3.3.13.redhat-00001.pom"
},
"product_reference": "org.apache.cxf.cxf-rt-databinding-aegis-3.3.13.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.cxf.cxf-rt-databinding-jaxb-3.3.13.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-databinding-jaxb-3.3.13.redhat-00001.jar"
},
"product_reference": "org.apache.cxf.cxf-rt-databinding-jaxb-3.3.13.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.cxf.cxf-rt-databinding-jaxb-3.3.13.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-databinding-jaxb-3.3.13.redhat-00001.pom"
},
"product_reference": "org.apache.cxf.cxf-rt-databinding-jaxb-3.3.13.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.cxf.cxf-rt-features-clustering-3.3.13.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-features-clustering-3.3.13.redhat-00001.jar"
},
"product_reference": "org.apache.cxf.cxf-rt-features-clustering-3.3.13.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.cxf.cxf-rt-features-clustering-3.3.13.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-features-clustering-3.3.13.redhat-00001.pom"
},
"product_reference": "org.apache.cxf.cxf-rt-features-clustering-3.3.13.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.cxf.cxf-rt-features-logging-3.3.13.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-features-logging-3.3.13.redhat-00001.jar"
},
"product_reference": "org.apache.cxf.cxf-rt-features-logging-3.3.13.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.cxf.cxf-rt-features-logging-3.3.13.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-features-logging-3.3.13.redhat-00001.pom"
},
"product_reference": "org.apache.cxf.cxf-rt-features-logging-3.3.13.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.cxf.cxf-rt-frontend-jaxws-3.3.13.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-frontend-jaxws-3.3.13.redhat-00001.jar"
},
"product_reference": "org.apache.cxf.cxf-rt-frontend-jaxws-3.3.13.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.cxf.cxf-rt-frontend-jaxws-3.3.13.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-frontend-jaxws-3.3.13.redhat-00001.pom"
},
"product_reference": "org.apache.cxf.cxf-rt-frontend-jaxws-3.3.13.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.cxf.cxf-rt-frontend-simple-3.3.13.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-frontend-simple-3.3.13.redhat-00001.jar"
},
"product_reference": "org.apache.cxf.cxf-rt-frontend-simple-3.3.13.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.cxf.cxf-rt-frontend-simple-3.3.13.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-frontend-simple-3.3.13.redhat-00001.pom"
},
"product_reference": "org.apache.cxf.cxf-rt-frontend-simple-3.3.13.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.cxf.cxf-rt-management-3.3.13.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-management-3.3.13.redhat-00001.jar"
},
"product_reference": "org.apache.cxf.cxf-rt-management-3.3.13.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.cxf.cxf-rt-management-3.3.13.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-management-3.3.13.redhat-00001.pom"
},
"product_reference": "org.apache.cxf.cxf-rt-management-3.3.13.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.cxf.cxf-rt-security-3.3.13.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-security-3.3.13.redhat-00001.jar"
},
"product_reference": "org.apache.cxf.cxf-rt-security-3.3.13.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.cxf.cxf-rt-security-3.3.13.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-security-3.3.13.redhat-00001.pom"
},
"product_reference": "org.apache.cxf.cxf-rt-security-3.3.13.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.cxf.cxf-rt-security-saml-3.3.13.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-security-saml-3.3.13.redhat-00001.jar"
},
"product_reference": "org.apache.cxf.cxf-rt-security-saml-3.3.13.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.cxf.cxf-rt-security-saml-3.3.13.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-security-saml-3.3.13.redhat-00001.pom"
},
"product_reference": "org.apache.cxf.cxf-rt-security-saml-3.3.13.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.cxf.cxf-rt-transports-http-3.3.13.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-http-3.3.13.redhat-00001.jar"
},
"product_reference": "org.apache.cxf.cxf-rt-transports-http-3.3.13.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.cxf.cxf-rt-transports-http-3.3.13.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-http-3.3.13.redhat-00001.pom"
},
"product_reference": "org.apache.cxf.cxf-rt-transports-http-3.3.13.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.cxf.cxf-rt-transports-http-hc-3.3.13.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-http-hc-3.3.13.redhat-00001.jar"
},
"product_reference": "org.apache.cxf.cxf-rt-transports-http-hc-3.3.13.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.cxf.cxf-rt-transports-http-hc-3.3.13.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-http-hc-3.3.13.redhat-00001.pom"
},
"product_reference": "org.apache.cxf.cxf-rt-transports-http-hc-3.3.13.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.cxf.cxf-rt-transports-jms-3.3.13.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-jms-3.3.13.redhat-00001.jar"
},
"product_reference": "org.apache.cxf.cxf-rt-transports-jms-3.3.13.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.cxf.cxf-rt-transports-jms-3.3.13.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-jms-3.3.13.redhat-00001.pom"
},
"product_reference": "org.apache.cxf.cxf-rt-transports-jms-3.3.13.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.cxf.cxf-rt-transports-local-3.3.13.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-local-3.3.13.redhat-00001.jar"
},
"product_reference": "org.apache.cxf.cxf-rt-transports-local-3.3.13.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.cxf.cxf-rt-transports-local-3.3.13.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-local-3.3.13.redhat-00001.pom"
},
"product_reference": "org.apache.cxf.cxf-rt-transports-local-3.3.13.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.cxf.cxf-rt-ws-addr-3.3.13.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-addr-3.3.13.redhat-00001.jar"
},
"product_reference": "org.apache.cxf.cxf-rt-ws-addr-3.3.13.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.cxf.cxf-rt-ws-addr-3.3.13.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-addr-3.3.13.redhat-00001.pom"
},
"product_reference": "org.apache.cxf.cxf-rt-ws-addr-3.3.13.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.cxf.cxf-rt-ws-mex-3.3.13.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-mex-3.3.13.redhat-00001.jar"
},
"product_reference": "org.apache.cxf.cxf-rt-ws-mex-3.3.13.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.cxf.cxf-rt-ws-mex-3.3.13.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-mex-3.3.13.redhat-00001.pom"
},
"product_reference": "org.apache.cxf.cxf-rt-ws-mex-3.3.13.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.cxf.cxf-rt-ws-policy-3.3.13.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-policy-3.3.13.redhat-00001.jar"
},
"product_reference": "org.apache.cxf.cxf-rt-ws-policy-3.3.13.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.cxf.cxf-rt-ws-policy-3.3.13.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-policy-3.3.13.redhat-00001.pom"
},
"product_reference": "org.apache.cxf.cxf-rt-ws-policy-3.3.13.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.cxf.cxf-rt-ws-rm-3.3.13.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-rm-3.3.13.redhat-00001.jar"
},
"product_reference": "org.apache.cxf.cxf-rt-ws-rm-3.3.13.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.cxf.cxf-rt-ws-rm-3.3.13.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-rm-3.3.13.redhat-00001.pom"
},
"product_reference": "org.apache.cxf.cxf-rt-ws-rm-3.3.13.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.cxf.cxf-rt-ws-security-3.3.13.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-security-3.3.13.redhat-00001.jar"
},
"product_reference": "org.apache.cxf.cxf-rt-ws-security-3.3.13.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.cxf.cxf-rt-ws-security-3.3.13.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-security-3.3.13.redhat-00001.pom"
},
"product_reference": "org.apache.cxf.cxf-rt-ws-security-3.3.13.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.cxf.cxf-rt-wsdl-3.3.13.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-wsdl-3.3.13.redhat-00001.jar"
},
"product_reference": "org.apache.cxf.cxf-rt-wsdl-3.3.13.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.cxf.cxf-rt-wsdl-3.3.13.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-wsdl-3.3.13.redhat-00001.pom"
},
"product_reference": "org.apache.cxf.cxf-rt-wsdl-3.3.13.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.cxf.cxf-tools-common-3.3.13.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-common-3.3.13.redhat-00001.jar"
},
"product_reference": "org.apache.cxf.cxf-tools-common-3.3.13.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.cxf.cxf-tools-common-3.3.13.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-common-3.3.13.redhat-00001.pom"
},
"product_reference": "org.apache.cxf.cxf-tools-common-3.3.13.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.cxf.cxf-tools-java2ws-3.3.13.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-java2ws-3.3.13.redhat-00001.jar"
},
"product_reference": "org.apache.cxf.cxf-tools-java2ws-3.3.13.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.cxf.cxf-tools-java2ws-3.3.13.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-java2ws-3.3.13.redhat-00001.pom"
},
"product_reference": "org.apache.cxf.cxf-tools-java2ws-3.3.13.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.cxf.cxf-tools-validator-3.3.13.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-validator-3.3.13.redhat-00001.jar"
},
"product_reference": "org.apache.cxf.cxf-tools-validator-3.3.13.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.cxf.cxf-tools-validator-3.3.13.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-validator-3.3.13.redhat-00001.pom"
},
"product_reference": "org.apache.cxf.cxf-tools-validator-3.3.13.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.cxf.cxf-tools-wsdlto-core-3.3.13.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-wsdlto-core-3.3.13.redhat-00001.jar"
},
"product_reference": "org.apache.cxf.cxf-tools-wsdlto-core-3.3.13.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.cxf.cxf-tools-wsdlto-core-3.3.13.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-wsdlto-core-3.3.13.redhat-00001.pom"
},
"product_reference": "org.apache.cxf.cxf-tools-wsdlto-core-3.3.13.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.cxf.cxf-tools-wsdlto-databinding-jaxb-3.3.13.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-wsdlto-databinding-jaxb-3.3.13.redhat-00001.jar"
},
"product_reference": "org.apache.cxf.cxf-tools-wsdlto-databinding-jaxb-3.3.13.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.cxf.cxf-tools-wsdlto-databinding-jaxb-3.3.13.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-wsdlto-databinding-jaxb-3.3.13.redhat-00001.pom"
},
"product_reference": "org.apache.cxf.cxf-tools-wsdlto-databinding-jaxb-3.3.13.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.cxf.cxf-tools-wsdlto-frontend-jaxws-3.3.13.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-wsdlto-frontend-jaxws-3.3.13.redhat-00001.jar"
},
"product_reference": "org.apache.cxf.cxf-tools-wsdlto-frontend-jaxws-3.3.13.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.cxf.cxf-tools-wsdlto-frontend-jaxws-3.3.13.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-wsdlto-frontend-jaxws-3.3.13.redhat-00001.pom"
},
"product_reference": "org.apache.cxf.cxf-tools-wsdlto-frontend-jaxws-3.3.13.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.cxf.services.sts.cxf-services-sts-core-3.3.13.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.cxf.services.sts.cxf-services-sts-core-3.3.13.redhat-00001.jar"
},
"product_reference": "org.apache.cxf.services.sts.cxf-services-sts-core-3.3.13.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.cxf.services.sts.cxf-services-sts-core-3.3.13.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.cxf.services.sts.cxf-services-sts-core-3.3.13.redhat-00001.pom"
},
"product_reference": "org.apache.cxf.services.sts.cxf-services-sts-core-3.3.13.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.cxf.services.ws-discovery.cxf-services-ws-discovery-api-3.3.13.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.cxf.services.ws-discovery.cxf-services-ws-discovery-api-3.3.13.redhat-00001.jar"
},
"product_reference": "org.apache.cxf.services.ws-discovery.cxf-services-ws-discovery-api-3.3.13.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.cxf.services.ws-discovery.cxf-services-ws-discovery-api-3.3.13.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.cxf.services.ws-discovery.cxf-services-ws-discovery-api-3.3.13.redhat-00001.pom"
},
"product_reference": "org.apache.cxf.services.ws-discovery.cxf-services-ws-discovery-api-3.3.13.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.cxf.xjc-utils.cxf-xjc-runtime-3.3.1.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjc-utils.cxf-xjc-runtime-3.3.1.redhat-00001.jar"
},
"product_reference": "org.apache.cxf.xjc-utils.cxf-xjc-runtime-3.3.1.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.cxf.xjc-utils.cxf-xjc-runtime-3.3.1.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjc-utils.cxf-xjc-runtime-3.3.1.redhat-00001.pom"
},
"product_reference": "org.apache.cxf.xjc-utils.cxf-xjc-runtime-3.3.1.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.cxf.xjcplugins.cxf-xjc-boolean-3.3.1.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-boolean-3.3.1.redhat-00001.jar"
},
"product_reference": "org.apache.cxf.xjcplugins.cxf-xjc-boolean-3.3.1.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.cxf.xjcplugins.cxf-xjc-boolean-3.3.1.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-boolean-3.3.1.redhat-00001.pom"
},
"product_reference": "org.apache.cxf.xjcplugins.cxf-xjc-boolean-3.3.1.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.cxf.xjcplugins.cxf-xjc-bug986-3.3.1.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-bug986-3.3.1.redhat-00001.jar"
},
"product_reference": "org.apache.cxf.xjcplugins.cxf-xjc-bug986-3.3.1.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.cxf.xjcplugins.cxf-xjc-bug986-3.3.1.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-bug986-3.3.1.redhat-00001.pom"
},
"product_reference": "org.apache.cxf.xjcplugins.cxf-xjc-bug986-3.3.1.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.cxf.xjcplugins.cxf-xjc-dv-3.3.1.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-dv-3.3.1.redhat-00001.jar"
},
"product_reference": "org.apache.cxf.xjcplugins.cxf-xjc-dv-3.3.1.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.cxf.xjcplugins.cxf-xjc-dv-3.3.1.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-dv-3.3.1.redhat-00001.pom"
},
"product_reference": "org.apache.cxf.xjcplugins.cxf-xjc-dv-3.3.1.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.cxf.xjcplugins.cxf-xjc-ts-3.3.1.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-ts-3.3.1.redhat-00001.jar"
},
"product_reference": "org.apache.cxf.xjcplugins.cxf-xjc-ts-3.3.1.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.cxf.xjcplugins.cxf-xjc-ts-3.3.1.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-ts-3.3.1.redhat-00001.pom"
},
"product_reference": "org.apache.cxf.xjcplugins.cxf-xjc-ts-3.3.1.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.httpcomponents.httpasyncclient-4.1.4.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpasyncclient-4.1.4.redhat-00001.jar"
},
"product_reference": "org.apache.httpcomponents.httpasyncclient-4.1.4.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.httpcomponents.httpasyncclient-4.1.4.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpasyncclient-4.1.4.redhat-00001.pom"
},
"product_reference": "org.apache.httpcomponents.httpasyncclient-4.1.4.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.httpcomponents.httpclient-4.5.13.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpclient-4.5.13.redhat-00001.jar"
},
"product_reference": "org.apache.httpcomponents.httpclient-4.5.13.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.httpcomponents.httpclient-4.5.13.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpclient-4.5.13.redhat-00001.pom"
},
"product_reference": "org.apache.httpcomponents.httpclient-4.5.13.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.httpcomponents.httpcore-4.4.13.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpcore-4.4.13.redhat-00001.pom"
},
"product_reference": "org.apache.httpcomponents.httpcore-4.4.13.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.httpcomponents.httpcore-4.4.14.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpcore-4.4.14.redhat-00001.jar"
},
"product_reference": "org.apache.httpcomponents.httpcore-4.4.14.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.httpcomponents.httpcore-4.4.14.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpcore-4.4.14.redhat-00001.pom"
},
"product_reference": "org.apache.httpcomponents.httpcore-4.4.14.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.httpcomponents.httpcore-nio-4.4.14.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpcore-nio-4.4.14.redhat-00001.jar"
},
"product_reference": "org.apache.httpcomponents.httpcore-nio-4.4.14.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.httpcomponents.httpcore-nio-4.4.14.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpcore-nio-4.4.14.redhat-00001.pom"
},
"product_reference": "org.apache.httpcomponents.httpcore-nio-4.4.14.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.httpcomponents.httpmime-4.5.13.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpmime-4.5.13.redhat-00001.jar"
},
"product_reference": "org.apache.httpcomponents.httpmime-4.5.13.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.httpcomponents.httpmime-4.5.13.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpmime-4.5.13.redhat-00001.pom"
},
"product_reference": "org.apache.httpcomponents.httpmime-4.5.13.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.james.apache-mime4j-0.6.0.redhat-7.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.james.apache-mime4j-0.6.0.redhat-7.jar"
},
"product_reference": "org.apache.james.apache-mime4j-0.6.0.redhat-7.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.james.apache-mime4j-0.6.0.redhat-7.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.james.apache-mime4j-0.6.0.redhat-7.pom"
},
"product_reference": "org.apache.james.apache-mime4j-0.6.0.redhat-7.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.logging.log4j.log4j-api-2.17.1.redhat-00002.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.logging.log4j.log4j-api-2.17.1.redhat-00002.jar"
},
"product_reference": "org.apache.logging.log4j.log4j-api-2.17.1.redhat-00002.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.logging.log4j.log4j-api-2.17.1.redhat-00002.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.logging.log4j.log4j-api-2.17.1.redhat-00002.pom"
},
"product_reference": "org.apache.logging.log4j.log4j-api-2.17.1.redhat-00002.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.lucene.lucene-analyzers-common-5.5.5.redhat-2.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-analyzers-common-5.5.5.redhat-2.jar"
},
"product_reference": "org.apache.lucene.lucene-analyzers-common-5.5.5.redhat-2.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.lucene.lucene-analyzers-common-5.5.5.redhat-2.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-analyzers-common-5.5.5.redhat-2.pom"
},
"product_reference": "org.apache.lucene.lucene-analyzers-common-5.5.5.redhat-2.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.lucene.lucene-backward-codecs-5.5.5.redhat-2.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-backward-codecs-5.5.5.redhat-2.jar"
},
"product_reference": "org.apache.lucene.lucene-backward-codecs-5.5.5.redhat-2.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.lucene.lucene-backward-codecs-5.5.5.redhat-2.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-backward-codecs-5.5.5.redhat-2.pom"
},
"product_reference": "org.apache.lucene.lucene-backward-codecs-5.5.5.redhat-2.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.lucene.lucene-core-5.5.5.redhat-2.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-core-5.5.5.redhat-2.jar"
},
"product_reference": "org.apache.lucene.lucene-core-5.5.5.redhat-2.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.lucene.lucene-core-5.5.5.redhat-2.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-core-5.5.5.redhat-2.pom"
},
"product_reference": "org.apache.lucene.lucene-core-5.5.5.redhat-2.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.lucene.lucene-facet-5.5.5.redhat-2.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-facet-5.5.5.redhat-2.jar"
},
"product_reference": "org.apache.lucene.lucene-facet-5.5.5.redhat-2.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.lucene.lucene-facet-5.5.5.redhat-2.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-facet-5.5.5.redhat-2.pom"
},
"product_reference": "org.apache.lucene.lucene-facet-5.5.5.redhat-2.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.lucene.lucene-misc-5.5.5.redhat-2.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-misc-5.5.5.redhat-2.jar"
},
"product_reference": "org.apache.lucene.lucene-misc-5.5.5.redhat-2.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.lucene.lucene-misc-5.5.5.redhat-2.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-misc-5.5.5.redhat-2.pom"
},
"product_reference": "org.apache.lucene.lucene-misc-5.5.5.redhat-2.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.lucene.lucene-queries-5.5.5.redhat-2.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-queries-5.5.5.redhat-2.jar"
},
"product_reference": "org.apache.lucene.lucene-queries-5.5.5.redhat-2.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.lucene.lucene-queries-5.5.5.redhat-2.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-queries-5.5.5.redhat-2.pom"
},
"product_reference": "org.apache.lucene.lucene-queries-5.5.5.redhat-2.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.lucene.lucene-queryparser-5.5.5.redhat-2.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-queryparser-5.5.5.redhat-2.jar"
},
"product_reference": "org.apache.lucene.lucene-queryparser-5.5.5.redhat-2.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.lucene.lucene-queryparser-5.5.5.redhat-2.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-queryparser-5.5.5.redhat-2.pom"
},
"product_reference": "org.apache.lucene.lucene-queryparser-5.5.5.redhat-2.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.neethi.neethi-3.1.1.redhat-1.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.neethi.neethi-3.1.1.redhat-1.jar"
},
"product_reference": "org.apache.neethi.neethi-3.1.1.redhat-1.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.neethi.neethi-3.1.1.redhat-1.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.neethi.neethi-3.1.1.redhat-1.pom"
},
"product_reference": "org.apache.neethi.neethi-3.1.1.redhat-1.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.santuario.xmlsec-2.1.7.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.santuario.xmlsec-2.1.7.redhat-00001.jar"
},
"product_reference": "org.apache.santuario.xmlsec-2.1.7.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.santuario.xmlsec-2.1.7.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.santuario.xmlsec-2.1.7.redhat-00001.pom"
},
"product_reference": "org.apache.santuario.xmlsec-2.1.7.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.sshd.sshd-common-2.7.0.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.sshd.sshd-common-2.7.0.redhat-00001.jar"
},
"product_reference": "org.apache.sshd.sshd-common-2.7.0.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.sshd.sshd-common-2.7.0.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.sshd.sshd-common-2.7.0.redhat-00001.pom"
},
"product_reference": "org.apache.sshd.sshd-common-2.7.0.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.sshd.sshd-core-2.7.0.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.sshd.sshd-core-2.7.0.redhat-00001.jar"
},
"product_reference": "org.apache.sshd.sshd-core-2.7.0.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.sshd.sshd-core-2.7.0.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.sshd.sshd-core-2.7.0.redhat-00001.pom"
},
"product_reference": "org.apache.sshd.sshd-core-2.7.0.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.taglibs.taglibs-standard-compat-1.2.6.RC1-redhat-1.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.taglibs.taglibs-standard-compat-1.2.6.RC1-redhat-1.jar"
},
"product_reference": "org.apache.taglibs.taglibs-standard-compat-1.2.6.RC1-redhat-1.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.taglibs.taglibs-standard-compat-1.2.6.RC1-redhat-1.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.taglibs.taglibs-standard-compat-1.2.6.RC1-redhat-1.pom"
},
"product_reference": "org.apache.taglibs.taglibs-standard-compat-1.2.6.RC1-redhat-1.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.taglibs.taglibs-standard-impl-1.2.6.RC1-redhat-1.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.taglibs.taglibs-standard-impl-1.2.6.RC1-redhat-1.jar"
},
"product_reference": "org.apache.taglibs.taglibs-standard-impl-1.2.6.RC1-redhat-1.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.taglibs.taglibs-standard-impl-1.2.6.RC1-redhat-1.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.taglibs.taglibs-standard-impl-1.2.6.RC1-redhat-1.pom"
},
"product_reference": "org.apache.taglibs.taglibs-standard-impl-1.2.6.RC1-redhat-1.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.taglibs.taglibs-standard-spec-1.2.6.RC1-redhat-1.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.taglibs.taglibs-standard-spec-1.2.6.RC1-redhat-1.jar"
},
"product_reference": "org.apache.taglibs.taglibs-standard-spec-1.2.6.RC1-redhat-1.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.taglibs.taglibs-standard-spec-1.2.6.RC1-redhat-1.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.taglibs.taglibs-standard-spec-1.2.6.RC1-redhat-1.pom"
},
"product_reference": "org.apache.taglibs.taglibs-standard-spec-1.2.6.RC1-redhat-1.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.velocity.velocity-engine-core-2.3.0.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.velocity.velocity-engine-core-2.3.0.redhat-00001.jar"
},
"product_reference": "org.apache.velocity.velocity-engine-core-2.3.0.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.ws.xmlschema.xmlschema-core-2.2.5.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.ws.xmlschema.xmlschema-core-2.2.5.redhat-00001.jar"
},
"product_reference": "org.apache.ws.xmlschema.xmlschema-core-2.2.5.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.ws.xmlschema.xmlschema-core-2.2.5.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.ws.xmlschema.xmlschema-core-2.2.5.redhat-00001.pom"
},
"product_reference": "org.apache.ws.xmlschema.xmlschema-core-2.2.5.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.wss4j.wss4j-bindings-2.2.7.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-bindings-2.2.7.redhat-00001.jar"
},
"product_reference": "org.apache.wss4j.wss4j-bindings-2.2.7.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.wss4j.wss4j-bindings-2.2.7.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-bindings-2.2.7.redhat-00001.pom"
},
"product_reference": "org.apache.wss4j.wss4j-bindings-2.2.7.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.wss4j.wss4j-policy-2.2.7.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-policy-2.2.7.redhat-00001.jar"
},
"product_reference": "org.apache.wss4j.wss4j-policy-2.2.7.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.wss4j.wss4j-policy-2.2.7.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-policy-2.2.7.redhat-00001.pom"
},
"product_reference": "org.apache.wss4j.wss4j-policy-2.2.7.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.wss4j.wss4j-ws-security-common-2.2.7.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-common-2.2.7.redhat-00001.jar"
},
"product_reference": "org.apache.wss4j.wss4j-ws-security-common-2.2.7.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.wss4j.wss4j-ws-security-common-2.2.7.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-common-2.2.7.redhat-00001.pom"
},
"product_reference": "org.apache.wss4j.wss4j-ws-security-common-2.2.7.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.wss4j.wss4j-ws-security-dom-2.2.7.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-dom-2.2.7.redhat-00001.jar"
},
"product_reference": "org.apache.wss4j.wss4j-ws-security-dom-2.2.7.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.wss4j.wss4j-ws-security-dom-2.2.7.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-dom-2.2.7.redhat-00001.pom"
},
"product_reference": "org.apache.wss4j.wss4j-ws-security-dom-2.2.7.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.wss4j.wss4j-ws-security-policy-stax-2.2.7.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-policy-stax-2.2.7.redhat-00001.jar"
},
"product_reference": "org.apache.wss4j.wss4j-ws-security-policy-stax-2.2.7.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.wss4j.wss4j-ws-security-policy-stax-2.2.7.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-policy-stax-2.2.7.redhat-00001.pom"
},
"product_reference": "org.apache.wss4j.wss4j-ws-security-policy-stax-2.2.7.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.wss4j.wss4j-ws-security-stax-2.2.7.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-stax-2.2.7.redhat-00001.jar"
},
"product_reference": "org.apache.wss4j.wss4j-ws-security-stax-2.2.7.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.apache.wss4j.wss4j-ws-security-stax-2.2.7.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-stax-2.2.7.redhat-00001.pom"
},
"product_reference": "org.apache.wss4j.wss4j-ws-security-stax-2.2.7.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.bitbucket.b_c.jose4j-0.7.5.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.bitbucket.b_c.jose4j-0.7.5.redhat-00001.pom"
},
"product_reference": "org.bitbucket.b_c.jose4j-0.7.5.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.bouncycastle.bcmail-jdk15on-1.68.0.redhat-00005.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcmail-jdk15on-1.68.0.redhat-00005.jar"
},
"product_reference": "org.bouncycastle.bcmail-jdk15on-1.68.0.redhat-00005.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.bouncycastle.bcmail-jdk15on-1.68.0.redhat-00005.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcmail-jdk15on-1.68.0.redhat-00005.pom"
},
"product_reference": "org.bouncycastle.bcmail-jdk15on-1.68.0.redhat-00005.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.bouncycastle.bcpg-jdk15on-1.68.0.redhat-00005.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcpg-jdk15on-1.68.0.redhat-00005.jar"
},
"product_reference": "org.bouncycastle.bcpg-jdk15on-1.68.0.redhat-00005.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.bouncycastle.bcpg-jdk15on-1.68.0.redhat-00005.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcpg-jdk15on-1.68.0.redhat-00005.pom"
},
"product_reference": "org.bouncycastle.bcpg-jdk15on-1.68.0.redhat-00005.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.bouncycastle.bcpkix-jdk15on-1.68.0.redhat-00005.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcpkix-jdk15on-1.68.0.redhat-00005.jar"
},
"product_reference": "org.bouncycastle.bcpkix-jdk15on-1.68.0.redhat-00005.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.bouncycastle.bcpkix-jdk15on-1.68.0.redhat-00005.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcpkix-jdk15on-1.68.0.redhat-00005.pom"
},
"product_reference": "org.bouncycastle.bcpkix-jdk15on-1.68.0.redhat-00005.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.bouncycastle.bcprov-jdk15on-1.68.0.redhat-00005.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcprov-jdk15on-1.68.0.redhat-00005.jar"
},
"product_reference": "org.bouncycastle.bcprov-jdk15on-1.68.0.redhat-00005.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.bouncycastle.bcprov-jdk15on-1.68.0.redhat-00005.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcprov-jdk15on-1.68.0.redhat-00005.pom"
},
"product_reference": "org.bouncycastle.bcprov-jdk15on-1.68.0.redhat-00005.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.codehaus.jackson.jackson-core-asl-1.9.13.redhat-00007.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.codehaus.jackson.jackson-core-asl-1.9.13.redhat-00007.jar"
},
"product_reference": "org.codehaus.jackson.jackson-core-asl-1.9.13.redhat-00007.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.codehaus.jackson.jackson-jaxrs-1.9.13.redhat-00007.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.codehaus.jackson.jackson-jaxrs-1.9.13.redhat-00007.jar"
},
"product_reference": "org.codehaus.jackson.jackson-jaxrs-1.9.13.redhat-00007.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.codehaus.jackson.jackson-mapper-asl-1.9.13.redhat-00007.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.codehaus.jackson.jackson-mapper-asl-1.9.13.redhat-00007.jar"
},
"product_reference": "org.codehaus.jackson.jackson-mapper-asl-1.9.13.redhat-00007.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.codehaus.jackson.jackson-xc-1.9.13.redhat-00007.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.codehaus.jackson.jackson-xc-1.9.13.redhat-00007.jar"
},
"product_reference": "org.codehaus.jackson.jackson-xc-1.9.13.redhat-00007.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.codehaus.jettison.jettison-1.4.0.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.codehaus.jettison.jettison-1.4.0.redhat-00001.jar"
},
"product_reference": "org.codehaus.jettison.jettison-1.4.0.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.codehaus.jettison.jettison-1.4.0.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.codehaus.jettison.jettison-1.4.0.redhat-00001.pom"
},
"product_reference": "org.codehaus.jettison.jettison-1.4.0.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.codehaus.woodstox.stax2-api-4.2.1.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.codehaus.woodstox.stax2-api-4.2.1.redhat-00001.jar"
},
"product_reference": "org.codehaus.woodstox.stax2-api-4.2.1.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.codehaus.woodstox.stax2-api-4.2.1.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.codehaus.woodstox.stax2-api-4.2.1.redhat-00001.pom"
},
"product_reference": "org.codehaus.woodstox.stax2-api-4.2.1.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.cryptacular.cryptacular-1.2.4.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.cryptacular.cryptacular-1.2.4.redhat-00001.jar"
},
"product_reference": "org.cryptacular.cryptacular-1.2.4.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.cryptacular.cryptacular-1.2.4.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.cryptacular.cryptacular-1.2.4.redhat-00001.pom"
},
"product_reference": "org.cryptacular.cryptacular-1.2.4.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.dom4j.dom4j-2.1.3.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.dom4j.dom4j-2.1.3.redhat-00001.jar"
},
"product_reference": "org.dom4j.dom4j-2.1.3.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.dom4j.dom4j-2.1.3.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.dom4j.dom4j-2.1.3.redhat-00001.pom"
},
"product_reference": "org.dom4j.dom4j-2.1.3.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.eclipse.jdt.ecj-3.26.0.redhat-00002.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.eclipse.jdt.ecj-3.26.0.redhat-00002.jar"
},
"product_reference": "org.eclipse.jdt.ecj-3.26.0.redhat-00002.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.eclipse.jdt.ecj-3.26.0.redhat-00002.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.eclipse.jdt.ecj-3.26.0.redhat-00002.pom"
},
"product_reference": "org.eclipse.jdt.ecj-3.26.0.redhat-00002.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.eclipse.jgit.org.eclipse.jgit-5.13.0.202109080827-r-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.eclipse.jgit.org.eclipse.jgit-5.13.0.202109080827-r-redhat-00001.jar"
},
"product_reference": "org.eclipse.jgit.org.eclipse.jgit-5.13.0.202109080827-r-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.eclipse.jgit.org.eclipse.jgit-5.13.0.202109080827-r-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.eclipse.jgit.org.eclipse.jgit-5.13.0.202109080827-r-redhat-00001.pom"
},
"product_reference": "org.eclipse.jgit.org.eclipse.jgit-5.13.0.202109080827-r-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.eclipse.jgit.org.eclipse.jgit.ssh.apache-5.13.0.202109080827-r-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.eclipse.jgit.org.eclipse.jgit.ssh.apache-5.13.0.202109080827-r-redhat-00001.jar"
},
"product_reference": "org.eclipse.jgit.org.eclipse.jgit.ssh.apache-5.13.0.202109080827-r-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.eclipse.jgit.org.eclipse.jgit.ssh.apache-5.13.0.202109080827-r-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.eclipse.jgit.org.eclipse.jgit.ssh.apache-5.13.0.202109080827-r-redhat-00001.pom"
},
"product_reference": "org.eclipse.jgit.org.eclipse.jgit.ssh.apache-5.13.0.202109080827-r-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.eclipse.yasson-1.0.10.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.eclipse.yasson-1.0.10.redhat-00001.jar"
},
"product_reference": "org.eclipse.yasson-1.0.10.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.eclipse.yasson-1.0.10.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.eclipse.yasson-1.0.10.redhat-00001.pom"
},
"product_reference": "org.eclipse.yasson-1.0.10.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.fusesource.hawtjni.hawtjni-runtime-1.17.0.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.fusesource.hawtjni.hawtjni-runtime-1.17.0.redhat-00001.pom"
},
"product_reference": "org.fusesource.hawtjni.hawtjni-runtime-1.17.0.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.fusesource.jansi.jansi-1.18.0.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.fusesource.jansi.jansi-1.18.0.redhat-00001.jar"
},
"product_reference": "org.fusesource.jansi.jansi-1.18.0.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.fusesource.jansi.jansi-linux32-1.8.0.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.fusesource.jansi.jansi-linux32-1.8.0.redhat-00001.pom"
},
"product_reference": "org.fusesource.jansi.jansi-linux32-1.8.0.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.fusesource.jansi.jansi-linux64-1.8.0.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.fusesource.jansi.jansi-linux64-1.8.0.redhat-00001.pom"
},
"product_reference": "org.fusesource.jansi.jansi-linux64-1.8.0.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.fusesource.jansi.jansi-native-1.8.0.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.fusesource.jansi.jansi-native-1.8.0.redhat-00001.pom"
},
"product_reference": "org.fusesource.jansi.jansi-native-1.8.0.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.glassfish.jakarta.el-3.0.3.redhat-00007.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.glassfish.jakarta.el-3.0.3.redhat-00007.jar"
},
"product_reference": "org.glassfish.jakarta.el-3.0.3.redhat-00007.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.glassfish.jakarta.el-3.0.3.redhat-00007.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.glassfish.jakarta.el-3.0.3.redhat-00007.pom"
},
"product_reference": "org.glassfish.jakarta.el-3.0.3.redhat-00007.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.glassfish.jakarta.enterprise.concurrent-1.1.1.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.glassfish.jakarta.enterprise.concurrent-1.1.1.redhat-00001.jar"
},
"product_reference": "org.glassfish.jakarta.enterprise.concurrent-1.1.1.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.glassfish.jakarta.enterprise.concurrent-1.1.1.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.glassfish.jakarta.enterprise.concurrent-1.1.1.redhat-00001.pom"
},
"product_reference": "org.glassfish.jakarta.enterprise.concurrent-1.1.1.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.glassfish.jakarta.json-1.1.6.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.glassfish.jakarta.json-1.1.6.redhat-00001.jar"
},
"product_reference": "org.glassfish.jakarta.json-1.1.6.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.glassfish.jakarta.json-1.1.6.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.glassfish.jakarta.json-1.1.6.redhat-00001.pom"
},
"product_reference": "org.glassfish.jakarta.json-1.1.6.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.glassfish.jaxb.codemodel-2.3.3.b02-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.codemodel-2.3.3.b02-redhat-00001.jar"
},
"product_reference": "org.glassfish.jaxb.codemodel-2.3.3.b02-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.glassfish.jaxb.codemodel-2.3.3.b02-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.codemodel-2.3.3.b02-redhat-00001.pom"
},
"product_reference": "org.glassfish.jaxb.codemodel-2.3.3.b02-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.glassfish.jaxb.jaxb-jxc-2.3.3.b02-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.jaxb-jxc-2.3.3.b02-redhat-00001.jar"
},
"product_reference": "org.glassfish.jaxb.jaxb-jxc-2.3.3.b02-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.glassfish.jaxb.jaxb-jxc-2.3.3.b02-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.jaxb-jxc-2.3.3.b02-redhat-00001.pom"
},
"product_reference": "org.glassfish.jaxb.jaxb-jxc-2.3.3.b02-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.glassfish.jaxb.jaxb-runtime-2.3.3.b02-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.jaxb-runtime-2.3.3.b02-redhat-00001.jar"
},
"product_reference": "org.glassfish.jaxb.jaxb-runtime-2.3.3.b02-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.glassfish.jaxb.jaxb-runtime-2.3.3.b02-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.jaxb-runtime-2.3.3.b02-redhat-00001.pom"
},
"product_reference": "org.glassfish.jaxb.jaxb-runtime-2.3.3.b02-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.glassfish.jaxb.jaxb-xjc-2.3.3.b02-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.jaxb-xjc-2.3.3.b02-redhat-00001.jar"
},
"product_reference": "org.glassfish.jaxb.jaxb-xjc-2.3.3.b02-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.glassfish.jaxb.jaxb-xjc-2.3.3.b02-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.jaxb-xjc-2.3.3.b02-redhat-00001.pom"
},
"product_reference": "org.glassfish.jaxb.jaxb-xjc-2.3.3.b02-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.glassfish.jaxb.txw2-2.3.3.b02-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.txw2-2.3.3.b02-redhat-00001.jar"
},
"product_reference": "org.glassfish.jaxb.txw2-2.3.3.b02-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.glassfish.jaxb.txw2-2.3.3.b02-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.txw2-2.3.3.b02-redhat-00001.pom"
},
"product_reference": "org.glassfish.jaxb.txw2-2.3.3.b02-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.glassfish.jaxb.xsom-2.3.3.b02-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.xsom-2.3.3.b02-redhat-00001.jar"
},
"product_reference": "org.glassfish.jaxb.xsom-2.3.3.b02-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.glassfish.jaxb.xsom-2.3.3.b02-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.xsom-2.3.3.b02-redhat-00001.pom"
},
"product_reference": "org.glassfish.jaxb.xsom-2.3.3.b02-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.glassfish.soteria.jakarta.security.enterprise-1.0.1.redhat-00002.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.glassfish.soteria.jakarta.security.enterprise-1.0.1.redhat-00002.jar"
},
"product_reference": "org.glassfish.soteria.jakarta.security.enterprise-1.0.1.redhat-00002.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.glassfish.soteria.jakarta.security.enterprise-1.0.1.redhat-00002.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.glassfish.soteria.jakarta.security.enterprise-1.0.1.redhat-00002.pom"
},
"product_reference": "org.glassfish.soteria.jakarta.security.enterprise-1.0.1.redhat-00002.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.hibernate.common.hibernate-commons-annotations-5.0.5.Final-redhat-00002.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.hibernate.common.hibernate-commons-annotations-5.0.5.Final-redhat-00002.jar"
},
"product_reference": "org.hibernate.common.hibernate-commons-annotations-5.0.5.Final-redhat-00002.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.hibernate.hibernate-core-5.3.28.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-core-5.3.28.Final-redhat-00001.jar"
},
"product_reference": "org.hibernate.hibernate-core-5.3.28.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.hibernate.hibernate-envers-5.3.28.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-envers-5.3.28.Final-redhat-00001.jar"
},
"product_reference": "org.hibernate.hibernate-envers-5.3.28.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.hibernate.hibernate-search-backend-jms-5.10.7.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-backend-jms-5.10.7.Final-redhat-00001.jar"
},
"product_reference": "org.hibernate.hibernate-search-backend-jms-5.10.7.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.hibernate.hibernate-search-backend-jms-5.10.7.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-backend-jms-5.10.7.Final-redhat-00001.pom"
},
"product_reference": "org.hibernate.hibernate-search-backend-jms-5.10.7.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.hibernate.hibernate-search-engine-5.10.7.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-engine-5.10.7.Final-redhat-00001.jar"
},
"product_reference": "org.hibernate.hibernate-search-engine-5.10.7.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.hibernate.hibernate-search-engine-5.10.7.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-engine-5.10.7.Final-redhat-00001.pom"
},
"product_reference": "org.hibernate.hibernate-search-engine-5.10.7.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.hibernate.hibernate-search-orm-5.10.7.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-orm-5.10.7.Final-redhat-00001.jar"
},
"product_reference": "org.hibernate.hibernate-search-orm-5.10.7.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.hibernate.hibernate-search-orm-5.10.7.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-orm-5.10.7.Final-redhat-00001.pom"
},
"product_reference": "org.hibernate.hibernate-search-orm-5.10.7.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.hibernate.hibernate-search-serialization-avro-5.10.7.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-serialization-avro-5.10.7.Final-redhat-00001.jar"
},
"product_reference": "org.hibernate.hibernate-search-serialization-avro-5.10.7.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.hibernate.hibernate-search-serialization-avro-5.10.7.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-serialization-avro-5.10.7.Final-redhat-00001.pom"
},
"product_reference": "org.hibernate.hibernate-search-serialization-avro-5.10.7.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.hibernate.validator.hibernate-validator-6.0.23.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.hibernate.validator.hibernate-validator-6.0.23.Final-redhat-00001.jar"
},
"product_reference": "org.hibernate.validator.hibernate-validator-6.0.23.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.hibernate.validator.hibernate-validator-6.0.23.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.hibernate.validator.hibernate-validator-6.0.23.Final-redhat-00001.pom"
},
"product_reference": "org.hibernate.validator.hibernate-validator-6.0.23.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.hibernate.validator.hibernate-validator-cdi-6.0.23.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.hibernate.validator.hibernate-validator-cdi-6.0.23.Final-redhat-00001.jar"
},
"product_reference": "org.hibernate.validator.hibernate-validator-cdi-6.0.23.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.hibernate.validator.hibernate-validator-cdi-6.0.23.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.hibernate.validator.hibernate-validator-cdi-6.0.23.Final-redhat-00001.pom"
},
"product_reference": "org.hibernate.validator.hibernate-validator-cdi-6.0.23.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.hornetq.hornetq-commons-2.4.8.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.hornetq.hornetq-commons-2.4.8.Final-redhat-00001.jar"
},
"product_reference": "org.hornetq.hornetq-commons-2.4.8.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.hornetq.hornetq-commons-2.4.8.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.hornetq.hornetq-commons-2.4.8.Final-redhat-00001.pom"
},
"product_reference": "org.hornetq.hornetq-commons-2.4.8.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.hornetq.hornetq-core-client-2.4.8.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.hornetq.hornetq-core-client-2.4.8.Final-redhat-00001.jar"
},
"product_reference": "org.hornetq.hornetq-core-client-2.4.8.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.hornetq.hornetq-core-client-2.4.8.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.hornetq.hornetq-core-client-2.4.8.Final-redhat-00001.pom"
},
"product_reference": "org.hornetq.hornetq-core-client-2.4.8.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.hornetq.hornetq-jms-client-2.4.8.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.hornetq.hornetq-jms-client-2.4.8.Final-redhat-00001.jar"
},
"product_reference": "org.hornetq.hornetq-jms-client-2.4.8.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.hornetq.hornetq-jms-client-2.4.8.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.hornetq.hornetq-jms-client-2.4.8.Final-redhat-00001.pom"
},
"product_reference": "org.hornetq.hornetq-jms-client-2.4.8.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.infinispan.infinispan-cachestore-jdbc-11.0.15.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-cachestore-jdbc-11.0.15.Final-redhat-00001.jar"
},
"product_reference": "org.infinispan.infinispan-cachestore-jdbc-11.0.15.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.infinispan.infinispan-cachestore-jdbc-11.0.15.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-cachestore-jdbc-11.0.15.Final-redhat-00001.pom"
},
"product_reference": "org.infinispan.infinispan-cachestore-jdbc-11.0.15.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.infinispan.infinispan-cachestore-remote-11.0.15.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-cachestore-remote-11.0.15.Final-redhat-00001.jar"
},
"product_reference": "org.infinispan.infinispan-cachestore-remote-11.0.15.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.infinispan.infinispan-cachestore-remote-11.0.15.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-cachestore-remote-11.0.15.Final-redhat-00001.pom"
},
"product_reference": "org.infinispan.infinispan-cachestore-remote-11.0.15.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.infinispan.infinispan-client-hotrod-11.0.15.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-client-hotrod-11.0.15.Final-redhat-00001.jar"
},
"product_reference": "org.infinispan.infinispan-client-hotrod-11.0.15.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.infinispan.infinispan-client-hotrod-11.0.15.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-client-hotrod-11.0.15.Final-redhat-00001.pom"
},
"product_reference": "org.infinispan.infinispan-client-hotrod-11.0.15.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.infinispan.infinispan-commons-11.0.15.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-commons-11.0.15.Final-redhat-00001.jar"
},
"product_reference": "org.infinispan.infinispan-commons-11.0.15.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.infinispan.infinispan-commons-11.0.15.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-commons-11.0.15.Final-redhat-00001.pom"
},
"product_reference": "org.infinispan.infinispan-commons-11.0.15.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.infinispan.infinispan-component-annotations-11.0.15.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-component-annotations-11.0.15.Final-redhat-00001.jar"
},
"product_reference": "org.infinispan.infinispan-component-annotations-11.0.15.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.infinispan.infinispan-component-annotations-11.0.15.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-component-annotations-11.0.15.Final-redhat-00001.pom"
},
"product_reference": "org.infinispan.infinispan-component-annotations-11.0.15.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.infinispan.infinispan-core-11.0.15.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-core-11.0.15.Final-redhat-00001.jar"
},
"product_reference": "org.infinispan.infinispan-core-11.0.15.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.infinispan.infinispan-core-11.0.15.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-core-11.0.15.Final-redhat-00001.pom"
},
"product_reference": "org.infinispan.infinispan-core-11.0.15.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.infinispan.infinispan-hibernate-cache-commons-11.0.15.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-commons-11.0.15.Final-redhat-00001.jar"
},
"product_reference": "org.infinispan.infinispan-hibernate-cache-commons-11.0.15.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.infinispan.infinispan-hibernate-cache-commons-11.0.15.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-commons-11.0.15.Final-redhat-00001.pom"
},
"product_reference": "org.infinispan.infinispan-hibernate-cache-commons-11.0.15.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.infinispan.infinispan-hibernate-cache-spi-11.0.15.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-spi-11.0.15.Final-redhat-00001.jar"
},
"product_reference": "org.infinispan.infinispan-hibernate-cache-spi-11.0.15.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.infinispan.infinispan-hibernate-cache-spi-11.0.15.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-spi-11.0.15.Final-redhat-00001.pom"
},
"product_reference": "org.infinispan.infinispan-hibernate-cache-spi-11.0.15.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.infinispan.infinispan-hibernate-cache-v51-11.0.15.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-v51-11.0.15.Final-redhat-00001.jar"
},
"product_reference": "org.infinispan.infinispan-hibernate-cache-v51-11.0.15.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.infinispan.infinispan-hibernate-cache-v51-11.0.15.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-v51-11.0.15.Final-redhat-00001.pom"
},
"product_reference": "org.infinispan.infinispan-hibernate-cache-v51-11.0.15.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.infinispan.infinispan-hibernate-cache-v53-11.0.15.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-v53-11.0.15.Final-redhat-00001.jar"
},
"product_reference": "org.infinispan.infinispan-hibernate-cache-v53-11.0.15.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.infinispan.infinispan-hibernate-cache-v53-11.0.15.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-v53-11.0.15.Final-redhat-00001.pom"
},
"product_reference": "org.infinispan.infinispan-hibernate-cache-v53-11.0.15.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.infinispan.protostream.protostream-4.3.5.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.infinispan.protostream.protostream-4.3.5.Final-redhat-00001.jar"
},
"product_reference": "org.infinispan.protostream.protostream-4.3.5.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.infinispan.protostream.protostream-4.3.5.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.infinispan.protostream.protostream-4.3.5.Final-redhat-00001.pom"
},
"product_reference": "org.infinispan.protostream.protostream-4.3.5.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jasypt.jasypt-1.9.3.redhat-00002.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jasypt.jasypt-1.9.3.redhat-00002.jar"
},
"product_reference": "org.jasypt.jasypt-1.9.3.redhat-00002.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jasypt.jasypt-1.9.3.redhat-00002.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jasypt.jasypt-1.9.3.redhat-00002.pom"
},
"product_reference": "org.jasypt.jasypt-1.9.3.redhat-00002.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.javassist.javassist-3.26.0.GA-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.javassist.javassist-3.26.0.GA-redhat-00001.pom"
},
"product_reference": "org.javassist.javassist-3.26.0.GA-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.javassist.javassist-3.27.0.GA-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.javassist.javassist-3.27.0.GA-redhat-00001.jar"
},
"product_reference": "org.javassist.javassist-3.27.0.GA-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.javassist.javassist-3.27.0.GA-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.javassist.javassist-3.27.0.GA-redhat-00001.pom"
},
"product_reference": "org.javassist.javassist-3.27.0.GA-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jberet.jberet-core-1.3.9.SP2-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jberet.jberet-core-1.3.9.SP2-redhat-00001.jar"
},
"product_reference": "org.jberet.jberet-core-1.3.9.SP2-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jberet.jberet-core-1.3.9.SP2-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jberet.jberet-core-1.3.9.SP2-redhat-00001.pom"
},
"product_reference": "org.jberet.jberet-core-1.3.9.SP2-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.activemq.artemis.integration.artemis-wildfly-integration-1.0.4.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.activemq.artemis.integration.artemis-wildfly-integration-1.0.4.redhat-00001.jar"
},
"product_reference": "org.jboss.activemq.artemis.integration.artemis-wildfly-integration-1.0.4.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.activemq.artemis.integration.artemis-wildfly-integration-1.0.4.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.activemq.artemis.integration.artemis-wildfly-integration-1.0.4.redhat-00001.pom"
},
"product_reference": "org.jboss.activemq.artemis.integration.artemis-wildfly-integration-1.0.4.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.classfilewriter.jboss-classfilewriter-1.2.5.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.classfilewriter.jboss-classfilewriter-1.2.5.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.classfilewriter.jboss-classfilewriter-1.2.5.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.classfilewriter.jboss-classfilewriter-1.2.5.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.classfilewriter.jboss-classfilewriter-1.2.5.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.classfilewriter.jboss-classfilewriter-1.2.5.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.common.jboss-common-beans-2.0.1.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.common.jboss-common-beans-2.0.1.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.common.jboss-common-beans-2.0.1.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.common.jboss-common-beans-2.0.1.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.common.jboss-common-beans-2.0.1.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.common.jboss-common-beans-2.0.1.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.jipijapa-eclipselink-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-eclipselink-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.jipijapa-eclipselink-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.jipijapa-eclipselink-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-eclipselink-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.jipijapa-eclipselink-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.jipijapa-hibernate4-1-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate4-1-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.jipijapa-hibernate4-1-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.jipijapa-hibernate4-1-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate4-1-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.jipijapa-hibernate4-1-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.jipijapa-hibernate4-3-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate4-3-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.jipijapa-hibernate4-3-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.jipijapa-hibernate4-3-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate4-3-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.jipijapa-hibernate4-3-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.jipijapa-hibernate5-3-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate5-3-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.jipijapa-hibernate5-3-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.jipijapa-hibernate5-3-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate5-3-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.jipijapa-hibernate5-3-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.jipijapa-hibernate5-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate5-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.jipijapa-hibernate5-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.jipijapa-hibernate5-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate5-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.jipijapa-hibernate5-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.jipijapa-openjpa-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-openjpa-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.jipijapa-openjpa-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.jipijapa-openjpa-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-openjpa-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.jipijapa-openjpa-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.jipijapa-spi-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-spi-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.jipijapa-spi-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.jipijapa-spi-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-spi-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.jipijapa-spi-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-appclient-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-appclient-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-appclient-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-appclient-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-appclient-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-appclient-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-batch-jberet-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-batch-jberet-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-batch-jberet-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-batch-jberet-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-batch-jberet-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-batch-jberet-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-bean-validation-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-bean-validation-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-bean-validation-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-bean-validation-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-bean-validation-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-bean-validation-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-client-all-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-client-all-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-client-all-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-client-properties-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-client-properties-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-client-properties-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-client-properties-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-client-properties-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-client-properties-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-clustering-api-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-api-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-clustering-api-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-clustering-api-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-api-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-clustering-api-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-clustering-common-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-common-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-clustering-common-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-clustering-common-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-common-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-clustering-common-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-clustering-ee-cache-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-cache-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-clustering-ee-cache-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-clustering-ee-cache-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-cache-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-clustering-ee-cache-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-clustering-ee-hotrod-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-hotrod-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-clustering-ee-hotrod-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-clustering-ee-hotrod-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-hotrod-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-clustering-ee-hotrod-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-clustering-ee-infinispan-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-infinispan-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-clustering-ee-infinispan-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-clustering-ee-infinispan-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-infinispan-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-clustering-ee-infinispan-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-clustering-ee-spi-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-spi-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-clustering-ee-spi-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-clustering-ee-spi-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-spi-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-clustering-ee-spi-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-clustering-ejb-infinispan-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ejb-infinispan-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-clustering-ejb-infinispan-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-clustering-ejb-infinispan-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ejb-infinispan-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-clustering-ejb-infinispan-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-clustering-ejb-spi-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ejb-spi-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-clustering-ejb-spi-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-clustering-ejb-spi-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ejb-spi-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-clustering-ejb-spi-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-clustering-infinispan-client-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-client-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-clustering-infinispan-client-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-clustering-infinispan-client-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-client-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-clustering-infinispan-client-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-clustering-infinispan-extension-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-extension-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-clustering-infinispan-extension-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-clustering-infinispan-extension-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-extension-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-clustering-infinispan-extension-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-clustering-infinispan-marshalling-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-marshalling-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-clustering-infinispan-marshalling-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-clustering-infinispan-marshalling-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-marshalling-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-clustering-infinispan-marshalling-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-clustering-infinispan-spi-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-spi-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-clustering-infinispan-spi-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-clustering-infinispan-spi-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-spi-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-clustering-infinispan-spi-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-clustering-jgroups-api-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-jgroups-api-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-clustering-jgroups-api-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-clustering-jgroups-api-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-jgroups-api-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-clustering-jgroups-api-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-clustering-jgroups-extension-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-jgroups-extension-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-clustering-jgroups-extension-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-clustering-jgroups-extension-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-jgroups-extension-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-clustering-jgroups-extension-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-clustering-jgroups-spi-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-jgroups-spi-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-clustering-jgroups-spi-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-clustering-jgroups-spi-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-jgroups-spi-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-clustering-jgroups-spi-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-clustering-marshalling-api-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-api-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-clustering-marshalling-api-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-clustering-marshalling-api-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-api-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-clustering-marshalling-api-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-clustering-marshalling-jboss-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-jboss-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-clustering-marshalling-jboss-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-clustering-marshalling-jboss-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-jboss-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-clustering-marshalling-jboss-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-clustering-marshalling-protostream-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-protostream-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-clustering-marshalling-protostream-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-clustering-marshalling-protostream-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-protostream-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-clustering-marshalling-protostream-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-clustering-marshalling-spi-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-spi-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-clustering-marshalling-spi-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-clustering-marshalling-spi-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-spi-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-clustering-marshalling-spi-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-clustering-server-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-server-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-clustering-server-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-clustering-server-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-server-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-clustering-server-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-clustering-service-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-service-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-clustering-service-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-clustering-service-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-service-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-clustering-service-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-clustering-singleton-api-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-singleton-api-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-clustering-singleton-api-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-clustering-singleton-api-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-singleton-api-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-clustering-singleton-api-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-clustering-singleton-extension-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-singleton-extension-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-clustering-singleton-extension-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-clustering-singleton-extension-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-singleton-extension-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-clustering-singleton-extension-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-clustering-spi-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-spi-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-clustering-spi-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-clustering-spi-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-spi-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-clustering-spi-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-clustering-web-api-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-api-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-clustering-web-api-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-clustering-web-api-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-api-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-clustering-web-api-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-clustering-web-cache-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-cache-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-clustering-web-cache-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-clustering-web-cache-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-cache-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-clustering-web-cache-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-clustering-web-container-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-container-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-clustering-web-container-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-clustering-web-container-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-container-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-clustering-web-container-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-clustering-web-extension-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-extension-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-clustering-web-extension-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-clustering-web-extension-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-extension-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-clustering-web-extension-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-clustering-web-hotrod-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-hotrod-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-clustering-web-hotrod-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-clustering-web-hotrod-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-hotrod-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-clustering-web-hotrod-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-clustering-web-infinispan-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-infinispan-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-clustering-web-infinispan-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-clustering-web-infinispan-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-infinispan-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-clustering-web-infinispan-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-clustering-web-spi-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-spi-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-clustering-web-spi-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-clustering-web-spi-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-spi-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-clustering-web-spi-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-clustering-web-undertow-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-undertow-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-clustering-web-undertow-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-clustering-web-undertow-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-undertow-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-clustering-web-undertow-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-cmp-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-cmp-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-cmp-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-cmp-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-cmp-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-cmp-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-configadmin-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-configadmin-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-configadmin-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-configadmin-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-configadmin-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-configadmin-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-connector-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-connector-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-connector-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-connector-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-connector-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-connector-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-datasources-agroal-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-datasources-agroal-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-datasources-agroal-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-datasources-agroal-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-datasources-agroal-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-datasources-agroal-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-ee-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ee-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-ee-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-ee-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ee-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-ee-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-ee-security-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ee-security-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-ee-security-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-ee-security-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ee-security-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-ee-security-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-ejb3-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ejb3-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-ejb3-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-ejb3-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ejb3-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-ejb3-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-health-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-health-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-health-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-health-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-health-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-health-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-iiop-openjdk-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-iiop-openjdk-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-iiop-openjdk-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-iiop-openjdk-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-iiop-openjdk-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-iiop-openjdk-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-jacorb-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jacorb-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-jacorb-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-jacorb-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jacorb-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-jacorb-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-jaxr-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jaxr-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-jaxr-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-jaxr-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jaxr-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-jaxr-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-jaxrs-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jaxrs-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-jaxrs-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-jaxrs-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jaxrs-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-jaxrs-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-jdr-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jdr-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-jdr-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-jdr-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jdr-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-jdr-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-jpa-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jpa-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-jpa-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-jpa-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jpa-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-jpa-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-jsf-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jsf-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-jsf-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-jsf-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jsf-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-jsf-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-jsf-injection-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jsf-injection-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-jsf-injection-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-jsf-injection-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jsf-injection-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-jsf-injection-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-jsr77-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jsr77-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-jsr77-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-jsr77-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jsr77-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-jsr77-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-mail-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-mail-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-mail-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-mail-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-mail-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-mail-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-messaging-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-messaging-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-messaging-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-messaging-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-messaging-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-messaging-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-messaging-activemq-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-messaging-activemq-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-messaging-activemq-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-messaging-activemq-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-messaging-activemq-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-messaging-activemq-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-metrics-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-metrics-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-metrics-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-metrics-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-metrics-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-metrics-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-mod_cluster-extension-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-mod_cluster-extension-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-mod_cluster-extension-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-mod_cluster-extension-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-mod_cluster-extension-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-mod_cluster-extension-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-mod_cluster-undertow-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-mod_cluster-undertow-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-mod_cluster-undertow-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-mod_cluster-undertow-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-mod_cluster-undertow-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-mod_cluster-undertow-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-naming-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-naming-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-naming-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-naming-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-naming-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-naming-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-ormtransformer-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ormtransformer-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-ormtransformer-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-ormtransformer-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ormtransformer-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-ormtransformer-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-picketlink-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-picketlink-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-picketlink-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-picketlink-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-picketlink-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-picketlink-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-pojo-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-pojo-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-pojo-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-pojo-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-pojo-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-pojo-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-rts-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-rts-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-rts-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-rts-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-rts-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-rts-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-sar-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-sar-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-sar-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-sar-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-sar-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-sar-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-security-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-security-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-security-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-security-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-security-api-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-api-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-security-api-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-security-api-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-api-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-security-api-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-security-integration-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-integration-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-security-integration-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-security-integration-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-integration-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-security-integration-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-security-plugins-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-plugins-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-security-plugins-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-security-plugins-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-plugins-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-security-plugins-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-security-vault-tool-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-vault-tool-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-security-vault-tool-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-security-vault-tool-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-vault-tool-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-security-vault-tool-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-system-jmx-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-system-jmx-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-system-jmx-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-system-jmx-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-system-jmx-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-system-jmx-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-transactions-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-transactions-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-transactions-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-transactions-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-transactions-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-transactions-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-undertow-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-undertow-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-undertow-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-undertow-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-undertow-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-undertow-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-web-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-web-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-web-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-web-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-web-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-web-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-web-common-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-web-common-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-web-common-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-web-common-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-web-common-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-web-common-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-webservices-server-integration-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-webservices-server-integration-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-webservices-server-integration-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-webservices-server-integration-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-webservices-server-integration-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-webservices-server-integration-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-weld-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-weld-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-weld-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-weld-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-weld-bean-validation-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-bean-validation-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-weld-bean-validation-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-weld-bean-validation-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-bean-validation-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-weld-bean-validation-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-weld-common-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-common-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-weld-common-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-weld-common-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-common-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-weld-common-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-weld-ejb-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-ejb-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-weld-ejb-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-weld-ejb-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-ejb-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-weld-ejb-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-weld-jpa-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-jpa-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-weld-jpa-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-weld-jpa-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-jpa-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-weld-jpa-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-weld-spi-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-spi-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-weld-spi-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-weld-spi-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-spi-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-weld-spi-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-weld-transactions-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-transactions-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-weld-transactions-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-weld-transactions-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-transactions-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-weld-transactions-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-weld-webservices-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-webservices-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-weld-webservices-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-weld-webservices-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-webservices-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-weld-webservices-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-xts-7.4.7.GA-redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-xts-7.4.7.GA-redhat-00003.jar"
},
"product_reference": "org.jboss.eap.wildfly-xts-7.4.7.GA-redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.eap.wildfly-xts-7.4.7.GA-redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-xts-7.4.7.GA-redhat-00003.pom"
},
"product_reference": "org.jboss.eap.wildfly-xts-7.4.7.GA-redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.ejb3.jboss-ejb3-ext-api-2.3.0.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.ejb3.jboss-ejb3-ext-api-2.3.0.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.ejb3.jboss-ejb3-ext-api-2.3.0.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.ejb3.jboss-ejb3-ext-api-2.3.0.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.ejb3.jboss-ejb3-ext-api-2.3.0.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.ejb3.jboss-ejb3-ext-api-2.3.0.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.genericjms.generic-jms-ra-jar-2.0.9.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.genericjms.generic-jms-ra-jar-2.0.9.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.genericjms.generic-jms-ra-jar-2.0.9.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.genericjms.generic-jms-ra-jar-2.0.9.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.genericjms.generic-jms-ra-jar-2.0.9.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.genericjms.generic-jms-ra-jar-2.0.9.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.hal.hal-console-3.3.14.Final-redhat-00001-resources.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.hal.hal-console-3.3.14.Final-redhat-00001-resources.jar"
},
"product_reference": "org.jboss.hal.hal-console-3.3.14.Final-redhat-00001-resources.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.hal.hal-console-3.3.14.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.hal.hal-console-3.3.14.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.hal.hal-console-3.3.14.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.invocation.jboss-invocation-1.6.3.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.invocation.jboss-invocation-1.6.3.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.invocation.jboss-invocation-1.6.3.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.invocation.jboss-invocation-1.6.3.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.invocation.jboss-invocation-1.6.3.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.invocation.jboss-invocation-1.6.3.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.ironjacamar.ironjacamar-common-api-1.5.3.SP2-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-common-api-1.5.3.SP2-redhat-00001.jar"
},
"product_reference": "org.jboss.ironjacamar.ironjacamar-common-api-1.5.3.SP2-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.ironjacamar.ironjacamar-common-api-1.5.3.SP2-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-common-api-1.5.3.SP2-redhat-00001.pom"
},
"product_reference": "org.jboss.ironjacamar.ironjacamar-common-api-1.5.3.SP2-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.ironjacamar.ironjacamar-common-impl-1.5.3.SP2-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-common-impl-1.5.3.SP2-redhat-00001.jar"
},
"product_reference": "org.jboss.ironjacamar.ironjacamar-common-impl-1.5.3.SP2-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.ironjacamar.ironjacamar-common-impl-1.5.3.SP2-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-common-impl-1.5.3.SP2-redhat-00001.pom"
},
"product_reference": "org.jboss.ironjacamar.ironjacamar-common-impl-1.5.3.SP2-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.ironjacamar.ironjacamar-common-spi-1.5.3.SP2-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-common-spi-1.5.3.SP2-redhat-00001.jar"
},
"product_reference": "org.jboss.ironjacamar.ironjacamar-common-spi-1.5.3.SP2-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.ironjacamar.ironjacamar-common-spi-1.5.3.SP2-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-common-spi-1.5.3.SP2-redhat-00001.pom"
},
"product_reference": "org.jboss.ironjacamar.ironjacamar-common-spi-1.5.3.SP2-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.ironjacamar.ironjacamar-core-api-1.5.3.SP2-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-core-api-1.5.3.SP2-redhat-00001.jar"
},
"product_reference": "org.jboss.ironjacamar.ironjacamar-core-api-1.5.3.SP2-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.ironjacamar.ironjacamar-core-api-1.5.3.SP2-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-core-api-1.5.3.SP2-redhat-00001.pom"
},
"product_reference": "org.jboss.ironjacamar.ironjacamar-core-api-1.5.3.SP2-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.ironjacamar.ironjacamar-core-impl-1.5.3.SP2-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-core-impl-1.5.3.SP2-redhat-00001.jar"
},
"product_reference": "org.jboss.ironjacamar.ironjacamar-core-impl-1.5.3.SP2-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.ironjacamar.ironjacamar-core-impl-1.5.3.SP2-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-core-impl-1.5.3.SP2-redhat-00001.pom"
},
"product_reference": "org.jboss.ironjacamar.ironjacamar-core-impl-1.5.3.SP2-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.ironjacamar.ironjacamar-deployers-common-1.5.3.SP2-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-deployers-common-1.5.3.SP2-redhat-00001.jar"
},
"product_reference": "org.jboss.ironjacamar.ironjacamar-deployers-common-1.5.3.SP2-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.ironjacamar.ironjacamar-deployers-common-1.5.3.SP2-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-deployers-common-1.5.3.SP2-redhat-00001.pom"
},
"product_reference": "org.jboss.ironjacamar.ironjacamar-deployers-common-1.5.3.SP2-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.ironjacamar.ironjacamar-jdbc-1.5.3.SP2-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-jdbc-1.5.3.SP2-redhat-00001.jar"
},
"product_reference": "org.jboss.ironjacamar.ironjacamar-jdbc-1.5.3.SP2-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.ironjacamar.ironjacamar-jdbc-1.5.3.SP2-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-jdbc-1.5.3.SP2-redhat-00001.pom"
},
"product_reference": "org.jboss.ironjacamar.ironjacamar-jdbc-1.5.3.SP2-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.ironjacamar.ironjacamar-validator-1.5.3.SP2-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-validator-1.5.3.SP2-redhat-00001.jar"
},
"product_reference": "org.jboss.ironjacamar.ironjacamar-validator-1.5.3.SP2-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.ironjacamar.ironjacamar-validator-1.5.3.SP2-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-validator-1.5.3.SP2-redhat-00001.pom"
},
"product_reference": "org.jboss.ironjacamar.ironjacamar-validator-1.5.3.SP2-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.jandex-2.4.2.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.jandex-2.4.2.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.jandex-2.4.2.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.jandex-2.4.2.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.jandex-2.4.2.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.jandex-2.4.2.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.jboss-dmr-1.5.1.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-dmr-1.5.1.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.jboss-dmr-1.5.1.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.jboss-dmr-1.5.1.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-dmr-1.5.1.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.jboss-dmr-1.5.1.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.jboss-ejb-client-4.0.45.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-ejb-client-4.0.45.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.jboss-ejb-client-4.0.45.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.jboss-ejb-client-4.0.45.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-ejb-client-4.0.45.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.jboss-ejb-client-4.0.45.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.jboss-ejb-client-legacy-3.0.3.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-ejb-client-legacy-3.0.3.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.jboss-ejb-client-legacy-3.0.3.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.jboss-ejb-client-legacy-3.0.3.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-ejb-client-legacy-3.0.3.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.jboss-ejb-client-legacy-3.0.3.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.jboss-iiop-client-1.0.1.Final-redhat-1.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-iiop-client-1.0.1.Final-redhat-1.jar"
},
"product_reference": "org.jboss.jboss-iiop-client-1.0.1.Final-redhat-1.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.jboss-iiop-client-1.0.1.Final-redhat-1.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-iiop-client-1.0.1.Final-redhat-1.pom"
},
"product_reference": "org.jboss.jboss-iiop-client-1.0.1.Final-redhat-1.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.jboss-transaction-spi-7.6.0.Final-redhat-1.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-transaction-spi-7.6.0.Final-redhat-1.jar"
},
"product_reference": "org.jboss.jboss-transaction-spi-7.6.0.Final-redhat-1.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.jboss-transaction-spi-7.6.0.Final-redhat-1.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-transaction-spi-7.6.0.Final-redhat-1.pom"
},
"product_reference": "org.jboss.jboss-transaction-spi-7.6.0.Final-redhat-1.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.jboss-vfs-3.2.17.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-vfs-3.2.17.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.jboss-vfs-3.2.17.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.jboss-vfs-3.2.17.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-vfs-3.2.17.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.jboss-vfs-3.2.17.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.logging.commons-logging-jboss-logging-1.0.0.Final-redhat-1.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.logging.commons-logging-jboss-logging-1.0.0.Final-redhat-1.jar"
},
"product_reference": "org.jboss.logging.commons-logging-jboss-logging-1.0.0.Final-redhat-1.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.logging.commons-logging-jboss-logging-1.0.0.Final-redhat-1.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.logging.commons-logging-jboss-logging-1.0.0.Final-redhat-1.pom"
},
"product_reference": "org.jboss.logging.commons-logging-jboss-logging-1.0.0.Final-redhat-1.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.logging.jboss-logging-3.4.1.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.logging.jboss-logging-3.4.1.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.logging.jboss-logging-3.4.1.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.logging.jboss-logging-3.4.1.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.logging.jboss-logging-3.4.1.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.logging.jboss-logging-3.4.1.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.logging.jul-to-slf4j-stub-1.0.1.Final-redhat-3.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.logging.jul-to-slf4j-stub-1.0.1.Final-redhat-3.jar"
},
"product_reference": "org.jboss.logging.jul-to-slf4j-stub-1.0.1.Final-redhat-3.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.logging.jul-to-slf4j-stub-1.0.1.Final-redhat-3.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.logging.jul-to-slf4j-stub-1.0.1.Final-redhat-3.pom"
},
"product_reference": "org.jboss.logging.jul-to-slf4j-stub-1.0.1.Final-redhat-3.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.logmanager.jboss-logmanager-2.1.18.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.logmanager.jboss-logmanager-2.1.18.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.logmanager.jboss-logmanager-2.1.18.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.logmanager.jboss-logmanager-2.1.18.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.logmanager.jboss-logmanager-2.1.18.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.logmanager.jboss-logmanager-2.1.18.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.logmanager.log4j-jboss-logmanager-1.2.2.Final-redhat-00002.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.logmanager.log4j-jboss-logmanager-1.2.2.Final-redhat-00002.jar"
},
"product_reference": "org.jboss.logmanager.log4j-jboss-logmanager-1.2.2.Final-redhat-00002.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.logmanager.log4j2-jboss-logmanager-1.0.0.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.logmanager.log4j2-jboss-logmanager-1.0.0.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.logmanager.log4j2-jboss-logmanager-1.0.0.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.logmanager.log4j2-jboss-logmanager-1.0.0.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.logmanager.log4j2-jboss-logmanager-1.0.0.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.logmanager.log4j2-jboss-logmanager-1.0.0.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.marshalling.jboss-marshalling-2.0.12.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.marshalling.jboss-marshalling-2.0.12.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.marshalling.jboss-marshalling-2.0.12.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.marshalling.jboss-marshalling-2.0.12.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.marshalling.jboss-marshalling-2.0.12.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.marshalling.jboss-marshalling-2.0.12.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.marshalling.jboss-marshalling-river-2.0.12.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.marshalling.jboss-marshalling-river-2.0.12.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.marshalling.jboss-marshalling-river-2.0.12.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.marshalling.jboss-marshalling-river-2.0.12.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.marshalling.jboss-marshalling-river-2.0.12.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.marshalling.jboss-marshalling-river-2.0.12.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.metadata.jboss-metadata-appclient-13.0.0.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-appclient-13.0.0.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.metadata.jboss-metadata-appclient-13.0.0.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.metadata.jboss-metadata-appclient-13.0.0.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-appclient-13.0.0.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.metadata.jboss-metadata-appclient-13.0.0.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.metadata.jboss-metadata-common-13.0.0.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-common-13.0.0.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.metadata.jboss-metadata-common-13.0.0.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.metadata.jboss-metadata-common-13.0.0.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-common-13.0.0.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.metadata.jboss-metadata-common-13.0.0.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.metadata.jboss-metadata-ear-13.0.0.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-ear-13.0.0.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.metadata.jboss-metadata-ear-13.0.0.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.metadata.jboss-metadata-ear-13.0.0.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-ear-13.0.0.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.metadata.jboss-metadata-ear-13.0.0.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.metadata.jboss-metadata-ejb-13.0.0.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-ejb-13.0.0.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.metadata.jboss-metadata-ejb-13.0.0.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.metadata.jboss-metadata-ejb-13.0.0.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-ejb-13.0.0.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.metadata.jboss-metadata-ejb-13.0.0.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.metadata.jboss-metadata-web-13.0.0.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-web-13.0.0.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.metadata.jboss-metadata-web-13.0.0.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.metadata.jboss-metadata-web-13.0.0.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-web-13.0.0.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.metadata.jboss-metadata-web-13.0.0.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.migration.jboss-server-migration-cli-1.10.0.Final-redhat-00019.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-cli-1.10.0.Final-redhat-00019.jar"
},
"product_reference": "org.jboss.migration.jboss-server-migration-cli-1.10.0.Final-redhat-00019.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.migration.jboss-server-migration-cli-1.10.0.Final-redhat-00019.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-cli-1.10.0.Final-redhat-00019.pom"
},
"product_reference": "org.jboss.migration.jboss-server-migration-cli-1.10.0.Final-redhat-00019.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.migration.jboss-server-migration-core-1.10.0.Final-redhat-00019.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-core-1.10.0.Final-redhat-00019.jar"
},
"product_reference": "org.jboss.migration.jboss-server-migration-core-1.10.0.Final-redhat-00019.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.migration.jboss-server-migration-core-1.10.0.Final-redhat-00019.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-core-1.10.0.Final-redhat-00019.pom"
},
"product_reference": "org.jboss.migration.jboss-server-migration-core-1.10.0.Final-redhat-00019.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.migration.jboss-server-migration-eap6.4-1.10.0.Final-redhat-00019.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap6.4-1.10.0.Final-redhat-00019.jar"
},
"product_reference": "org.jboss.migration.jboss-server-migration-eap6.4-1.10.0.Final-redhat-00019.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.migration.jboss-server-migration-eap6.4-1.10.0.Final-redhat-00019.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap6.4-1.10.0.Final-redhat-00019.pom"
},
"product_reference": "org.jboss.migration.jboss-server-migration-eap6.4-1.10.0.Final-redhat-00019.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.migration.jboss-server-migration-eap6.4-to-eap7.4-1.10.0.Final-redhat-00019.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap6.4-to-eap7.4-1.10.0.Final-redhat-00019.jar"
},
"product_reference": "org.jboss.migration.jboss-server-migration-eap6.4-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.migration.jboss-server-migration-eap6.4-to-eap7.4-1.10.0.Final-redhat-00019.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap6.4-to-eap7.4-1.10.0.Final-redhat-00019.pom"
},
"product_reference": "org.jboss.migration.jboss-server-migration-eap6.4-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.migration.jboss-server-migration-eap7.0-1.10.0.Final-redhat-00019.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.0-1.10.0.Final-redhat-00019.jar"
},
"product_reference": "org.jboss.migration.jboss-server-migration-eap7.0-1.10.0.Final-redhat-00019.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.migration.jboss-server-migration-eap7.0-1.10.0.Final-redhat-00019.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.0-1.10.0.Final-redhat-00019.pom"
},
"product_reference": "org.jboss.migration.jboss-server-migration-eap7.0-1.10.0.Final-redhat-00019.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.migration.jboss-server-migration-eap7.0-to-eap7.4-1.10.0.Final-redhat-00019.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.0-to-eap7.4-1.10.0.Final-redhat-00019.jar"
},
"product_reference": "org.jboss.migration.jboss-server-migration-eap7.0-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.migration.jboss-server-migration-eap7.0-to-eap7.4-1.10.0.Final-redhat-00019.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.0-to-eap7.4-1.10.0.Final-redhat-00019.pom"
},
"product_reference": "org.jboss.migration.jboss-server-migration-eap7.0-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.migration.jboss-server-migration-eap7.1-1.10.0.Final-redhat-00019.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.1-1.10.0.Final-redhat-00019.jar"
},
"product_reference": "org.jboss.migration.jboss-server-migration-eap7.1-1.10.0.Final-redhat-00019.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.migration.jboss-server-migration-eap7.1-1.10.0.Final-redhat-00019.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.1-1.10.0.Final-redhat-00019.pom"
},
"product_reference": "org.jboss.migration.jboss-server-migration-eap7.1-1.10.0.Final-redhat-00019.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.migration.jboss-server-migration-eap7.1-to-eap7.4-1.10.0.Final-redhat-00019.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.1-to-eap7.4-1.10.0.Final-redhat-00019.jar"
},
"product_reference": "org.jboss.migration.jboss-server-migration-eap7.1-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.migration.jboss-server-migration-eap7.1-to-eap7.4-1.10.0.Final-redhat-00019.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.1-to-eap7.4-1.10.0.Final-redhat-00019.pom"
},
"product_reference": "org.jboss.migration.jboss-server-migration-eap7.1-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.migration.jboss-server-migration-eap7.2-1.10.0.Final-redhat-00019.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.2-1.10.0.Final-redhat-00019.jar"
},
"product_reference": "org.jboss.migration.jboss-server-migration-eap7.2-1.10.0.Final-redhat-00019.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.migration.jboss-server-migration-eap7.2-1.10.0.Final-redhat-00019.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.2-1.10.0.Final-redhat-00019.pom"
},
"product_reference": "org.jboss.migration.jboss-server-migration-eap7.2-1.10.0.Final-redhat-00019.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.migration.jboss-server-migration-eap7.2-to-eap7.4-1.10.0.Final-redhat-00019.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.2-to-eap7.4-1.10.0.Final-redhat-00019.jar"
},
"product_reference": "org.jboss.migration.jboss-server-migration-eap7.2-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.migration.jboss-server-migration-eap7.2-to-eap7.4-1.10.0.Final-redhat-00019.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.2-to-eap7.4-1.10.0.Final-redhat-00019.pom"
},
"product_reference": "org.jboss.migration.jboss-server-migration-eap7.2-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.migration.jboss-server-migration-eap7.3-server-1.10.0.Final-redhat-00019.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.3-server-1.10.0.Final-redhat-00019.jar"
},
"product_reference": "org.jboss.migration.jboss-server-migration-eap7.3-server-1.10.0.Final-redhat-00019.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.migration.jboss-server-migration-eap7.3-server-1.10.0.Final-redhat-00019.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.3-server-1.10.0.Final-redhat-00019.pom"
},
"product_reference": "org.jboss.migration.jboss-server-migration-eap7.3-server-1.10.0.Final-redhat-00019.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.migration.jboss-server-migration-eap7.3-to-eap7.4-1.10.0.Final-redhat-00019.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.3-to-eap7.4-1.10.0.Final-redhat-00019.jar"
},
"product_reference": "org.jboss.migration.jboss-server-migration-eap7.3-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.migration.jboss-server-migration-eap7.3-to-eap7.4-1.10.0.Final-redhat-00019.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.3-to-eap7.4-1.10.0.Final-redhat-00019.pom"
},
"product_reference": "org.jboss.migration.jboss-server-migration-eap7.3-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.migration.jboss-server-migration-eap7.4-server-1.10.0.Final-redhat-00019.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.4-server-1.10.0.Final-redhat-00019.jar"
},
"product_reference": "org.jboss.migration.jboss-server-migration-eap7.4-server-1.10.0.Final-redhat-00019.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.migration.jboss-server-migration-eap7.4-server-1.10.0.Final-redhat-00019.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.4-server-1.10.0.Final-redhat-00019.pom"
},
"product_reference": "org.jboss.migration.jboss-server-migration-eap7.4-server-1.10.0.Final-redhat-00019.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.migration.jboss-server-migration-eap7.4-to-eap7.4-1.10.0.Final-redhat-00019.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.4-to-eap7.4-1.10.0.Final-redhat-00019.jar"
},
"product_reference": "org.jboss.migration.jboss-server-migration-eap7.4-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.migration.jboss-server-migration-eap7.4-to-eap7.4-1.10.0.Final-redhat-00019.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.4-to-eap7.4-1.10.0.Final-redhat-00019.pom"
},
"product_reference": "org.jboss.migration.jboss-server-migration-eap7.4-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.migration.jboss-server-migration-wildfly10.0-1.10.0.Final-redhat-00019.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly10.0-1.10.0.Final-redhat-00019.jar"
},
"product_reference": "org.jboss.migration.jboss-server-migration-wildfly10.0-1.10.0.Final-redhat-00019.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.migration.jboss-server-migration-wildfly10.0-1.10.0.Final-redhat-00019.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly10.0-1.10.0.Final-redhat-00019.pom"
},
"product_reference": "org.jboss.migration.jboss-server-migration-wildfly10.0-1.10.0.Final-redhat-00019.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.migration.jboss-server-migration-wildfly10.1-1.10.0.Final-redhat-00019.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly10.1-1.10.0.Final-redhat-00019.jar"
},
"product_reference": "org.jboss.migration.jboss-server-migration-wildfly10.1-1.10.0.Final-redhat-00019.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.migration.jboss-server-migration-wildfly10.1-1.10.0.Final-redhat-00019.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly10.1-1.10.0.Final-redhat-00019.pom"
},
"product_reference": "org.jboss.migration.jboss-server-migration-wildfly10.1-1.10.0.Final-redhat-00019.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.migration.jboss-server-migration-wildfly11.0-1.10.0.Final-redhat-00019.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly11.0-1.10.0.Final-redhat-00019.jar"
},
"product_reference": "org.jboss.migration.jboss-server-migration-wildfly11.0-1.10.0.Final-redhat-00019.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.migration.jboss-server-migration-wildfly11.0-1.10.0.Final-redhat-00019.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly11.0-1.10.0.Final-redhat-00019.pom"
},
"product_reference": "org.jboss.migration.jboss-server-migration-wildfly11.0-1.10.0.Final-redhat-00019.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.migration.jboss-server-migration-wildfly12.0-1.10.0.Final-redhat-00019.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly12.0-1.10.0.Final-redhat-00019.jar"
},
"product_reference": "org.jboss.migration.jboss-server-migration-wildfly12.0-1.10.0.Final-redhat-00019.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.migration.jboss-server-migration-wildfly12.0-1.10.0.Final-redhat-00019.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly12.0-1.10.0.Final-redhat-00019.pom"
},
"product_reference": "org.jboss.migration.jboss-server-migration-wildfly12.0-1.10.0.Final-redhat-00019.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.migration.jboss-server-migration-wildfly13.0-server-1.10.0.Final-redhat-00019.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly13.0-server-1.10.0.Final-redhat-00019.jar"
},
"product_reference": "org.jboss.migration.jboss-server-migration-wildfly13.0-server-1.10.0.Final-redhat-00019.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.migration.jboss-server-migration-wildfly13.0-server-1.10.0.Final-redhat-00019.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly13.0-server-1.10.0.Final-redhat-00019.pom"
},
"product_reference": "org.jboss.migration.jboss-server-migration-wildfly13.0-server-1.10.0.Final-redhat-00019.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.migration.jboss-server-migration-wildfly14.0-server-1.10.0.Final-redhat-00019.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly14.0-server-1.10.0.Final-redhat-00019.jar"
},
"product_reference": "org.jboss.migration.jboss-server-migration-wildfly14.0-server-1.10.0.Final-redhat-00019.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.migration.jboss-server-migration-wildfly14.0-server-1.10.0.Final-redhat-00019.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly14.0-server-1.10.0.Final-redhat-00019.pom"
},
"product_reference": "org.jboss.migration.jboss-server-migration-wildfly14.0-server-1.10.0.Final-redhat-00019.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.migration.jboss-server-migration-wildfly15.0-server-1.10.0.Final-redhat-00019.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly15.0-server-1.10.0.Final-redhat-00019.jar"
},
"product_reference": "org.jboss.migration.jboss-server-migration-wildfly15.0-server-1.10.0.Final-redhat-00019.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.migration.jboss-server-migration-wildfly15.0-server-1.10.0.Final-redhat-00019.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly15.0-server-1.10.0.Final-redhat-00019.pom"
},
"product_reference": "org.jboss.migration.jboss-server-migration-wildfly15.0-server-1.10.0.Final-redhat-00019.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.migration.jboss-server-migration-wildfly16.0-server-1.10.0.Final-redhat-00019.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly16.0-server-1.10.0.Final-redhat-00019.jar"
},
"product_reference": "org.jboss.migration.jboss-server-migration-wildfly16.0-server-1.10.0.Final-redhat-00019.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.migration.jboss-server-migration-wildfly16.0-server-1.10.0.Final-redhat-00019.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly16.0-server-1.10.0.Final-redhat-00019.pom"
},
"product_reference": "org.jboss.migration.jboss-server-migration-wildfly16.0-server-1.10.0.Final-redhat-00019.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.migration.jboss-server-migration-wildfly17.0-server-1.10.0.Final-redhat-00019.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly17.0-server-1.10.0.Final-redhat-00019.jar"
},
"product_reference": "org.jboss.migration.jboss-server-migration-wildfly17.0-server-1.10.0.Final-redhat-00019.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.migration.jboss-server-migration-wildfly17.0-server-1.10.0.Final-redhat-00019.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly17.0-server-1.10.0.Final-redhat-00019.pom"
},
"product_reference": "org.jboss.migration.jboss-server-migration-wildfly17.0-server-1.10.0.Final-redhat-00019.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.migration.jboss-server-migration-wildfly18.0-server-1.10.0.Final-redhat-00019.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly18.0-server-1.10.0.Final-redhat-00019.jar"
},
"product_reference": "org.jboss.migration.jboss-server-migration-wildfly18.0-server-1.10.0.Final-redhat-00019.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.migration.jboss-server-migration-wildfly18.0-server-1.10.0.Final-redhat-00019.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly18.0-server-1.10.0.Final-redhat-00019.pom"
},
"product_reference": "org.jboss.migration.jboss-server-migration-wildfly18.0-server-1.10.0.Final-redhat-00019.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.migration.jboss-server-migration-wildfly19.0-server-1.10.0.Final-redhat-00019.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly19.0-server-1.10.0.Final-redhat-00019.jar"
},
"product_reference": "org.jboss.migration.jboss-server-migration-wildfly19.0-server-1.10.0.Final-redhat-00019.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.migration.jboss-server-migration-wildfly19.0-server-1.10.0.Final-redhat-00019.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly19.0-server-1.10.0.Final-redhat-00019.pom"
},
"product_reference": "org.jboss.migration.jboss-server-migration-wildfly19.0-server-1.10.0.Final-redhat-00019.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.migration.jboss-server-migration-wildfly20.0-server-1.10.0.Final-redhat-00019.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly20.0-server-1.10.0.Final-redhat-00019.jar"
},
"product_reference": "org.jboss.migration.jboss-server-migration-wildfly20.0-server-1.10.0.Final-redhat-00019.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.migration.jboss-server-migration-wildfly20.0-server-1.10.0.Final-redhat-00019.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly20.0-server-1.10.0.Final-redhat-00019.pom"
},
"product_reference": "org.jboss.migration.jboss-server-migration-wildfly20.0-server-1.10.0.Final-redhat-00019.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.migration.jboss-server-migration-wildfly21.0-server-1.10.0.Final-redhat-00019.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly21.0-server-1.10.0.Final-redhat-00019.jar"
},
"product_reference": "org.jboss.migration.jboss-server-migration-wildfly21.0-server-1.10.0.Final-redhat-00019.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.migration.jboss-server-migration-wildfly21.0-server-1.10.0.Final-redhat-00019.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly21.0-server-1.10.0.Final-redhat-00019.pom"
},
"product_reference": "org.jboss.migration.jboss-server-migration-wildfly21.0-server-1.10.0.Final-redhat-00019.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.migration.jboss-server-migration-wildfly22.0-server-1.10.0.Final-redhat-00019.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly22.0-server-1.10.0.Final-redhat-00019.jar"
},
"product_reference": "org.jboss.migration.jboss-server-migration-wildfly22.0-server-1.10.0.Final-redhat-00019.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.migration.jboss-server-migration-wildfly22.0-server-1.10.0.Final-redhat-00019.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly22.0-server-1.10.0.Final-redhat-00019.pom"
},
"product_reference": "org.jboss.migration.jboss-server-migration-wildfly22.0-server-1.10.0.Final-redhat-00019.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.migration.jboss-server-migration-wildfly8.2-1.10.0.Final-redhat-00019.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly8.2-1.10.0.Final-redhat-00019.jar"
},
"product_reference": "org.jboss.migration.jboss-server-migration-wildfly8.2-1.10.0.Final-redhat-00019.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.migration.jboss-server-migration-wildfly8.2-1.10.0.Final-redhat-00019.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly8.2-1.10.0.Final-redhat-00019.pom"
},
"product_reference": "org.jboss.migration.jboss-server-migration-wildfly8.2-1.10.0.Final-redhat-00019.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.migration.jboss-server-migration-wildfly9.0-1.10.0.Final-redhat-00019.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly9.0-1.10.0.Final-redhat-00019.jar"
},
"product_reference": "org.jboss.migration.jboss-server-migration-wildfly9.0-1.10.0.Final-redhat-00019.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.migration.jboss-server-migration-wildfly9.0-1.10.0.Final-redhat-00019.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly9.0-1.10.0.Final-redhat-00019.pom"
},
"product_reference": "org.jboss.migration.jboss-server-migration-wildfly9.0-1.10.0.Final-redhat-00019.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.mod_cluster.mod_cluster-container-spi-1.4.4.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.mod_cluster.mod_cluster-container-spi-1.4.4.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.mod_cluster.mod_cluster-container-spi-1.4.4.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.mod_cluster.mod_cluster-container-spi-1.4.4.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.mod_cluster.mod_cluster-container-spi-1.4.4.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.mod_cluster.mod_cluster-container-spi-1.4.4.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.mod_cluster.mod_cluster-core-1.4.4.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.mod_cluster.mod_cluster-core-1.4.4.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.mod_cluster.mod_cluster-core-1.4.4.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.mod_cluster.mod_cluster-core-1.4.4.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.mod_cluster.mod_cluster-core-1.4.4.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.mod_cluster.mod_cluster-core-1.4.4.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.mod_cluster.mod_cluster-load-spi-1.4.4.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.mod_cluster.mod_cluster-load-spi-1.4.4.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.mod_cluster.mod_cluster-load-spi-1.4.4.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.mod_cluster.mod_cluster-load-spi-1.4.4.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.mod_cluster.mod_cluster-load-spi-1.4.4.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.mod_cluster.mod_cluster-load-spi-1.4.4.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.modules.jboss-modules-1.12.0.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.modules.jboss-modules-1.12.0.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.modules.jboss-modules-1.12.0.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.modules.jboss-modules-1.12.0.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.modules.jboss-modules-1.12.0.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.modules.jboss-modules-1.12.0.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.msc.jboss-msc-1.4.12.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.msc.jboss-msc-1.4.12.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.msc.jboss-msc-1.4.12.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.msc.jboss-msc-1.4.12.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.msc.jboss-msc-1.4.12.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.msc.jboss-msc-1.4.12.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.narayana.arjunacore.arjuna-5.11.4.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.arjunacore.arjuna-5.11.4.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.narayana.arjunacore.arjuna-5.11.4.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.narayana.arjunacore.txoj-5.11.4.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.arjunacore.txoj-5.11.4.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.narayana.arjunacore.txoj-5.11.4.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.narayana.common-5.11.4.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.common-5.11.4.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.narayana.common-5.11.4.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.narayana.compensations.compensations-5.11.4.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.compensations.compensations-5.11.4.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.narayana.compensations.compensations-5.11.4.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.narayana.compensations.compensations-5.11.4.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.compensations.compensations-5.11.4.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.narayana.compensations.compensations-5.11.4.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.narayana.jbosstxbridge-5.11.4.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jbosstxbridge-5.11.4.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.narayana.jbosstxbridge-5.11.4.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.narayana.jbosstxbridge-5.11.4.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jbosstxbridge-5.11.4.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.narayana.jbosstxbridge-5.11.4.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.narayana.jta.cdi-5.11.4.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jta.cdi-5.11.4.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.narayana.jta.cdi-5.11.4.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.narayana.jta.jdbc-5.11.4.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jta.jdbc-5.11.4.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.narayana.jta.jdbc-5.11.4.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.narayana.jta.jms-5.11.4.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jta.jms-5.11.4.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.narayana.jta.jms-5.11.4.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.narayana.jta.jta-5.11.4.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jta.jta-5.11.4.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.narayana.jta.jta-5.11.4.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.narayana.jts.idlj-idl-jdk8-5.11.4.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jts.idlj-idl-jdk8-5.11.4.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.narayana.jts.idlj-idl-jdk8-5.11.4.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.narayana.jts.jtax-5.11.4.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jts.jtax-5.11.4.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.narayana.jts.jtax-5.11.4.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.narayana.jts.jts-5.11.4.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jts.jts-5.11.4.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.narayana.jts.jts-5.11.4.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.narayana.jts.narayana-jts-idlj-5.11.4.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jts.narayana-jts-idlj-5.11.4.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.narayana.jts.narayana-jts-idlj-5.11.4.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.narayana.jts.narayana-jts-integration-5.11.4.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jts.narayana-jts-integration-5.11.4.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.narayana.jts.narayana-jts-integration-5.11.4.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.narayana.jts.narayana-jts-integration-5.11.4.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jts.narayana-jts-integration-5.11.4.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.narayana.jts.narayana-jts-integration-5.11.4.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.narayana.jts.orbportability-5.11.4.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jts.orbportability-5.11.4.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.narayana.jts.orbportability-5.11.4.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.narayana.rts.restat-api-5.11.4.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-api-5.11.4.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.narayana.rts.restat-api-5.11.4.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.narayana.rts.restat-api-5.11.4.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-api-5.11.4.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.narayana.rts.restat-api-5.11.4.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.narayana.rts.restat-bridge-5.11.4.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-bridge-5.11.4.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.narayana.rts.restat-bridge-5.11.4.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.narayana.rts.restat-bridge-5.11.4.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-bridge-5.11.4.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.narayana.rts.restat-bridge-5.11.4.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.narayana.rts.restat-integration-5.11.4.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-integration-5.11.4.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.narayana.rts.restat-integration-5.11.4.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.narayana.rts.restat-integration-5.11.4.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-integration-5.11.4.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.narayana.rts.restat-integration-5.11.4.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.narayana.rts.restat-util-5.11.4.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-util-5.11.4.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.narayana.rts.restat-util-5.11.4.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.narayana.rts.restat-util-5.11.4.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-util-5.11.4.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.narayana.rts.restat-util-5.11.4.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.narayana.txframework.txframework-5.11.4.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.txframework.txframework-5.11.4.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.narayana.txframework.txframework-5.11.4.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.narayana.txframework.txframework-5.11.4.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.txframework.txframework-5.11.4.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.narayana.txframework.txframework-5.11.4.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.narayana.xts.bridge-5.11.4.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.bridge-5.11.4.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.narayana.xts.bridge-5.11.4.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.narayana.xts.jbossxts-5.11.4.Final-redhat-00001-api.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.jbossxts-5.11.4.Final-redhat-00001-api.jar"
},
"product_reference": "org.jboss.narayana.xts.jbossxts-5.11.4.Final-redhat-00001-api.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.narayana.xts.jbossxts-5.11.4.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.jbossxts-5.11.4.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.narayana.xts.jbossxts-5.11.4.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.narayana.xts.recovery-5.11.4.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.recovery-5.11.4.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.narayana.xts.recovery-5.11.4.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.narayana.xts.service-5.11.4.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.service-5.11.4.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.narayana.xts.service-5.11.4.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.narayana.xts.ws-c11-5.11.4.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.ws-c11-5.11.4.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.narayana.xts.ws-c11-5.11.4.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.narayana.xts.ws-t11-5.11.4.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.ws-t11-5.11.4.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.narayana.xts.ws-t11-5.11.4.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.narayana.xts.wsas-5.11.4.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.wsas-5.11.4.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.narayana.xts.wsas-5.11.4.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.narayana.xts.wscf11-5.11.4.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.wscf11-5.11.4.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.narayana.xts.wscf11-5.11.4.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.narayana.xts.wstx11-5.11.4.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.wstx11-5.11.4.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.narayana.xts.wstx11-5.11.4.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.openjdk-orb.openjdk-orb-8.1.4.Final-redhat-00002.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.openjdk-orb.openjdk-orb-8.1.4.Final-redhat-00002.jar"
},
"product_reference": "org.jboss.openjdk-orb.openjdk-orb-8.1.4.Final-redhat-00002.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.openjdk-orb.openjdk-orb-8.1.4.Final-redhat-00002.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.openjdk-orb.openjdk-orb-8.1.4.Final-redhat-00002.pom"
},
"product_reference": "org.jboss.openjdk-orb.openjdk-orb-8.1.4.Final-redhat-00002.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.remoting.jboss-remoting-5.0.25.SP1-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.remoting.jboss-remoting-5.0.25.SP1-redhat-00001.jar"
},
"product_reference": "org.jboss.remoting.jboss-remoting-5.0.25.SP1-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.remoting.jboss-remoting-5.0.25.SP1-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.remoting.jboss-remoting-5.0.25.SP1-redhat-00001.pom"
},
"product_reference": "org.jboss.remoting.jboss-remoting-5.0.25.SP1-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.remotingjmx.remoting-jmx-3.0.4.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.remotingjmx.remoting-jmx-3.0.4.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.remotingjmx.remoting-jmx-3.0.4.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.remotingjmx.remoting-jmx-3.0.4.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.remotingjmx.remoting-jmx-3.0.4.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.remotingjmx.remoting-jmx-3.0.4.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.resteasy.jose-jwt-3.15.4.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.jose-jwt-3.15.4.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.resteasy.jose-jwt-3.15.4.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.resteasy.jose-jwt-3.15.4.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.jose-jwt-3.15.4.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.resteasy.jose-jwt-3.15.4.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.resteasy.resteasy-atom-provider-3.15.4.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-atom-provider-3.15.4.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.resteasy.resteasy-atom-provider-3.15.4.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.resteasy.resteasy-atom-provider-3.15.4.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-atom-provider-3.15.4.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.resteasy.resteasy-atom-provider-3.15.4.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.resteasy.resteasy-cdi-3.15.4.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-cdi-3.15.4.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.resteasy.resteasy-cdi-3.15.4.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.resteasy.resteasy-cdi-3.15.4.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-cdi-3.15.4.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.resteasy.resteasy-cdi-3.15.4.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.resteasy.resteasy-client-3.15.4.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-client-3.15.4.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.resteasy.resteasy-client-3.15.4.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.resteasy.resteasy-client-3.15.4.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-client-3.15.4.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.resteasy.resteasy-client-3.15.4.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.resteasy.resteasy-crypto-3.15.4.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-crypto-3.15.4.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.resteasy.resteasy-crypto-3.15.4.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.resteasy.resteasy-crypto-3.15.4.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-crypto-3.15.4.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.resteasy.resteasy-crypto-3.15.4.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.resteasy.resteasy-jackson-provider-3.15.4.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jackson-provider-3.15.4.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.resteasy.resteasy-jackson-provider-3.15.4.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.resteasy.resteasy-jackson-provider-3.15.4.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jackson-provider-3.15.4.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.resteasy.resteasy-jackson-provider-3.15.4.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.resteasy.resteasy-jackson2-provider-3.15.4.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jackson2-provider-3.15.4.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.resteasy.resteasy-jackson2-provider-3.15.4.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.resteasy.resteasy-jackson2-provider-3.15.4.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jackson2-provider-3.15.4.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.resteasy.resteasy-jackson2-provider-3.15.4.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.resteasy.resteasy-jaxb-provider-3.15.4.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jaxb-provider-3.15.4.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.resteasy.resteasy-jaxb-provider-3.15.4.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.resteasy.resteasy-jaxb-provider-3.15.4.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jaxb-provider-3.15.4.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.resteasy.resteasy-jaxb-provider-3.15.4.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.resteasy.resteasy-jaxrs-3.15.4.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jaxrs-3.15.4.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.resteasy.resteasy-jaxrs-3.15.4.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.resteasy.resteasy-jaxrs-3.15.4.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jaxrs-3.15.4.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.resteasy.resteasy-jaxrs-3.15.4.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.resteasy.resteasy-jettison-provider-3.15.4.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jettison-provider-3.15.4.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.resteasy.resteasy-jettison-provider-3.15.4.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.resteasy.resteasy-jettison-provider-3.15.4.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jettison-provider-3.15.4.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.resteasy.resteasy-jettison-provider-3.15.4.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.resteasy.resteasy-jsapi-3.15.4.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jsapi-3.15.4.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.resteasy.resteasy-jsapi-3.15.4.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.resteasy.resteasy-jsapi-3.15.4.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jsapi-3.15.4.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.resteasy.resteasy-jsapi-3.15.4.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.resteasy.resteasy-json-binding-provider-3.15.4.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-json-binding-provider-3.15.4.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.resteasy.resteasy-json-binding-provider-3.15.4.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.resteasy.resteasy-json-binding-provider-3.15.4.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-json-binding-provider-3.15.4.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.resteasy.resteasy-json-binding-provider-3.15.4.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.resteasy.resteasy-json-p-provider-3.15.4.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-json-p-provider-3.15.4.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.resteasy.resteasy-json-p-provider-3.15.4.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.resteasy.resteasy-json-p-provider-3.15.4.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-json-p-provider-3.15.4.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.resteasy.resteasy-json-p-provider-3.15.4.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.resteasy.resteasy-multipart-provider-3.15.4.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-multipart-provider-3.15.4.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.resteasy.resteasy-multipart-provider-3.15.4.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.resteasy.resteasy-multipart-provider-3.15.4.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-multipart-provider-3.15.4.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.resteasy.resteasy-multipart-provider-3.15.4.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.resteasy.resteasy-rxjava2-3.15.4.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-rxjava2-3.15.4.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.resteasy.resteasy-rxjava2-3.15.4.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.resteasy.resteasy-rxjava2-3.15.4.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-rxjava2-3.15.4.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.resteasy.resteasy-rxjava2-3.15.4.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.resteasy.resteasy-spring-3.15.4.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-spring-3.15.4.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.resteasy.resteasy-spring-3.15.4.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.resteasy.resteasy-spring-3.15.4.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-spring-3.15.4.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.resteasy.resteasy-spring-3.15.4.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.resteasy.resteasy-validator-provider-3.15.4.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-validator-provider-3.15.4.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.resteasy.resteasy-validator-provider-3.15.4.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.resteasy.resteasy-validator-provider-3.15.4.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-validator-provider-3.15.4.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.resteasy.resteasy-validator-provider-3.15.4.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.resteasy.resteasy-yaml-provider-3.15.4.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-yaml-provider-3.15.4.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.resteasy.resteasy-yaml-provider-3.15.4.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.resteasy.resteasy-yaml-provider-3.15.4.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-yaml-provider-3.15.4.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.resteasy.resteasy-yaml-provider-3.15.4.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.seam.integration.jboss-seam-int-jbossas-7.0.0.GA-redhat-2.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.seam.integration.jboss-seam-int-jbossas-7.0.0.GA-redhat-2.jar"
},
"product_reference": "org.jboss.seam.integration.jboss-seam-int-jbossas-7.0.0.GA-redhat-2.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.seam.integration.jboss-seam-int-jbossas-7.0.0.GA-redhat-2.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.seam.integration.jboss-seam-int-jbossas-7.0.0.GA-redhat-2.pom"
},
"product_reference": "org.jboss.seam.integration.jboss-seam-int-jbossas-7.0.0.GA-redhat-2.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.security.jboss-negotiation-common-3.0.6.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-common-3.0.6.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.security.jboss-negotiation-common-3.0.6.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.security.jboss-negotiation-common-3.0.6.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-common-3.0.6.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.security.jboss-negotiation-common-3.0.6.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.security.jboss-negotiation-extras-3.0.6.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-extras-3.0.6.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.security.jboss-negotiation-extras-3.0.6.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.security.jboss-negotiation-extras-3.0.6.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-extras-3.0.6.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.security.jboss-negotiation-extras-3.0.6.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.security.jboss-negotiation-ntlm-3.0.6.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-ntlm-3.0.6.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.security.jboss-negotiation-ntlm-3.0.6.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.security.jboss-negotiation-ntlm-3.0.6.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-ntlm-3.0.6.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.security.jboss-negotiation-ntlm-3.0.6.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.security.jboss-negotiation-spnego-3.0.6.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-spnego-3.0.6.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.security.jboss-negotiation-spnego-3.0.6.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.security.jboss-negotiation-spnego-3.0.6.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-spnego-3.0.6.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.security.jboss-negotiation-spnego-3.0.6.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.security.jbossxacml-2.0.8.Final-redhat-8.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.security.jbossxacml-2.0.8.Final-redhat-8.jar"
},
"product_reference": "org.jboss.security.jbossxacml-2.0.8.Final-redhat-8.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.slf4j.slf4j-jboss-logmanager-1.1.0.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.slf4j.slf4j-jboss-logmanager-1.1.0.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.slf4j.slf4j-jboss-logmanager-1.1.0.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.slf4j.slf4j-jboss-logmanager-1.1.0.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.slf4j.slf4j-jboss-logmanager-1.1.0.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.slf4j.slf4j-jboss-logmanager-1.1.0.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.spec.javax.annotation.jboss-annotations-api_1.3_spec-2.0.1.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.annotation.jboss-annotations-api_1.3_spec-2.0.1.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.spec.javax.annotation.jboss-annotations-api_1.3_spec-2.0.1.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.spec.javax.annotation.jboss-annotations-api_1.3_spec-2.0.1.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.annotation.jboss-annotations-api_1.3_spec-2.0.1.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.spec.javax.annotation.jboss-annotations-api_1.3_spec-2.0.1.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.spec.javax.batch.jboss-batch-api_1.0_spec-2.0.0.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.batch.jboss-batch-api_1.0_spec-2.0.0.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.spec.javax.batch.jboss-batch-api_1.0_spec-2.0.0.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.spec.javax.batch.jboss-batch-api_1.0_spec-2.0.0.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.batch.jboss-batch-api_1.0_spec-2.0.0.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.spec.javax.batch.jboss-batch-api_1.0_spec-2.0.0.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.spec.javax.ejb.jboss-ejb-api_3.2_spec-2.0.0.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.ejb.jboss-ejb-api_3.2_spec-2.0.0.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.spec.javax.ejb.jboss-ejb-api_3.2_spec-2.0.0.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.spec.javax.ejb.jboss-ejb-api_3.2_spec-2.0.0.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.ejb.jboss-ejb-api_3.2_spec-2.0.0.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.spec.javax.ejb.jboss-ejb-api_3.2_spec-2.0.0.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.spec.javax.el.jboss-el-api_3.0_spec-2.0.0.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.el.jboss-el-api_3.0_spec-2.0.0.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.spec.javax.el.jboss-el-api_3.0_spec-2.0.0.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.spec.javax.el.jboss-el-api_3.0_spec-2.0.0.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.el.jboss-el-api_3.0_spec-2.0.0.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.spec.javax.el.jboss-el-api_3.0_spec-2.0.0.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.spec.javax.enterprise.concurrent.jboss-concurrency-api_1.0_spec-2.0.0.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.enterprise.concurrent.jboss-concurrency-api_1.0_spec-2.0.0.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.spec.javax.enterprise.concurrent.jboss-concurrency-api_1.0_spec-2.0.0.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.spec.javax.enterprise.concurrent.jboss-concurrency-api_1.0_spec-2.0.0.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.enterprise.concurrent.jboss-concurrency-api_1.0_spec-2.0.0.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.spec.javax.enterprise.concurrent.jboss-concurrency-api_1.0_spec-2.0.0.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.spec.javax.faces.jboss-jsf-api_2.3_spec-3.0.0.SP06-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.faces.jboss-jsf-api_2.3_spec-3.0.0.SP06-redhat-00001.jar"
},
"product_reference": "org.jboss.spec.javax.faces.jboss-jsf-api_2.3_spec-3.0.0.SP06-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.spec.javax.faces.jboss-jsf-api_2.3_spec-3.0.0.SP06-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.faces.jboss-jsf-api_2.3_spec-3.0.0.SP06-redhat-00001.pom"
},
"product_reference": "org.jboss.spec.javax.faces.jboss-jsf-api_2.3_spec-3.0.0.SP06-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.spec.javax.interceptor.jboss-interceptors-api_1.2_spec-2.0.0.Final-redhat-00002.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.interceptor.jboss-interceptors-api_1.2_spec-2.0.0.Final-redhat-00002.jar"
},
"product_reference": "org.jboss.spec.javax.interceptor.jboss-interceptors-api_1.2_spec-2.0.0.Final-redhat-00002.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.spec.javax.interceptor.jboss-interceptors-api_1.2_spec-2.0.0.Final-redhat-00002.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.interceptor.jboss-interceptors-api_1.2_spec-2.0.0.Final-redhat-00002.pom"
},
"product_reference": "org.jboss.spec.javax.interceptor.jboss-interceptors-api_1.2_spec-2.0.0.Final-redhat-00002.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.spec.javax.jms.jboss-jms-api_2.0_spec-2.0.0.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.jms.jboss-jms-api_2.0_spec-2.0.0.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.spec.javax.jms.jboss-jms-api_2.0_spec-2.0.0.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.spec.javax.jms.jboss-jms-api_2.0_spec-2.0.0.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.jms.jboss-jms-api_2.0_spec-2.0.0.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.spec.javax.jms.jboss-jms-api_2.0_spec-2.0.0.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.spec.javax.management.j2ee.jboss-j2eemgmt-api_1.1_spec-2.0.0.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.management.j2ee.jboss-j2eemgmt-api_1.1_spec-2.0.0.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.spec.javax.management.j2ee.jboss-j2eemgmt-api_1.1_spec-2.0.0.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.spec.javax.management.j2ee.jboss-j2eemgmt-api_1.1_spec-2.0.0.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.management.j2ee.jboss-j2eemgmt-api_1.1_spec-2.0.0.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.spec.javax.management.j2ee.jboss-j2eemgmt-api_1.1_spec-2.0.0.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.spec.javax.resource.jboss-connector-api_1.7_spec-2.0.0.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.resource.jboss-connector-api_1.7_spec-2.0.0.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.spec.javax.resource.jboss-connector-api_1.7_spec-2.0.0.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.spec.javax.resource.jboss-connector-api_1.7_spec-2.0.0.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.resource.jboss-connector-api_1.7_spec-2.0.0.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.spec.javax.resource.jboss-connector-api_1.7_spec-2.0.0.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.spec.javax.security.auth.message.jboss-jaspi-api_1.1_spec-2.0.1.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.security.auth.message.jboss-jaspi-api_1.1_spec-2.0.1.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.spec.javax.security.auth.message.jboss-jaspi-api_1.1_spec-2.0.1.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.spec.javax.security.auth.message.jboss-jaspi-api_1.1_spec-2.0.1.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.security.auth.message.jboss-jaspi-api_1.1_spec-2.0.1.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.spec.javax.security.auth.message.jboss-jaspi-api_1.1_spec-2.0.1.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.spec.javax.security.jacc.jboss-jacc-api_1.5_spec-2.0.0.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.security.jacc.jboss-jacc-api_1.5_spec-2.0.0.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.spec.javax.security.jacc.jboss-jacc-api_1.5_spec-2.0.0.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.spec.javax.security.jacc.jboss-jacc-api_1.5_spec-2.0.0.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.security.jacc.jboss-jacc-api_1.5_spec-2.0.0.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.spec.javax.security.jacc.jboss-jacc-api_1.5_spec-2.0.0.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.spec.javax.servlet.jboss-servlet-api_4.0_spec-2.0.0.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.servlet.jboss-servlet-api_4.0_spec-2.0.0.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.spec.javax.servlet.jboss-servlet-api_4.0_spec-2.0.0.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.spec.javax.servlet.jboss-servlet-api_4.0_spec-2.0.0.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.servlet.jboss-servlet-api_4.0_spec-2.0.0.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.spec.javax.servlet.jboss-servlet-api_4.0_spec-2.0.0.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.spec.javax.servlet.jsp.jboss-jsp-api_2.3_spec-2.0.0.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.servlet.jsp.jboss-jsp-api_2.3_spec-2.0.0.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.spec.javax.servlet.jsp.jboss-jsp-api_2.3_spec-2.0.0.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.spec.javax.servlet.jsp.jboss-jsp-api_2.3_spec-2.0.0.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.servlet.jsp.jboss-jsp-api_2.3_spec-2.0.0.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.spec.javax.servlet.jsp.jboss-jsp-api_2.3_spec-2.0.0.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.spec.javax.transaction.jboss-transaction-api_1.3_spec-2.0.0.Final-redhat-00005.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.transaction.jboss-transaction-api_1.3_spec-2.0.0.Final-redhat-00005.jar"
},
"product_reference": "org.jboss.spec.javax.transaction.jboss-transaction-api_1.3_spec-2.0.0.Final-redhat-00005.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.spec.javax.transaction.jboss-transaction-api_1.3_spec-2.0.0.Final-redhat-00005.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.transaction.jboss-transaction-api_1.3_spec-2.0.0.Final-redhat-00005.pom"
},
"product_reference": "org.jboss.spec.javax.transaction.jboss-transaction-api_1.3_spec-2.0.0.Final-redhat-00005.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.spec.javax.websocket.jboss-websocket-api_1.1_spec-2.0.0.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.websocket.jboss-websocket-api_1.1_spec-2.0.0.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.spec.javax.websocket.jboss-websocket-api_1.1_spec-2.0.0.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.spec.javax.websocket.jboss-websocket-api_1.1_spec-2.0.0.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.websocket.jboss-websocket-api_1.1_spec-2.0.0.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.spec.javax.websocket.jboss-websocket-api_1.1_spec-2.0.0.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.spec.javax.ws.rs.jboss-jaxrs-api_2.1_spec-2.0.1.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.ws.rs.jboss-jaxrs-api_2.1_spec-2.0.1.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.spec.javax.ws.rs.jboss-jaxrs-api_2.1_spec-2.0.1.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.spec.javax.ws.rs.jboss-jaxrs-api_2.1_spec-2.0.1.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.ws.rs.jboss-jaxrs-api_2.1_spec-2.0.1.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.spec.javax.ws.rs.jboss-jaxrs-api_2.1_spec-2.0.1.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.spec.javax.xml.bind.jboss-jaxb-api_2.3_spec-2.0.1.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.bind.jboss-jaxb-api_2.3_spec-2.0.1.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.spec.javax.xml.bind.jboss-jaxb-api_2.3_spec-2.0.1.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.spec.javax.xml.bind.jboss-jaxb-api_2.3_spec-2.0.1.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.bind.jboss-jaxb-api_2.3_spec-2.0.1.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.spec.javax.xml.bind.jboss-jaxb-api_2.3_spec-2.0.1.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.spec.javax.xml.rpc.jboss-jaxrpc-api_1.1_spec-2.0.0.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.rpc.jboss-jaxrpc-api_1.1_spec-2.0.0.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.spec.javax.xml.rpc.jboss-jaxrpc-api_1.1_spec-2.0.0.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.spec.javax.xml.rpc.jboss-jaxrpc-api_1.1_spec-2.0.0.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.rpc.jboss-jaxrpc-api_1.1_spec-2.0.0.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.spec.javax.xml.rpc.jboss-jaxrpc-api_1.1_spec-2.0.0.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.spec.javax.xml.soap.jboss-saaj-api_1.3_spec-1.0.6.Final-redhat-1.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.soap.jboss-saaj-api_1.3_spec-1.0.6.Final-redhat-1.jar"
},
"product_reference": "org.jboss.spec.javax.xml.soap.jboss-saaj-api_1.3_spec-1.0.6.Final-redhat-1.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.spec.javax.xml.soap.jboss-saaj-api_1.3_spec-1.0.6.Final-redhat-1.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.soap.jboss-saaj-api_1.3_spec-1.0.6.Final-redhat-1.pom"
},
"product_reference": "org.jboss.spec.javax.xml.soap.jboss-saaj-api_1.3_spec-1.0.6.Final-redhat-1.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.spec.javax.xml.soap.jboss-saaj-api_1.4_spec-1.0.2.Final-redhat-00002.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.soap.jboss-saaj-api_1.4_spec-1.0.2.Final-redhat-00002.jar"
},
"product_reference": "org.jboss.spec.javax.xml.soap.jboss-saaj-api_1.4_spec-1.0.2.Final-redhat-00002.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.spec.javax.xml.soap.jboss-saaj-api_1.4_spec-1.0.2.Final-redhat-00002.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.soap.jboss-saaj-api_1.4_spec-1.0.2.Final-redhat-00002.pom"
},
"product_reference": "org.jboss.spec.javax.xml.soap.jboss-saaj-api_1.4_spec-1.0.2.Final-redhat-00002.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.spec.javax.xml.ws.jboss-jaxws-api_2.3_spec-2.0.0.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.ws.jboss-jaxws-api_2.3_spec-2.0.0.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.spec.javax.xml.ws.jboss-jaxws-api_2.3_spec-2.0.0.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.spec.javax.xml.ws.jboss-jaxws-api_2.3_spec-2.0.0.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.ws.jboss-jaxws-api_2.3_spec-2.0.0.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.spec.javax.xml.ws.jboss-jaxws-api_2.3_spec-2.0.0.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.staxmapper-1.3.0.Final-redhat-1.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.staxmapper-1.3.0.Final-redhat-1.jar"
},
"product_reference": "org.jboss.staxmapper-1.3.0.Final-redhat-1.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.staxmapper-1.3.0.Final-redhat-1.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.staxmapper-1.3.0.Final-redhat-1.pom"
},
"product_reference": "org.jboss.staxmapper-1.3.0.Final-redhat-1.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.stdio.jboss-stdio-1.1.0.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.stdio.jboss-stdio-1.1.0.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.stdio.jboss-stdio-1.1.0.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.stdio.jboss-stdio-1.1.0.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.stdio.jboss-stdio-1.1.0.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.stdio.jboss-stdio-1.1.0.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.threads.jboss-threads-2.4.0.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.threads.jboss-threads-2.4.0.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.threads.jboss-threads-2.4.0.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.threads.jboss-threads-2.4.0.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.threads.jboss-threads-2.4.0.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.threads.jboss-threads-2.4.0.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.weld.module.weld-ejb-3.1.6.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-ejb-3.1.6.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.weld.module.weld-ejb-3.1.6.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.weld.module.weld-ejb-3.1.6.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-ejb-3.1.6.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.weld.module.weld-ejb-3.1.6.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.weld.module.weld-jsf-3.1.6.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-jsf-3.1.6.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.weld.module.weld-jsf-3.1.6.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.weld.module.weld-jsf-3.1.6.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-jsf-3.1.6.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.weld.module.weld-jsf-3.1.6.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.weld.module.weld-jta-3.1.6.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-jta-3.1.6.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.weld.module.weld-jta-3.1.6.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.weld.module.weld-jta-3.1.6.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-jta-3.1.6.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.weld.module.weld-jta-3.1.6.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.weld.module.weld-web-3.1.6.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-web-3.1.6.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.weld.module.weld-web-3.1.6.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.weld.module.weld-web-3.1.6.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-web-3.1.6.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.weld.module.weld-web-3.1.6.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.weld.probe.weld-probe-core-3.1.6.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.weld.probe.weld-probe-core-3.1.6.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.weld.probe.weld-probe-core-3.1.6.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.weld.probe.weld-probe-core-3.1.6.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.weld.probe.weld-probe-core-3.1.6.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.weld.probe.weld-probe-core-3.1.6.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.weld.weld-api-3.1.0.SP3-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.weld.weld-api-3.1.0.SP3-redhat-00001.jar"
},
"product_reference": "org.jboss.weld.weld-api-3.1.0.SP3-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.weld.weld-api-3.1.0.SP3-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.weld.weld-api-3.1.0.SP3-redhat-00001.pom"
},
"product_reference": "org.jboss.weld.weld-api-3.1.0.SP3-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.weld.weld-core-impl-3.1.6.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.weld.weld-core-impl-3.1.6.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.weld.weld-core-impl-3.1.6.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.weld.weld-core-impl-3.1.6.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.weld.weld-core-impl-3.1.6.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.weld.weld-core-impl-3.1.6.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.weld.weld-spi-3.1.0.SP3-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.weld.weld-spi-3.1.0.SP3-redhat-00001.jar"
},
"product_reference": "org.jboss.weld.weld-spi-3.1.0.SP3-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.weld.weld-spi-3.1.0.SP3-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.weld.weld-spi-3.1.0.SP3-redhat-00001.pom"
},
"product_reference": "org.jboss.weld.weld-spi-3.1.0.SP3-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.ws.cxf.jbossws-cxf-client-5.4.4.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-client-5.4.4.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.ws.cxf.jbossws-cxf-client-5.4.4.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.ws.cxf.jbossws-cxf-client-5.4.4.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-client-5.4.4.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.ws.cxf.jbossws-cxf-client-5.4.4.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.ws.cxf.jbossws-cxf-factories-5.4.4.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-factories-5.4.4.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.ws.cxf.jbossws-cxf-factories-5.4.4.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.ws.cxf.jbossws-cxf-factories-5.4.4.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-factories-5.4.4.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.ws.cxf.jbossws-cxf-factories-5.4.4.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.ws.cxf.jbossws-cxf-jaspi-5.4.4.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-jaspi-5.4.4.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.ws.cxf.jbossws-cxf-jaspi-5.4.4.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.ws.cxf.jbossws-cxf-jaspi-5.4.4.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-jaspi-5.4.4.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.ws.cxf.jbossws-cxf-jaspi-5.4.4.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.ws.cxf.jbossws-cxf-resources-5.4.4.Final-redhat-00001-wildfly2000.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-resources-5.4.4.Final-redhat-00001-wildfly2000.jar"
},
"product_reference": "org.jboss.ws.cxf.jbossws-cxf-resources-5.4.4.Final-redhat-00001-wildfly2000.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.ws.cxf.jbossws-cxf-resources-5.4.4.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-resources-5.4.4.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.ws.cxf.jbossws-cxf-resources-5.4.4.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.ws.cxf.jbossws-cxf-server-5.4.4.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-server-5.4.4.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.ws.cxf.jbossws-cxf-server-5.4.4.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.ws.cxf.jbossws-cxf-server-5.4.4.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-server-5.4.4.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.ws.cxf.jbossws-cxf-server-5.4.4.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.ws.cxf.jbossws-cxf-transports-udp-5.4.4.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-transports-udp-5.4.4.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.ws.cxf.jbossws-cxf-transports-udp-5.4.4.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.ws.cxf.jbossws-cxf-transports-udp-5.4.4.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-transports-udp-5.4.4.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.ws.cxf.jbossws-cxf-transports-udp-5.4.4.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.ws.cxf.jbossws-cxf-transports-undertow-5.4.4.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-transports-undertow-5.4.4.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.ws.cxf.jbossws-cxf-transports-undertow-5.4.4.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.ws.cxf.jbossws-cxf-transports-undertow-5.4.4.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-transports-undertow-5.4.4.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.ws.cxf.jbossws-cxf-transports-undertow-5.4.4.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.ws.jbossws-api-1.1.2.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-api-1.1.2.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.ws.jbossws-api-1.1.2.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.ws.jbossws-api-1.1.2.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-api-1.1.2.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.ws.jbossws-api-1.1.2.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.ws.jbossws-common-3.3.3.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-common-3.3.3.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.ws.jbossws-common-3.3.3.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.ws.jbossws-common-3.3.3.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-common-3.3.3.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.ws.jbossws-common-3.3.3.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.ws.jbossws-common-tools-1.3.2.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-common-tools-1.3.2.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.ws.jbossws-common-tools-1.3.2.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.ws.jbossws-common-tools-1.3.2.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-common-tools-1.3.2.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.ws.jbossws-common-tools-1.3.2.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.ws.jbossws-spi-3.3.1.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-spi-3.3.1.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.ws.jbossws-spi-3.3.1.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.ws.jbossws-spi-3.3.1.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-spi-3.3.1.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.ws.jbossws-spi-3.3.1.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.ws.projects.jaxws-undertow-httpspi-1.0.1.Final-redhat-1.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.ws.projects.jaxws-undertow-httpspi-1.0.1.Final-redhat-1.jar"
},
"product_reference": "org.jboss.ws.projects.jaxws-undertow-httpspi-1.0.1.Final-redhat-1.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.ws.projects.jaxws-undertow-httpspi-1.0.1.Final-redhat-1.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.ws.projects.jaxws-undertow-httpspi-1.0.1.Final-redhat-1.pom"
},
"product_reference": "org.jboss.ws.projects.jaxws-undertow-httpspi-1.0.1.Final-redhat-1.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.xnio.netty.netty-xnio-transport-0.1.9.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.xnio.netty.netty-xnio-transport-0.1.9.Final-redhat-00001.jar"
},
"product_reference": "org.jboss.xnio.netty.netty-xnio-transport-0.1.9.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.xnio.netty.netty-xnio-transport-0.1.9.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.xnio.netty.netty-xnio-transport-0.1.9.Final-redhat-00001.pom"
},
"product_reference": "org.jboss.xnio.netty.netty-xnio-transport-0.1.9.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.xnio.xnio-api-3.8.7.SP1-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.xnio.xnio-api-3.8.7.SP1-redhat-00001.jar"
},
"product_reference": "org.jboss.xnio.xnio-api-3.8.7.SP1-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.xnio.xnio-api-3.8.7.SP1-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.xnio.xnio-api-3.8.7.SP1-redhat-00001.pom"
},
"product_reference": "org.jboss.xnio.xnio-api-3.8.7.SP1-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.xnio.xnio-nio-3.8.7.SP1-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.xnio.xnio-nio-3.8.7.SP1-redhat-00001.jar"
},
"product_reference": "org.jboss.xnio.xnio-nio-3.8.7.SP1-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jboss.xnio.xnio-nio-3.8.7.SP1-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jboss.xnio.xnio-nio-3.8.7.SP1-redhat-00001.pom"
},
"product_reference": "org.jboss.xnio.xnio-nio-3.8.7.SP1-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jctools.jctools-core-2.1.2.redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jctools.jctools-core-2.1.2.redhat-00003.jar"
},
"product_reference": "org.jctools.jctools-core-2.1.2.redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jctools.jctools-core-2.1.2.redhat-00003.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jctools.jctools-core-2.1.2.redhat-00003.pom"
},
"product_reference": "org.jctools.jctools-core-2.1.2.redhat-00003.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jctools.jctools-core-3.1.0.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jctools.jctools-core-3.1.0.redhat-00001.pom"
},
"product_reference": "org.jctools.jctools-core-3.1.0.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jgroups.azure.jgroups-azure-1.3.1.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jgroups.azure.jgroups-azure-1.3.1.Final-redhat-00001.jar"
},
"product_reference": "org.jgroups.azure.jgroups-azure-1.3.1.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jgroups.azure.jgroups-azure-1.3.1.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jgroups.azure.jgroups-azure-1.3.1.Final-redhat-00001.pom"
},
"product_reference": "org.jgroups.azure.jgroups-azure-1.3.1.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jgroups.jgroups-4.2.15.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jgroups.jgroups-4.2.15.Final-redhat-00001.jar"
},
"product_reference": "org.jgroups.jgroups-4.2.15.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jgroups.jgroups-4.2.15.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jgroups.jgroups-4.2.15.Final-redhat-00001.pom"
},
"product_reference": "org.jgroups.jgroups-4.2.15.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jgroups.kubernetes.jgroups-kubernetes-1.0.16.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jgroups.kubernetes.jgroups-kubernetes-1.0.16.Final-redhat-00001.jar"
},
"product_reference": "org.jgroups.kubernetes.jgroups-kubernetes-1.0.16.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jgroups.kubernetes.jgroups-kubernetes-1.0.16.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jgroups.kubernetes.jgroups-kubernetes-1.0.16.Final-redhat-00001.pom"
},
"product_reference": "org.jgroups.kubernetes.jgroups-kubernetes-1.0.16.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jsoup.jsoup-1.14.2.redhat-00002.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jsoup.jsoup-1.14.2.redhat-00002.jar"
},
"product_reference": "org.jsoup.jsoup-1.14.2.redhat-00002.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jsoup.jsoup-1.14.2.redhat-00002.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jsoup.jsoup-1.14.2.redhat-00002.pom"
},
"product_reference": "org.jsoup.jsoup-1.14.2.redhat-00002.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jvnet.staxex.stax-ex-1.8.3.redhat-00002.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jvnet.staxex.stax-ex-1.8.3.redhat-00002.jar"
},
"product_reference": "org.jvnet.staxex.stax-ex-1.8.3.redhat-00002.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.jvnet.staxex.stax-ex-1.8.3.redhat-00002.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.jvnet.staxex.stax-ex-1.8.3.redhat-00002.pom"
},
"product_reference": "org.jvnet.staxex.stax-ex-1.8.3.redhat-00002.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.opensaml.opensaml-core-3.3.1.redhat-00002.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-core-3.3.1.redhat-00002.jar"
},
"product_reference": "org.opensaml.opensaml-core-3.3.1.redhat-00002.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.opensaml.opensaml-core-3.3.1.redhat-00002.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-core-3.3.1.redhat-00002.pom"
},
"product_reference": "org.opensaml.opensaml-core-3.3.1.redhat-00002.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.opensaml.opensaml-profile-api-3.3.1.redhat-00002.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-profile-api-3.3.1.redhat-00002.jar"
},
"product_reference": "org.opensaml.opensaml-profile-api-3.3.1.redhat-00002.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.opensaml.opensaml-profile-api-3.3.1.redhat-00002.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-profile-api-3.3.1.redhat-00002.pom"
},
"product_reference": "org.opensaml.opensaml-profile-api-3.3.1.redhat-00002.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.opensaml.opensaml-saml-api-3.3.1.redhat-00002.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-saml-api-3.3.1.redhat-00002.jar"
},
"product_reference": "org.opensaml.opensaml-saml-api-3.3.1.redhat-00002.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.opensaml.opensaml-saml-api-3.3.1.redhat-00002.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-saml-api-3.3.1.redhat-00002.pom"
},
"product_reference": "org.opensaml.opensaml-saml-api-3.3.1.redhat-00002.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.opensaml.opensaml-saml-impl-3.3.1.redhat-00002.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-saml-impl-3.3.1.redhat-00002.jar"
},
"product_reference": "org.opensaml.opensaml-saml-impl-3.3.1.redhat-00002.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.opensaml.opensaml-saml-impl-3.3.1.redhat-00002.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-saml-impl-3.3.1.redhat-00002.pom"
},
"product_reference": "org.opensaml.opensaml-saml-impl-3.3.1.redhat-00002.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.opensaml.opensaml-security-api-3.3.1.redhat-00002.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-security-api-3.3.1.redhat-00002.jar"
},
"product_reference": "org.opensaml.opensaml-security-api-3.3.1.redhat-00002.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.opensaml.opensaml-security-api-3.3.1.redhat-00002.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-security-api-3.3.1.redhat-00002.pom"
},
"product_reference": "org.opensaml.opensaml-security-api-3.3.1.redhat-00002.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.opensaml.opensaml-security-impl-3.3.1.redhat-00002.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-security-impl-3.3.1.redhat-00002.jar"
},
"product_reference": "org.opensaml.opensaml-security-impl-3.3.1.redhat-00002.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.opensaml.opensaml-security-impl-3.3.1.redhat-00002.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-security-impl-3.3.1.redhat-00002.pom"
},
"product_reference": "org.opensaml.opensaml-security-impl-3.3.1.redhat-00002.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.opensaml.opensaml-soap-api-3.3.1.redhat-00002.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-soap-api-3.3.1.redhat-00002.jar"
},
"product_reference": "org.opensaml.opensaml-soap-api-3.3.1.redhat-00002.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.opensaml.opensaml-soap-api-3.3.1.redhat-00002.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-soap-api-3.3.1.redhat-00002.pom"
},
"product_reference": "org.opensaml.opensaml-soap-api-3.3.1.redhat-00002.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.opensaml.opensaml-xacml-api-3.3.1.redhat-00002.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-api-3.3.1.redhat-00002.jar"
},
"product_reference": "org.opensaml.opensaml-xacml-api-3.3.1.redhat-00002.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.opensaml.opensaml-xacml-api-3.3.1.redhat-00002.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-api-3.3.1.redhat-00002.pom"
},
"product_reference": "org.opensaml.opensaml-xacml-api-3.3.1.redhat-00002.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.opensaml.opensaml-xacml-impl-3.3.1.redhat-00002.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-impl-3.3.1.redhat-00002.jar"
},
"product_reference": "org.opensaml.opensaml-xacml-impl-3.3.1.redhat-00002.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.opensaml.opensaml-xacml-impl-3.3.1.redhat-00002.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-impl-3.3.1.redhat-00002.pom"
},
"product_reference": "org.opensaml.opensaml-xacml-impl-3.3.1.redhat-00002.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.opensaml.opensaml-xacml-saml-api-3.3.1.redhat-00002.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-saml-api-3.3.1.redhat-00002.jar"
},
"product_reference": "org.opensaml.opensaml-xacml-saml-api-3.3.1.redhat-00002.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.opensaml.opensaml-xacml-saml-api-3.3.1.redhat-00002.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-saml-api-3.3.1.redhat-00002.pom"
},
"product_reference": "org.opensaml.opensaml-xacml-saml-api-3.3.1.redhat-00002.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.opensaml.opensaml-xacml-saml-impl-3.3.1.redhat-00002.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-saml-impl-3.3.1.redhat-00002.jar"
},
"product_reference": "org.opensaml.opensaml-xacml-saml-impl-3.3.1.redhat-00002.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.opensaml.opensaml-xacml-saml-impl-3.3.1.redhat-00002.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-saml-impl-3.3.1.redhat-00002.pom"
},
"product_reference": "org.opensaml.opensaml-xacml-saml-impl-3.3.1.redhat-00002.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.opensaml.opensaml-xmlsec-api-3.3.1.redhat-00002.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xmlsec-api-3.3.1.redhat-00002.jar"
},
"product_reference": "org.opensaml.opensaml-xmlsec-api-3.3.1.redhat-00002.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.opensaml.opensaml-xmlsec-api-3.3.1.redhat-00002.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xmlsec-api-3.3.1.redhat-00002.pom"
},
"product_reference": "org.opensaml.opensaml-xmlsec-api-3.3.1.redhat-00002.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.opensaml.opensaml-xmlsec-impl-3.3.1.redhat-00002.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xmlsec-impl-3.3.1.redhat-00002.jar"
},
"product_reference": "org.opensaml.opensaml-xmlsec-impl-3.3.1.redhat-00002.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.opensaml.opensaml-xmlsec-impl-3.3.1.redhat-00002.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xmlsec-impl-3.3.1.redhat-00002.pom"
},
"product_reference": "org.opensaml.opensaml-xmlsec-impl-3.3.1.redhat-00002.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.ow2.asm.asm-9.1.0.redhat-00002.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.ow2.asm.asm-9.1.0.redhat-00002.jar"
},
"product_reference": "org.ow2.asm.asm-9.1.0.redhat-00002.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.ow2.asm.asm-util-9.1.0.redhat-00002.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.ow2.asm.asm-util-9.1.0.redhat-00002.jar"
},
"product_reference": "org.ow2.asm.asm-util-9.1.0.redhat-00002.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.picketbox.acl-spi-5.0.3.Final-redhat-00009.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.picketbox.acl-spi-5.0.3.Final-redhat-00009.pom"
},
"product_reference": "org.picketbox.acl-spi-5.0.3.Final-redhat-00009.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.picketbox.authorization-spi-5.0.3.Final-redhat-00009.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.picketbox.authorization-spi-5.0.3.Final-redhat-00009.pom"
},
"product_reference": "org.picketbox.authorization-spi-5.0.3.Final-redhat-00009.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.picketbox.common-spi-5.0.3.Final-redhat-00009.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.picketbox.common-spi-5.0.3.Final-redhat-00009.pom"
},
"product_reference": "org.picketbox.common-spi-5.0.3.Final-redhat-00009.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.picketbox.identity-spi-5.0.3.Final-redhat-00009.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.picketbox.identity-spi-5.0.3.Final-redhat-00009.pom"
},
"product_reference": "org.picketbox.identity-spi-5.0.3.Final-redhat-00009.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.picketbox.jboss-security-spi-5.0.3.Final-redhat-00009.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.picketbox.jboss-security-spi-5.0.3.Final-redhat-00009.pom"
},
"product_reference": "org.picketbox.jboss-security-spi-5.0.3.Final-redhat-00009.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.picketbox.jbosssx-5.0.3.Final-redhat-00009.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.picketbox.jbosssx-5.0.3.Final-redhat-00009.pom"
},
"product_reference": "org.picketbox.jbosssx-5.0.3.Final-redhat-00009.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.picketbox.jbosssx-bare-5.0.3.Final-redhat-00009.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.picketbox.jbosssx-bare-5.0.3.Final-redhat-00009.pom"
},
"product_reference": "org.picketbox.jbosssx-bare-5.0.3.Final-redhat-00009.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.picketbox.picketbox-5.0.3.Final-redhat-00009.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-5.0.3.Final-redhat-00009.jar"
},
"product_reference": "org.picketbox.picketbox-5.0.3.Final-redhat-00009.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.picketbox.picketbox-5.0.3.Final-redhat-00009.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-5.0.3.Final-redhat-00009.pom"
},
"product_reference": "org.picketbox.picketbox-5.0.3.Final-redhat-00009.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.picketbox.picketbox-acl-impl-5.0.3.Final-redhat-00009.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-acl-impl-5.0.3.Final-redhat-00009.pom"
},
"product_reference": "org.picketbox.picketbox-acl-impl-5.0.3.Final-redhat-00009.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.picketbox.picketbox-bare-5.0.3.Final-redhat-00009.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-bare-5.0.3.Final-redhat-00009.pom"
},
"product_reference": "org.picketbox.picketbox-bare-5.0.3.Final-redhat-00009.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.picketbox.picketbox-commons-1.0.0.final-redhat-5.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-commons-1.0.0.final-redhat-5.jar"
},
"product_reference": "org.picketbox.picketbox-commons-1.0.0.final-redhat-5.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.picketbox.picketbox-commons-1.0.0.final-redhat-5.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-commons-1.0.0.final-redhat-5.pom"
},
"product_reference": "org.picketbox.picketbox-commons-1.0.0.final-redhat-5.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.picketbox.picketbox-identity-impl-5.0.3.Final-redhat-00009.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-identity-impl-5.0.3.Final-redhat-00009.pom"
},
"product_reference": "org.picketbox.picketbox-identity-impl-5.0.3.Final-redhat-00009.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.picketbox.picketbox-infinispan-5.0.3.Final-redhat-00009.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-infinispan-5.0.3.Final-redhat-00009.jar"
},
"product_reference": "org.picketbox.picketbox-infinispan-5.0.3.Final-redhat-00009.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.picketbox.picketbox-infinispan-5.0.3.Final-redhat-00009.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-infinispan-5.0.3.Final-redhat-00009.pom"
},
"product_reference": "org.picketbox.picketbox-infinispan-5.0.3.Final-redhat-00009.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.picketbox.picketbox-spi-bare-5.0.3.Final-redhat-00009.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-spi-bare-5.0.3.Final-redhat-00009.pom"
},
"product_reference": "org.picketbox.picketbox-spi-bare-5.0.3.Final-redhat-00009.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.picketlink.distribution.picketlink-wildfly8-2.5.5.SP12-redhat-00014.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.picketlink.distribution.picketlink-wildfly8-2.5.5.SP12-redhat-00014.jar"
},
"product_reference": "org.picketlink.distribution.picketlink-wildfly8-2.5.5.SP12-redhat-00014.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.picketlink.picketlink-api-2.5.5.SP12-redhat-00011.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-api-2.5.5.SP12-redhat-00011.jar"
},
"product_reference": "org.picketlink.picketlink-api-2.5.5.SP12-redhat-00011.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.picketlink.picketlink-api-2.5.5.SP12-redhat-00011.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-api-2.5.5.SP12-redhat-00011.pom"
},
"product_reference": "org.picketlink.picketlink-api-2.5.5.SP12-redhat-00011.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.picketlink.picketlink-common-2.5.5.SP12-redhat-00011.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-common-2.5.5.SP12-redhat-00011.jar"
},
"product_reference": "org.picketlink.picketlink-common-2.5.5.SP12-redhat-00011.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.picketlink.picketlink-common-2.5.5.SP12-redhat-00011.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-common-2.5.5.SP12-redhat-00011.pom"
},
"product_reference": "org.picketlink.picketlink-common-2.5.5.SP12-redhat-00011.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.picketlink.picketlink-config-2.5.5.SP12-redhat-00011.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-config-2.5.5.SP12-redhat-00011.jar"
},
"product_reference": "org.picketlink.picketlink-config-2.5.5.SP12-redhat-00011.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.picketlink.picketlink-config-2.5.5.SP12-redhat-00011.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-config-2.5.5.SP12-redhat-00011.pom"
},
"product_reference": "org.picketlink.picketlink-config-2.5.5.SP12-redhat-00011.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.picketlink.picketlink-federation-2.5.5.SP12-redhat-00011.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-federation-2.5.5.SP12-redhat-00011.jar"
},
"product_reference": "org.picketlink.picketlink-federation-2.5.5.SP12-redhat-00011.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.picketlink.picketlink-federation-2.5.5.SP12-redhat-00011.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-federation-2.5.5.SP12-redhat-00011.pom"
},
"product_reference": "org.picketlink.picketlink-federation-2.5.5.SP12-redhat-00011.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.picketlink.picketlink-idm-api-2.5.5.SP12-redhat-00011.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-idm-api-2.5.5.SP12-redhat-00011.jar"
},
"product_reference": "org.picketlink.picketlink-idm-api-2.5.5.SP12-redhat-00011.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.picketlink.picketlink-idm-api-2.5.5.SP12-redhat-00011.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-idm-api-2.5.5.SP12-redhat-00011.pom"
},
"product_reference": "org.picketlink.picketlink-idm-api-2.5.5.SP12-redhat-00011.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.picketlink.picketlink-idm-impl-2.5.5.SP12-redhat-00011.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-idm-impl-2.5.5.SP12-redhat-00011.jar"
},
"product_reference": "org.picketlink.picketlink-idm-impl-2.5.5.SP12-redhat-00011.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.picketlink.picketlink-idm-impl-2.5.5.SP12-redhat-00011.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-idm-impl-2.5.5.SP12-redhat-00011.pom"
},
"product_reference": "org.picketlink.picketlink-idm-impl-2.5.5.SP12-redhat-00011.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.picketlink.picketlink-idm-simple-schema-2.5.5.SP12-redhat-00011.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-idm-simple-schema-2.5.5.SP12-redhat-00011.jar"
},
"product_reference": "org.picketlink.picketlink-idm-simple-schema-2.5.5.SP12-redhat-00011.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.picketlink.picketlink-idm-simple-schema-2.5.5.SP12-redhat-00011.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-idm-simple-schema-2.5.5.SP12-redhat-00011.pom"
},
"product_reference": "org.picketlink.picketlink-idm-simple-schema-2.5.5.SP12-redhat-00011.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.picketlink.picketlink-impl-2.5.5.SP12-redhat-00011.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-impl-2.5.5.SP12-redhat-00011.jar"
},
"product_reference": "org.picketlink.picketlink-impl-2.5.5.SP12-redhat-00011.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.picketlink.picketlink-impl-2.5.5.SP12-redhat-00011.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-impl-2.5.5.SP12-redhat-00011.pom"
},
"product_reference": "org.picketlink.picketlink-impl-2.5.5.SP12-redhat-00011.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.projectodd.vdx.vdx-core-1.1.6.redhat-1.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.projectodd.vdx.vdx-core-1.1.6.redhat-1.jar"
},
"product_reference": "org.projectodd.vdx.vdx-core-1.1.6.redhat-1.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.projectodd.vdx.vdx-core-1.1.6.redhat-1.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.projectodd.vdx.vdx-core-1.1.6.redhat-1.pom"
},
"product_reference": "org.projectodd.vdx.vdx-core-1.1.6.redhat-1.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.projectodd.vdx.vdx-wildfly-1.1.6.redhat-1.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.projectodd.vdx.vdx-wildfly-1.1.6.redhat-1.jar"
},
"product_reference": "org.projectodd.vdx.vdx-wildfly-1.1.6.redhat-1.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.projectodd.vdx.vdx-wildfly-1.1.6.redhat-1.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.projectodd.vdx.vdx-wildfly-1.1.6.redhat-1.pom"
},
"product_reference": "org.projectodd.vdx.vdx-wildfly-1.1.6.redhat-1.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.reactivestreams.reactive-streams-1.0.3.redhat-00003.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.reactivestreams.reactive-streams-1.0.3.redhat-00003.jar"
},
"product_reference": "org.reactivestreams.reactive-streams-1.0.3.redhat-00003.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.slf4j.jcl-over-slf4j-1.7.30.redhat-00004.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.slf4j.jcl-over-slf4j-1.7.30.redhat-00004.pom"
},
"product_reference": "org.slf4j.jcl-over-slf4j-1.7.30.redhat-00004.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.slf4j.slf4j-api-1.7.22.redhat-2.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.slf4j.slf4j-api-1.7.22.redhat-2.jar"
},
"product_reference": "org.slf4j.slf4j-api-1.7.22.redhat-2.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.slf4j.slf4j-api-1.7.22.redhat-2.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.slf4j.slf4j-api-1.7.22.redhat-2.pom"
},
"product_reference": "org.slf4j.slf4j-api-1.7.22.redhat-2.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.slf4j.slf4j-api-1.7.30.redhat-00004.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.slf4j.slf4j-api-1.7.30.redhat-00004.pom"
},
"product_reference": "org.slf4j.slf4j-api-1.7.30.redhat-00004.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.slf4j.slf4j-ext-1.7.22.redhat-2.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.slf4j.slf4j-ext-1.7.22.redhat-2.jar"
},
"product_reference": "org.slf4j.slf4j-ext-1.7.22.redhat-2.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.slf4j.slf4j-ext-1.7.22.redhat-2.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.slf4j.slf4j-ext-1.7.22.redhat-2.pom"
},
"product_reference": "org.slf4j.slf4j-ext-1.7.22.redhat-2.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.client.wildfly-client-config-1.0.1.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.client.wildfly-client-config-1.0.1.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.client.wildfly-client-config-1.0.1.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.client.wildfly-client-config-1.0.1.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.client.wildfly-client-config-1.0.1.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.client.wildfly-client-config-1.0.1.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.common.wildfly-common-1.5.4.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.common.wildfly-common-1.5.4.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.common.wildfly-common-1.5.4.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.common.wildfly-common-1.5.4.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.common.wildfly-common-1.5.4.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.common.wildfly-common-1.5.4.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.core.wildfly-cli-15.0.18.Final-redhat-00001-client.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-cli-15.0.18.Final-redhat-00001-client.jar"
},
"product_reference": "org.wildfly.core.wildfly-cli-15.0.18.Final-redhat-00001-client.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.core.wildfly-cli-15.0.18.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-cli-15.0.18.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.core.wildfly-cli-15.0.18.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.core.wildfly-cli-15.0.18.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-cli-15.0.18.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.core.wildfly-cli-15.0.18.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.core.wildfly-controller-15.0.18.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-controller-15.0.18.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.core.wildfly-controller-15.0.18.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.core.wildfly-controller-15.0.18.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-controller-15.0.18.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.core.wildfly-controller-15.0.18.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.core.wildfly-controller-client-15.0.18.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-controller-client-15.0.18.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.core.wildfly-controller-client-15.0.18.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.core.wildfly-controller-client-15.0.18.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-controller-client-15.0.18.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.core.wildfly-controller-client-15.0.18.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.core.wildfly-core-management-client-15.0.18.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-management-client-15.0.18.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.core.wildfly-core-management-client-15.0.18.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.core.wildfly-core-management-client-15.0.18.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-management-client-15.0.18.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.core.wildfly-core-management-client-15.0.18.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.core.wildfly-core-management-subsystem-15.0.18.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-management-subsystem-15.0.18.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.core.wildfly-core-management-subsystem-15.0.18.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.core.wildfly-core-management-subsystem-15.0.18.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-management-subsystem-15.0.18.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.core.wildfly-core-management-subsystem-15.0.18.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.core.wildfly-core-security-15.0.18.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-security-15.0.18.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.core.wildfly-core-security-15.0.18.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.core.wildfly-core-security-15.0.18.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-security-15.0.18.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.core.wildfly-core-security-15.0.18.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.core.wildfly-core-security-api-15.0.18.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-security-api-15.0.18.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.core.wildfly-core-security-api-15.0.18.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.core.wildfly-core-security-api-15.0.18.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-security-api-15.0.18.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.core.wildfly-core-security-api-15.0.18.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.core.wildfly-deployment-repository-15.0.18.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-deployment-repository-15.0.18.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.core.wildfly-deployment-repository-15.0.18.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.core.wildfly-deployment-repository-15.0.18.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-deployment-repository-15.0.18.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.core.wildfly-deployment-repository-15.0.18.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.core.wildfly-deployment-scanner-15.0.18.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-deployment-scanner-15.0.18.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.core.wildfly-deployment-scanner-15.0.18.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.core.wildfly-deployment-scanner-15.0.18.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-deployment-scanner-15.0.18.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.core.wildfly-deployment-scanner-15.0.18.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.core.wildfly-discovery-15.0.18.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-discovery-15.0.18.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.core.wildfly-discovery-15.0.18.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.core.wildfly-discovery-15.0.18.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-discovery-15.0.18.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.core.wildfly-discovery-15.0.18.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.core.wildfly-domain-http-error-context-15.0.18.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-domain-http-error-context-15.0.18.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.core.wildfly-domain-http-error-context-15.0.18.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.core.wildfly-domain-http-error-context-15.0.18.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-domain-http-error-context-15.0.18.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.core.wildfly-domain-http-error-context-15.0.18.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.core.wildfly-domain-http-interface-15.0.18.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-domain-http-interface-15.0.18.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.core.wildfly-domain-http-interface-15.0.18.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.core.wildfly-domain-http-interface-15.0.18.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-domain-http-interface-15.0.18.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.core.wildfly-domain-http-interface-15.0.18.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.core.wildfly-domain-management-15.0.18.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-domain-management-15.0.18.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.core.wildfly-domain-management-15.0.18.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.core.wildfly-domain-management-15.0.18.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-domain-management-15.0.18.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.core.wildfly-domain-management-15.0.18.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.core.wildfly-elytron-integration-15.0.18.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-elytron-integration-15.0.18.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.core.wildfly-elytron-integration-15.0.18.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.core.wildfly-elytron-integration-15.0.18.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-elytron-integration-15.0.18.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.core.wildfly-elytron-integration-15.0.18.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.core.wildfly-elytron-tool-wrapper-15.0.18.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-elytron-tool-wrapper-15.0.18.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.core.wildfly-elytron-tool-wrapper-15.0.18.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.core.wildfly-elytron-tool-wrapper-15.0.18.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-elytron-tool-wrapper-15.0.18.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.core.wildfly-elytron-tool-wrapper-15.0.18.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.core.wildfly-embedded-15.0.18.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-embedded-15.0.18.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.core.wildfly-embedded-15.0.18.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.core.wildfly-embedded-15.0.18.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-embedded-15.0.18.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.core.wildfly-embedded-15.0.18.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.core.wildfly-event-logger-15.0.18.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-event-logger-15.0.18.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.core.wildfly-event-logger-15.0.18.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.core.wildfly-event-logger-15.0.18.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-event-logger-15.0.18.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.core.wildfly-event-logger-15.0.18.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.core.wildfly-host-controller-15.0.18.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-host-controller-15.0.18.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.core.wildfly-host-controller-15.0.18.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.core.wildfly-host-controller-15.0.18.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-host-controller-15.0.18.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.core.wildfly-host-controller-15.0.18.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.core.wildfly-io-15.0.18.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-io-15.0.18.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.core.wildfly-io-15.0.18.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.core.wildfly-io-15.0.18.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-io-15.0.18.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.core.wildfly-io-15.0.18.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.core.wildfly-jmx-15.0.18.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-jmx-15.0.18.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.core.wildfly-jmx-15.0.18.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.core.wildfly-jmx-15.0.18.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-jmx-15.0.18.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.core.wildfly-jmx-15.0.18.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.core.wildfly-launcher-15.0.18.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-launcher-15.0.18.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.core.wildfly-launcher-15.0.18.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.core.wildfly-launcher-15.0.18.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-launcher-15.0.18.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.core.wildfly-launcher-15.0.18.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.core.wildfly-logging-15.0.18.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-logging-15.0.18.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.core.wildfly-logging-15.0.18.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.core.wildfly-logging-15.0.18.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-logging-15.0.18.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.core.wildfly-logging-15.0.18.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.core.wildfly-management-client-content-15.0.18.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-management-client-content-15.0.18.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.core.wildfly-management-client-content-15.0.18.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.core.wildfly-management-client-content-15.0.18.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-management-client-content-15.0.18.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.core.wildfly-management-client-content-15.0.18.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.core.wildfly-network-15.0.18.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-network-15.0.18.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.core.wildfly-network-15.0.18.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.core.wildfly-network-15.0.18.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-network-15.0.18.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.core.wildfly-network-15.0.18.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.core.wildfly-patching-15.0.18.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-patching-15.0.18.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.core.wildfly-patching-15.0.18.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.core.wildfly-patching-15.0.18.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-patching-15.0.18.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.core.wildfly-patching-15.0.18.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.core.wildfly-platform-mbean-15.0.18.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-platform-mbean-15.0.18.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.core.wildfly-platform-mbean-15.0.18.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.core.wildfly-platform-mbean-15.0.18.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-platform-mbean-15.0.18.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.core.wildfly-platform-mbean-15.0.18.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.core.wildfly-process-controller-15.0.18.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-process-controller-15.0.18.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.core.wildfly-process-controller-15.0.18.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.core.wildfly-process-controller-15.0.18.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-process-controller-15.0.18.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.core.wildfly-process-controller-15.0.18.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.core.wildfly-protocol-15.0.18.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-protocol-15.0.18.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.core.wildfly-protocol-15.0.18.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.core.wildfly-protocol-15.0.18.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-protocol-15.0.18.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.core.wildfly-protocol-15.0.18.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.core.wildfly-remoting-15.0.18.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-remoting-15.0.18.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.core.wildfly-remoting-15.0.18.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.core.wildfly-remoting-15.0.18.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-remoting-15.0.18.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.core.wildfly-remoting-15.0.18.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.core.wildfly-request-controller-15.0.18.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-request-controller-15.0.18.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.core.wildfly-request-controller-15.0.18.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.core.wildfly-request-controller-15.0.18.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-request-controller-15.0.18.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.core.wildfly-request-controller-15.0.18.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.core.wildfly-security-manager-15.0.18.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-security-manager-15.0.18.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.core.wildfly-security-manager-15.0.18.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.core.wildfly-security-manager-15.0.18.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-security-manager-15.0.18.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.core.wildfly-security-manager-15.0.18.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.core.wildfly-server-15.0.18.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-server-15.0.18.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.core.wildfly-server-15.0.18.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.core.wildfly-server-15.0.18.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-server-15.0.18.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.core.wildfly-server-15.0.18.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.core.wildfly-threads-15.0.18.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-threads-15.0.18.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.core.wildfly-threads-15.0.18.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.core.wildfly-threads-15.0.18.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-threads-15.0.18.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.core.wildfly-threads-15.0.18.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.core.wildfly-version-15.0.18.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-version-15.0.18.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.core.wildfly-version-15.0.18.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.core.wildfly-version-15.0.18.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-version-15.0.18.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.core.wildfly-version-15.0.18.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.discovery.wildfly-discovery-client-1.2.1.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.discovery.wildfly-discovery-client-1.2.1.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.discovery.wildfly-discovery-client-1.2.1.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.discovery.wildfly-discovery-client-1.2.1.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.discovery.wildfly-discovery-client-1.2.1.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.discovery.wildfly-discovery-client-1.2.1.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.openssl.wildfly-openssl-java-2.2.3.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-java-2.2.3.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.openssl.wildfly-openssl-java-2.2.3.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.openssl.wildfly-openssl-java-2.2.3.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-java-2.2.3.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.openssl.wildfly-openssl-java-2.2.3.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.openssl.wildfly-openssl-linux-ppc64le-2.2.2.Final-redhat-00002.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-ppc64le-2.2.2.Final-redhat-00002.jar"
},
"product_reference": "org.wildfly.openssl.wildfly-openssl-linux-ppc64le-2.2.2.Final-redhat-00002.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.openssl.wildfly-openssl-linux-ppc64le-2.2.2.Final-redhat-00002.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-ppc64le-2.2.2.Final-redhat-00002.pom"
},
"product_reference": "org.wildfly.openssl.wildfly-openssl-linux-ppc64le-2.2.2.Final-redhat-00002.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.openssl.wildfly-openssl-linux-rhel6-x86_64-2.2.2.Final-redhat-00002.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel6-x86_64-2.2.2.Final-redhat-00002.jar"
},
"product_reference": "org.wildfly.openssl.wildfly-openssl-linux-rhel6-x86_64-2.2.2.Final-redhat-00002.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.openssl.wildfly-openssl-linux-rhel6-x86_64-2.2.2.Final-redhat-00002.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel6-x86_64-2.2.2.Final-redhat-00002.pom"
},
"product_reference": "org.wildfly.openssl.wildfly-openssl-linux-rhel6-x86_64-2.2.2.Final-redhat-00002.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.openssl.wildfly-openssl-linux-rhel7-x86_64-2.2.2.Final-redhat-00002.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel7-x86_64-2.2.2.Final-redhat-00002.jar"
},
"product_reference": "org.wildfly.openssl.wildfly-openssl-linux-rhel7-x86_64-2.2.2.Final-redhat-00002.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.openssl.wildfly-openssl-linux-rhel7-x86_64-2.2.2.Final-redhat-00002.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel7-x86_64-2.2.2.Final-redhat-00002.pom"
},
"product_reference": "org.wildfly.openssl.wildfly-openssl-linux-rhel7-x86_64-2.2.2.Final-redhat-00002.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.openssl.wildfly-openssl-linux-rhel8-x86_64-2.2.2.Final-redhat-00002.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel8-x86_64-2.2.2.Final-redhat-00002.jar"
},
"product_reference": "org.wildfly.openssl.wildfly-openssl-linux-rhel8-x86_64-2.2.2.Final-redhat-00002.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.openssl.wildfly-openssl-linux-rhel8-x86_64-2.2.2.Final-redhat-00002.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel8-x86_64-2.2.2.Final-redhat-00002.pom"
},
"product_reference": "org.wildfly.openssl.wildfly-openssl-linux-rhel8-x86_64-2.2.2.Final-redhat-00002.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.openssl.wildfly-openssl-linux-rhel9-x86_64-2.2.2.Final-redhat-00002.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel9-x86_64-2.2.2.Final-redhat-00002.jar"
},
"product_reference": "org.wildfly.openssl.wildfly-openssl-linux-rhel9-x86_64-2.2.2.Final-redhat-00002.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.openssl.wildfly-openssl-linux-rhel9-x86_64-2.2.2.Final-redhat-00002.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel9-x86_64-2.2.2.Final-redhat-00002.pom"
},
"product_reference": "org.wildfly.openssl.wildfly-openssl-linux-rhel9-x86_64-2.2.2.Final-redhat-00002.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.openssl.wildfly-openssl-linux-s390x-2.2.2.Final-redhat-00002.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-s390x-2.2.2.Final-redhat-00002.jar"
},
"product_reference": "org.wildfly.openssl.wildfly-openssl-linux-s390x-2.2.2.Final-redhat-00002.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.openssl.wildfly-openssl-linux-s390x-2.2.2.Final-redhat-00002.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-s390x-2.2.2.Final-redhat-00002.pom"
},
"product_reference": "org.wildfly.openssl.wildfly-openssl-linux-s390x-2.2.2.Final-redhat-00002.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.openssl.wildfly-openssl-windows-x86_64-2.2.2.Final-redhat-00002.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-windows-x86_64-2.2.2.Final-redhat-00002.jar"
},
"product_reference": "org.wildfly.openssl.wildfly-openssl-windows-x86_64-2.2.2.Final-redhat-00002.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.elytron-web.undertow-server-1.9.2.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.elytron-web.undertow-server-1.9.2.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.security.elytron-web.undertow-server-1.9.2.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.elytron-web.undertow-server-1.9.2.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.elytron-web.undertow-server-1.9.2.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.security.elytron-web.undertow-server-1.9.2.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.elytron-web.undertow-server-servlet-1.9.2.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.elytron-web.undertow-server-servlet-1.9.2.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.security.elytron-web.undertow-server-servlet-1.9.2.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.elytron-web.undertow-server-servlet-1.9.2.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.elytron-web.undertow-server-servlet-1.9.2.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.security.elytron-web.undertow-server-servlet-1.9.2.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-1.15.14.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-1.15.14.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.security.wildfly-elytron-1.15.14.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-1.15.14.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-1.15.14.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.security.wildfly-elytron-1.15.14.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-asn1-1.15.14.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-asn1-1.15.14.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.security.wildfly-elytron-asn1-1.15.14.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-asn1-1.15.14.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-asn1-1.15.14.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.security.wildfly-elytron-asn1-1.15.14.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-audit-1.15.14.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-audit-1.15.14.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.security.wildfly-elytron-audit-1.15.14.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-audit-1.15.14.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-audit-1.15.14.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.security.wildfly-elytron-audit-1.15.14.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-auth-1.15.14.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-1.15.14.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.security.wildfly-elytron-auth-1.15.14.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-auth-1.15.14.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-1.15.14.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.security.wildfly-elytron-auth-1.15.14.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-auth-server-1.15.14.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-1.15.14.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.security.wildfly-elytron-auth-server-1.15.14.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-auth-server-1.15.14.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-1.15.14.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.security.wildfly-elytron-auth-server-1.15.14.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-auth-server-deprecated-1.15.14.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-deprecated-1.15.14.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.security.wildfly-elytron-auth-server-deprecated-1.15.14.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-auth-server-deprecated-1.15.14.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-deprecated-1.15.14.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.security.wildfly-elytron-auth-server-deprecated-1.15.14.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-auth-server-http-1.15.14.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-http-1.15.14.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.security.wildfly-elytron-auth-server-http-1.15.14.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-auth-server-http-1.15.14.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-http-1.15.14.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.security.wildfly-elytron-auth-server-http-1.15.14.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-auth-server-sasl-1.15.14.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-sasl-1.15.14.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.security.wildfly-elytron-auth-server-sasl-1.15.14.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-auth-server-sasl-1.15.14.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-sasl-1.15.14.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.security.wildfly-elytron-auth-server-sasl-1.15.14.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-auth-util-1.15.14.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-util-1.15.14.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.security.wildfly-elytron-auth-util-1.15.14.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-auth-util-1.15.14.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-util-1.15.14.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.security.wildfly-elytron-auth-util-1.15.14.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-base-1.15.14.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-base-1.15.14.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.security.wildfly-elytron-base-1.15.14.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-base-1.15.14.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-base-1.15.14.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.security.wildfly-elytron-base-1.15.14.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-client-1.15.14.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-client-1.15.14.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.security.wildfly-elytron-client-1.15.14.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-client-1.15.14.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-client-1.15.14.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.security.wildfly-elytron-client-1.15.14.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-credential-1.15.14.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-1.15.14.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.security.wildfly-elytron-credential-1.15.14.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-credential-1.15.14.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-1.15.14.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.security.wildfly-elytron-credential-1.15.14.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-credential-source-deprecated-1.15.14.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-source-deprecated-1.15.14.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.security.wildfly-elytron-credential-source-deprecated-1.15.14.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-credential-source-deprecated-1.15.14.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-source-deprecated-1.15.14.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.security.wildfly-elytron-credential-source-deprecated-1.15.14.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-credential-source-impl-1.15.14.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-source-impl-1.15.14.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.security.wildfly-elytron-credential-source-impl-1.15.14.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-credential-source-impl-1.15.14.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-source-impl-1.15.14.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.security.wildfly-elytron-credential-source-impl-1.15.14.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-credential-store-1.15.14.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-store-1.15.14.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.security.wildfly-elytron-credential-store-1.15.14.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-credential-store-1.15.14.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-store-1.15.14.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.security.wildfly-elytron-credential-store-1.15.14.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-digest-1.15.14.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-digest-1.15.14.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.security.wildfly-elytron-digest-1.15.14.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-digest-1.15.14.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-digest-1.15.14.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.security.wildfly-elytron-digest-1.15.14.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-encryption-1.15.14.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-encryption-1.15.14.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.security.wildfly-elytron-encryption-1.15.14.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-encryption-1.15.14.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-encryption-1.15.14.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.security.wildfly-elytron-encryption-1.15.14.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-http-1.15.14.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-1.15.14.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.security.wildfly-elytron-http-1.15.14.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-http-1.15.14.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-1.15.14.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.security.wildfly-elytron-http-1.15.14.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-http-basic-1.15.14.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-basic-1.15.14.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.security.wildfly-elytron-http-basic-1.15.14.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-http-basic-1.15.14.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-basic-1.15.14.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.security.wildfly-elytron-http-basic-1.15.14.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-http-bearer-1.15.14.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-bearer-1.15.14.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.security.wildfly-elytron-http-bearer-1.15.14.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-http-bearer-1.15.14.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-bearer-1.15.14.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.security.wildfly-elytron-http-bearer-1.15.14.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-http-cert-1.15.14.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-cert-1.15.14.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.security.wildfly-elytron-http-cert-1.15.14.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-http-cert-1.15.14.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-cert-1.15.14.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.security.wildfly-elytron-http-cert-1.15.14.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-http-deprecated-1.15.14.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-deprecated-1.15.14.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.security.wildfly-elytron-http-deprecated-1.15.14.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-http-deprecated-1.15.14.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-deprecated-1.15.14.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.security.wildfly-elytron-http-deprecated-1.15.14.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-http-digest-1.15.14.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-digest-1.15.14.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.security.wildfly-elytron-http-digest-1.15.14.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-http-digest-1.15.14.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-digest-1.15.14.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.security.wildfly-elytron-http-digest-1.15.14.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-http-external-1.15.14.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-external-1.15.14.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.security.wildfly-elytron-http-external-1.15.14.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-http-external-1.15.14.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-external-1.15.14.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.security.wildfly-elytron-http-external-1.15.14.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-http-form-1.15.14.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-form-1.15.14.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.security.wildfly-elytron-http-form-1.15.14.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-http-form-1.15.14.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-form-1.15.14.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.security.wildfly-elytron-http-form-1.15.14.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-http-oidc-1.15.14.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-oidc-1.15.14.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.security.wildfly-elytron-http-oidc-1.15.14.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-http-spnego-1.15.14.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-spnego-1.15.14.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.security.wildfly-elytron-http-spnego-1.15.14.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-http-spnego-1.15.14.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-spnego-1.15.14.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.security.wildfly-elytron-http-spnego-1.15.14.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-http-sso-1.15.14.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-sso-1.15.14.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.security.wildfly-elytron-http-sso-1.15.14.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-http-sso-1.15.14.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-sso-1.15.14.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.security.wildfly-elytron-http-sso-1.15.14.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-http-stateful-basic-1.15.14.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-stateful-basic-1.15.14.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.security.wildfly-elytron-http-stateful-basic-1.15.14.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-http-stateful-basic-1.15.14.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-stateful-basic-1.15.14.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.security.wildfly-elytron-http-stateful-basic-1.15.14.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-http-util-1.15.14.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-util-1.15.14.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.security.wildfly-elytron-http-util-1.15.14.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-http-util-1.15.14.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-util-1.15.14.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.security.wildfly-elytron-http-util-1.15.14.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-jacc-1.15.14.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-jacc-1.15.14.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.security.wildfly-elytron-jacc-1.15.14.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-jacc-1.15.14.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-jacc-1.15.14.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.security.wildfly-elytron-jacc-1.15.14.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-jaspi-1.15.14.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-jaspi-1.15.14.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.security.wildfly-elytron-jaspi-1.15.14.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-jaspi-1.15.14.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-jaspi-1.15.14.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.security.wildfly-elytron-jaspi-1.15.14.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-jose-jwk-1.15.14.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-jose-jwk-1.15.14.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.security.wildfly-elytron-jose-jwk-1.15.14.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-jose-util-1.15.14.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-jose-util-1.15.14.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.security.wildfly-elytron-jose-util-1.15.14.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-json-util-1.15.14.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-json-util-1.15.14.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.security.wildfly-elytron-json-util-1.15.14.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-json-util-1.15.14.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-json-util-1.15.14.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.security.wildfly-elytron-json-util-1.15.14.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-keystore-1.15.14.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-keystore-1.15.14.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.security.wildfly-elytron-keystore-1.15.14.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-keystore-1.15.14.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-keystore-1.15.14.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.security.wildfly-elytron-keystore-1.15.14.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-mechanism-1.15.14.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-1.15.14.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.security.wildfly-elytron-mechanism-1.15.14.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-mechanism-1.15.14.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-1.15.14.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.security.wildfly-elytron-mechanism-1.15.14.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-mechanism-digest-1.15.14.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-digest-1.15.14.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.security.wildfly-elytron-mechanism-digest-1.15.14.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-mechanism-digest-1.15.14.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-digest-1.15.14.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.security.wildfly-elytron-mechanism-digest-1.15.14.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-mechanism-gssapi-1.15.14.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-gssapi-1.15.14.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.security.wildfly-elytron-mechanism-gssapi-1.15.14.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-mechanism-gssapi-1.15.14.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-gssapi-1.15.14.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.security.wildfly-elytron-mechanism-gssapi-1.15.14.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-mechanism-http-1.15.14.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-http-1.15.14.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.security.wildfly-elytron-mechanism-http-1.15.14.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-mechanism-http-1.15.14.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-http-1.15.14.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.security.wildfly-elytron-mechanism-http-1.15.14.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-mechanism-oauth2-1.15.14.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-oauth2-1.15.14.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.security.wildfly-elytron-mechanism-oauth2-1.15.14.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-mechanism-oauth2-1.15.14.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-oauth2-1.15.14.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.security.wildfly-elytron-mechanism-oauth2-1.15.14.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-mechanism-scram-1.15.14.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-scram-1.15.14.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.security.wildfly-elytron-mechanism-scram-1.15.14.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-mechanism-scram-1.15.14.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-scram-1.15.14.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.security.wildfly-elytron-mechanism-scram-1.15.14.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-password-impl-1.15.14.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-password-impl-1.15.14.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.security.wildfly-elytron-password-impl-1.15.14.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-password-impl-1.15.14.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-password-impl-1.15.14.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.security.wildfly-elytron-password-impl-1.15.14.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-permission-1.15.14.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-permission-1.15.14.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.security.wildfly-elytron-permission-1.15.14.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-permission-1.15.14.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-permission-1.15.14.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.security.wildfly-elytron-permission-1.15.14.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-provider-util-1.15.14.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-provider-util-1.15.14.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.security.wildfly-elytron-provider-util-1.15.14.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-provider-util-1.15.14.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-provider-util-1.15.14.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.security.wildfly-elytron-provider-util-1.15.14.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-realm-1.15.14.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-1.15.14.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.security.wildfly-elytron-realm-1.15.14.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-realm-1.15.14.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-1.15.14.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.security.wildfly-elytron-realm-1.15.14.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-realm-jdbc-1.15.14.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-jdbc-1.15.14.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.security.wildfly-elytron-realm-jdbc-1.15.14.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-realm-jdbc-1.15.14.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-jdbc-1.15.14.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.security.wildfly-elytron-realm-jdbc-1.15.14.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-realm-ldap-1.15.14.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-ldap-1.15.14.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.security.wildfly-elytron-realm-ldap-1.15.14.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-realm-ldap-1.15.14.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-ldap-1.15.14.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.security.wildfly-elytron-realm-ldap-1.15.14.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-realm-token-1.15.14.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-token-1.15.14.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.security.wildfly-elytron-realm-token-1.15.14.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-realm-token-1.15.14.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-token-1.15.14.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.security.wildfly-elytron-realm-token-1.15.14.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-sasl-1.15.14.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-1.15.14.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.security.wildfly-elytron-sasl-1.15.14.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-sasl-1.15.14.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-1.15.14.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.security.wildfly-elytron-sasl-1.15.14.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-sasl-anonymous-1.15.14.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-anonymous-1.15.14.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.security.wildfly-elytron-sasl-anonymous-1.15.14.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-sasl-anonymous-1.15.14.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-anonymous-1.15.14.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.security.wildfly-elytron-sasl-anonymous-1.15.14.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-sasl-auth-util-1.15.14.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-auth-util-1.15.14.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.security.wildfly-elytron-sasl-auth-util-1.15.14.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-sasl-auth-util-1.15.14.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-auth-util-1.15.14.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.security.wildfly-elytron-sasl-auth-util-1.15.14.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-sasl-deprecated-1.15.14.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-deprecated-1.15.14.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.security.wildfly-elytron-sasl-deprecated-1.15.14.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-sasl-deprecated-1.15.14.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-deprecated-1.15.14.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.security.wildfly-elytron-sasl-deprecated-1.15.14.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-sasl-digest-1.15.14.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-digest-1.15.14.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.security.wildfly-elytron-sasl-digest-1.15.14.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-sasl-digest-1.15.14.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-digest-1.15.14.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.security.wildfly-elytron-sasl-digest-1.15.14.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-sasl-entity-1.15.14.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-entity-1.15.14.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.security.wildfly-elytron-sasl-entity-1.15.14.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-sasl-entity-1.15.14.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-entity-1.15.14.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.security.wildfly-elytron-sasl-entity-1.15.14.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-sasl-external-1.15.14.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-external-1.15.14.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.security.wildfly-elytron-sasl-external-1.15.14.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-sasl-external-1.15.14.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-external-1.15.14.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.security.wildfly-elytron-sasl-external-1.15.14.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-sasl-gs2-1.15.14.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-gs2-1.15.14.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.security.wildfly-elytron-sasl-gs2-1.15.14.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-sasl-gs2-1.15.14.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-gs2-1.15.14.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.security.wildfly-elytron-sasl-gs2-1.15.14.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-sasl-gssapi-1.15.14.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-gssapi-1.15.14.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.security.wildfly-elytron-sasl-gssapi-1.15.14.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-sasl-gssapi-1.15.14.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-gssapi-1.15.14.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.security.wildfly-elytron-sasl-gssapi-1.15.14.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-sasl-localuser-1.15.14.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-localuser-1.15.14.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.security.wildfly-elytron-sasl-localuser-1.15.14.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-sasl-localuser-1.15.14.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-localuser-1.15.14.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.security.wildfly-elytron-sasl-localuser-1.15.14.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-sasl-oauth2-1.15.14.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-oauth2-1.15.14.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.security.wildfly-elytron-sasl-oauth2-1.15.14.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-sasl-oauth2-1.15.14.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-oauth2-1.15.14.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.security.wildfly-elytron-sasl-oauth2-1.15.14.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-sasl-otp-1.15.14.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-otp-1.15.14.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.security.wildfly-elytron-sasl-otp-1.15.14.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-sasl-otp-1.15.14.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-otp-1.15.14.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.security.wildfly-elytron-sasl-otp-1.15.14.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-sasl-plain-1.15.14.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-plain-1.15.14.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.security.wildfly-elytron-sasl-plain-1.15.14.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-sasl-plain-1.15.14.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-plain-1.15.14.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.security.wildfly-elytron-sasl-plain-1.15.14.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-sasl-scram-1.15.14.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-scram-1.15.14.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.security.wildfly-elytron-sasl-scram-1.15.14.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-sasl-scram-1.15.14.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-scram-1.15.14.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.security.wildfly-elytron-sasl-scram-1.15.14.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-security-manager-1.15.14.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-security-manager-1.15.14.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.security.wildfly-elytron-security-manager-1.15.14.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-security-manager-1.15.14.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-security-manager-1.15.14.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.security.wildfly-elytron-security-manager-1.15.14.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-security-manager-action-1.15.14.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-security-manager-action-1.15.14.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.security.wildfly-elytron-security-manager-action-1.15.14.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-security-manager-action-1.15.14.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-security-manager-action-1.15.14.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.security.wildfly-elytron-security-manager-action-1.15.14.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-ssl-1.15.14.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-ssl-1.15.14.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.security.wildfly-elytron-ssl-1.15.14.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-ssl-1.15.14.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-ssl-1.15.14.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.security.wildfly-elytron-ssl-1.15.14.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-tool-1.15.14.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-tool-1.15.14.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.security.wildfly-elytron-tool-1.15.14.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-tool-1.15.14.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-tool-1.15.14.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.security.wildfly-elytron-tool-1.15.14.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-util-1.15.14.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-util-1.15.14.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.security.wildfly-elytron-util-1.15.14.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-util-1.15.14.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-util-1.15.14.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.security.wildfly-elytron-util-1.15.14.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-x500-1.15.14.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-1.15.14.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.security.wildfly-elytron-x500-1.15.14.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-x500-1.15.14.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-1.15.14.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.security.wildfly-elytron-x500-1.15.14.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-x500-cert-1.15.14.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-cert-1.15.14.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.security.wildfly-elytron-x500-cert-1.15.14.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-x500-cert-1.15.14.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-cert-1.15.14.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.security.wildfly-elytron-x500-cert-1.15.14.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-x500-cert-acme-1.15.14.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-cert-acme-1.15.14.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.security.wildfly-elytron-x500-cert-acme-1.15.14.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-x500-cert-acme-1.15.14.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-cert-acme-1.15.14.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.security.wildfly-elytron-x500-cert-acme-1.15.14.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-x500-cert-util-1.15.14.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-cert-util-1.15.14.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.security.wildfly-elytron-x500-cert-util-1.15.14.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-x500-cert-util-1.15.14.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-cert-util-1.15.14.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.security.wildfly-elytron-x500-cert-util-1.15.14.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-x500-deprecated-1.15.14.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-deprecated-1.15.14.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.security.wildfly-elytron-x500-deprecated-1.15.14.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-x500-deprecated-1.15.14.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-deprecated-1.15.14.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.security.wildfly-elytron-x500-deprecated-1.15.14.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-x500-principal-1.15.14.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-principal-1.15.14.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.security.wildfly-elytron-x500-principal-1.15.14.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.security.wildfly-elytron-x500-principal-1.15.14.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-principal-1.15.14.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.security.wildfly-elytron-x500-principal-1.15.14.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.transaction.wildfly-transaction-client-1.1.15.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.transaction.wildfly-transaction-client-1.1.15.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.transaction.wildfly-transaction-client-1.1.15.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.transaction.wildfly-transaction-client-1.1.15.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.transaction.wildfly-transaction-client-1.1.15.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.transaction.wildfly-transaction-client-1.1.15.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.wildfly-http-client.wildfly-http-client-common-1.1.13.SP1-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-client-common-1.1.13.SP1-redhat-00001.jar"
},
"product_reference": "org.wildfly.wildfly-http-client.wildfly-http-client-common-1.1.13.SP1-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.wildfly-http-client.wildfly-http-client-common-1.1.13.SP1-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-client-common-1.1.13.SP1-redhat-00001.pom"
},
"product_reference": "org.wildfly.wildfly-http-client.wildfly-http-client-common-1.1.13.SP1-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.wildfly-http-client.wildfly-http-ejb-client-1.1.13.SP1-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-ejb-client-1.1.13.SP1-redhat-00001.jar"
},
"product_reference": "org.wildfly.wildfly-http-client.wildfly-http-ejb-client-1.1.13.SP1-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.wildfly-http-client.wildfly-http-ejb-client-1.1.13.SP1-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-ejb-client-1.1.13.SP1-redhat-00001.pom"
},
"product_reference": "org.wildfly.wildfly-http-client.wildfly-http-ejb-client-1.1.13.SP1-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.wildfly-http-client.wildfly-http-naming-client-1.1.13.SP1-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-naming-client-1.1.13.SP1-redhat-00001.jar"
},
"product_reference": "org.wildfly.wildfly-http-client.wildfly-http-naming-client-1.1.13.SP1-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.wildfly-http-client.wildfly-http-naming-client-1.1.13.SP1-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-naming-client-1.1.13.SP1-redhat-00001.pom"
},
"product_reference": "org.wildfly.wildfly-http-client.wildfly-http-naming-client-1.1.13.SP1-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.wildfly-http-client.wildfly-http-transaction-client-1.1.13.SP1-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-transaction-client-1.1.13.SP1-redhat-00001.jar"
},
"product_reference": "org.wildfly.wildfly-http-client.wildfly-http-transaction-client-1.1.13.SP1-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.wildfly-http-client.wildfly-http-transaction-client-1.1.13.SP1-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-transaction-client-1.1.13.SP1-redhat-00001.pom"
},
"product_reference": "org.wildfly.wildfly-http-client.wildfly-http-transaction-client-1.1.13.SP1-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.wildfly-naming-client-1.0.14.Final-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-naming-client-1.0.14.Final-redhat-00001.jar"
},
"product_reference": "org.wildfly.wildfly-naming-client-1.0.14.Final-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.wildfly.wildfly-naming-client-1.0.14.Final-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-naming-client-1.0.14.Final-redhat-00001.pom"
},
"product_reference": "org.wildfly.wildfly-naming-client-1.0.14.Final-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.yaml.snakeyaml-1.31.0.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.yaml.snakeyaml-1.31.0.redhat-00001.jar"
},
"product_reference": "org.yaml.snakeyaml-1.31.0.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "org.yaml.snakeyaml-1.31.0.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :org.yaml.snakeyaml-1.31.0.redhat-00001.pom"
},
"product_reference": "org.yaml.snakeyaml-1.31.0.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wsdl4j.wsdl4j-1.6.3.redhat-2.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :wsdl4j.wsdl4j-1.6.3.redhat-2.jar"
},
"product_reference": "wsdl4j.wsdl4j-1.6.3.redhat-2.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wsdl4j.wsdl4j-1.6.3.redhat-2.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :wsdl4j.wsdl4j-1.6.3.redhat-2.pom"
},
"product_reference": "wsdl4j.wsdl4j-1.6.3.redhat-2.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xalan.serializer-2.7.1.redhat-00013.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :xalan.serializer-2.7.1.redhat-00013.jar"
},
"product_reference": "xalan.serializer-2.7.1.redhat-00013.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xalan.serializer-2.7.1.redhat-00013.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :xalan.serializer-2.7.1.redhat-00013.pom"
},
"product_reference": "xalan.serializer-2.7.1.redhat-00013.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xalan.xalan-2.7.1.redhat-00013.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :xalan.xalan-2.7.1.redhat-00013.jar"
},
"product_reference": "xalan.xalan-2.7.1.redhat-00013.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xalan.xalan-2.7.1.redhat-00013.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :xalan.xalan-2.7.1.redhat-00013.pom"
},
"product_reference": "xalan.xalan-2.7.1.redhat-00013.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xerces.xercesImpl-2.12.0.SP04-redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :xerces.xercesImpl-2.12.0.SP04-redhat-00001.jar"
},
"product_reference": "xerces.xercesImpl-2.12.0.SP04-redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xerces.xercesImpl-2.12.0.SP04-redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :xerces.xercesImpl-2.12.0.SP04-redhat-00001.pom"
},
"product_reference": "xerces.xercesImpl-2.12.0.SP04-redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xml-resolver.xml-resolver-1.2.0.redhat-12.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :xml-resolver.xml-resolver-1.2.0.redhat-12.jar"
},
"product_reference": "xml-resolver.xml-resolver-1.2.0.redhat-12.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xml-resolver.xml-resolver-1.2.0.redhat-12.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :xml-resolver.xml-resolver-1.2.0.redhat-12.pom"
},
"product_reference": "xml-resolver.xml-resolver-1.2.0.redhat-12.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xom.xom-1.3.7.redhat-00001.jar as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :xom.xom-1.3.7.redhat-00001.jar"
},
"product_reference": "xom.xom-1.3.7.redhat-00001.jar",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xom.xom-1.3.7.redhat-00001.pom as a component of Red Hat JBoss Enterprise Application Platform ",
"product_id": "Red Hat JBoss Enterprise Application Platform :xom.xom-1.3.7.redhat-00001.pom"
},
"product_reference": "xom.xom-1.3.7.redhat-00001.pom",
"relates_to_product_reference": "Red Hat JBoss Enterprise Application Platform "
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-1259",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2022-04-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform :@babel.code-frame-7.0.0",
"Red Hat JBoss Enterprise Application Platform :@babel.core-7.4.5",
"Red Hat JBoss Enterprise Application Platform :@babel.generator-7.4.4",
"Red Hat JBoss Enterprise Application Platform :@babel.helper-function-name-7.1.0",
"Red Hat JBoss Enterprise Application Platform :@babel.helper-get-function-arity-7.0.0",
"Red Hat JBoss Enterprise Application Platform :@babel.helper-split-export-declaration-7.4.4",
"Red Hat JBoss Enterprise Application Platform :@babel.helpers-7.4.4",
"Red Hat JBoss Enterprise Application Platform :@babel.highlight-7.0.0",
"Red Hat JBoss Enterprise Application Platform :@babel.parser-7.4.5",
"Red Hat JBoss Enterprise Application Platform :@babel.template-7.4.4",
"Red Hat JBoss Enterprise Application Platform :@babel.traverse-7.4.5",
"Red Hat JBoss Enterprise Application Platform :@babel.types-7.4.4",
"Red Hat JBoss Enterprise Application Platform :@mrmlnc.readdir-enhanced-2.2.1",
"Red Hat JBoss Enterprise Application Platform :@nodelib.fs.stat-1.1.3",
"Red Hat JBoss Enterprise Application Platform :@types.c3-0.6.0",
"Red Hat JBoss Enterprise Application Platform :@types.d3-4.13.0",
"Red Hat JBoss Enterprise Application Platform :@types.d3-array-1.2.1",
"Red Hat JBoss Enterprise Application Platform :@types.d3-axis-1.0.10",
"Red Hat JBoss Enterprise Application Platform :@types.d3-brush-1.0.8",
"Red Hat JBoss Enterprise Application Platform :@types.d3-chord-1.0.7",
"Red Hat JBoss Enterprise Application Platform :@types.d3-collection-1.0.7",
"Red Hat JBoss Enterprise Application Platform :@types.d3-color-1.2.1",
"Red Hat JBoss Enterprise Application Platform :@types.d3-dispatch-1.0.6",
"Red Hat JBoss Enterprise Application Platform :@types.d3-drag-1.2.1",
"Red Hat JBoss Enterprise Application Platform :@types.d3-dsv-1.0.33",
"Red Hat JBoss Enterprise Application Platform :@types.d3-ease-1.0.7",
"Red Hat JBoss Enterprise Application Platform :@types.d3-force-1.1.1",
"Red Hat JBoss Enterprise Application Platform :@types.d3-format-1.3.0",
"Red Hat JBoss Enterprise Application Platform :@types.d3-geo-1.10.3",
"Red Hat JBoss Enterprise Application Platform :@types.d3-hierarchy-1.1.2",
"Red Hat JBoss Enterprise Application Platform :@types.d3-interpolate-1.2.0",
"Red Hat JBoss Enterprise Application Platform :@types.d3-path-1.0.7",
"Red Hat JBoss Enterprise Application Platform :@types.d3-polygon-1.0.6",
"Red Hat JBoss Enterprise Application Platform :@types.d3-quadtree-1.0.5",
"Red Hat JBoss Enterprise Application Platform :@types.d3-queue-3.0.6",
"Red Hat JBoss Enterprise Application Platform :@types.d3-random-1.1.1",
"Red Hat JBoss Enterprise Application Platform :@types.d3-request-1.0.2",
"Red Hat JBoss Enterprise Application Platform :@types.d3-scale-1.0.13",
"Red Hat JBoss Enterprise Application Platform :@types.d3-selection-1.3.1",
"Red Hat JBoss Enterprise Application Platform :@types.d3-shape-1.2.3",
"Red Hat JBoss Enterprise Application Platform :@types.d3-time-1.0.8",
"Red Hat JBoss Enterprise Application Platform :@types.d3-time-format-2.1.0",
"Red Hat JBoss Enterprise Application Platform :@types.d3-timer-1.0.7",
"Red Hat JBoss Enterprise Application Platform :@types.d3-transition-1.1.1",
"Red Hat JBoss Enterprise Application Platform :@types.d3-voronoi-1.1.7",
"Red Hat JBoss Enterprise Application Platform :@types.d3-zoom-1.7.1",
"Red Hat JBoss Enterprise Application Platform :@types.events-3.0.0",
"Red Hat JBoss Enterprise Application Platform :@types.geojson-7946.0.3",
"Red Hat JBoss Enterprise Application Platform :@types.glob-7.1.1",
"Red Hat JBoss Enterprise Application Platform :@types.minimatch-3.0.3",
"Red Hat JBoss Enterprise Application Platform :@types.node-12.0.10",
"Red Hat JBoss Enterprise Application Platform :@types.unist-2.0.3",
"Red Hat JBoss Enterprise Application Platform :@types.vfile-3.0.2",
"Red Hat JBoss Enterprise Application Platform :@types.vfile-message-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.abab-1.0.4",
"Red Hat JBoss Enterprise Application Platform :None.abbrev-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.abstract-leveldown-6.0.3",
"Red Hat JBoss Enterprise Application Platform :None.ace-builds-1.4.5",
"Red Hat JBoss Enterprise Application Platform :None.acorn-2.7.0",
"Red Hat JBoss Enterprise Application Platform :None.acorn-globals-1.0.9",
"Red Hat JBoss Enterprise Application Platform :None.ajv-6.10.0",
"Red Hat JBoss Enterprise Application Platform :None.amdefine-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.ansi-regex-2.1.1",
"Red Hat JBoss Enterprise Application Platform :None.ansi-regex-4.1.0",
"Red Hat JBoss Enterprise Application Platform :None.ansi-styles-2.2.1",
"Red Hat JBoss Enterprise Application Platform :None.ansi-styles-3.2.1",
"Red Hat JBoss Enterprise Application Platform :None.aproba-1.2.0",
"Red Hat JBoss Enterprise Application Platform :None.are-we-there-yet-1.1.5",
"Red Hat JBoss Enterprise Application Platform :None.argparse-1.0.10",
"Red Hat JBoss Enterprise Application Platform :None.argsarray-0.0.1",
"Red Hat JBoss Enterprise Application Platform :None.arr-diff-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.arr-flatten-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.arr-union-3.1.0",
"Red Hat JBoss Enterprise Application Platform :None.array-each-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.array-find-index-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.array-slice-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.array-union-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.array-uniq-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.array-unique-0.3.2",
"Red Hat JBoss Enterprise Application Platform :None.arrify-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.artemis-service.exe-None",
"Red Hat JBoss Enterprise Application Platform :None.asap-2.0.6",
"Red Hat JBoss Enterprise Application Platform :None.asn1-0.2.4",
"Red Hat JBoss Enterprise Application Platform :None.assert-plus-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.assign-symbols-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.astral-regex-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.async-1.5.2",
"Red Hat JBoss Enterprise Application Platform :None.async-2.6.2",
"Red Hat JBoss Enterprise Application Platform :None.asynckit-0.4.0",
"Red Hat JBoss Enterprise Application Platform :None.atob-2.1.2",
"Red Hat JBoss Enterprise Application Platform :None.autocompleter-4.0.2",
"Red Hat JBoss Enterprise Application Platform :None.autoprefixer-9.6.0",
"Red Hat JBoss Enterprise Application Platform :None.aws-sign2-0.7.0",
"Red Hat JBoss Enterprise Application Platform :None.aws4-1.8.0",
"Red Hat JBoss Enterprise Application Platform :None.babel-code-frame-6.26.0",
"Red Hat JBoss Enterprise Application Platform :None.babel-generator-6.26.1",
"Red Hat JBoss Enterprise Application Platform :None.babel-messages-6.23.0",
"Red Hat JBoss Enterprise Application Platform :None.babel-runtime-6.26.0",
"Red Hat JBoss Enterprise Application Platform :None.babel-traverse-6.26.0",
"Red Hat JBoss Enterprise Application Platform :None.babel-types-6.26.0",
"Red Hat JBoss Enterprise Application Platform :None.babylon-6.18.0",
"Red Hat JBoss Enterprise Application Platform :None.bail-1.0.4",
"Red Hat JBoss Enterprise Application Platform :None.balanced-match-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.base-0.11.2",
"Red Hat JBoss Enterprise Application Platform :None.bcrypt-pbkdf-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.body-5.1.0",
"Red Hat JBoss Enterprise Application Platform :None.boolbase-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-3.3.7",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-3.4.1",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-datepicker-1.8.0",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-datepicker-1.9.0",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-sass-3.4.1",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-select-1.12.2",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-select-1.13.10",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-slider-10.6.1",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-slider-9.10.0",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-switch-3.3.4",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-switch-3.3.5",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-touchspin-3.1.1",
"Red Hat JBoss Enterprise Application Platform :None.brace-expansion-1.1.11",
"Red Hat JBoss Enterprise Application Platform :None.braces-2.3.2",
"Red Hat JBoss Enterprise Application Platform :None.braces-3.0.2",
"Red Hat JBoss Enterprise Application Platform :None.browserslist-4.6.3",
"Red Hat JBoss Enterprise Application Platform :None.buffer-from-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.bytes-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.c3-0.4.23",
"Red Hat JBoss Enterprise Application Platform :None.c3-0.7.1",
"Red Hat JBoss Enterprise Application Platform :None.cache-base-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.call-me-maybe-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.caller-callsite-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.caller-path-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.callsites-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.camelcase-2.1.1",
"Red Hat JBoss Enterprise Application Platform :None.camelcase-4.1.0",
"Red Hat JBoss Enterprise Application Platform :None.camelcase-keys-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.camelcase-keys-4.2.0",
"Red Hat JBoss Enterprise Application Platform :None.caniuse-lite-1.0.30000978",
"Red Hat JBoss Enterprise Application Platform :None.caseless-0.12.0",
"Red Hat JBoss Enterprise Application Platform :None.ccount-1.0.4",
"Red Hat JBoss Enterprise Application Platform :None.chalk-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.chalk-2.4.2",
"Red Hat JBoss Enterprise Application Platform :None.character-entities-1.2.3",
"Red Hat JBoss Enterprise Application Platform :None.character-entities-html4-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.character-entities-legacy-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.character-reference-invalid-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.cheerio-0.20.0",
"Red Hat JBoss Enterprise Application Platform :None.cheerio-1.0.0-rc.2",
"Red Hat JBoss Enterprise Application Platform :None.chownr-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.class-utils-0.3.6",
"Red Hat JBoss Enterprise Application Platform :None.clean-css-4.2.1",
"Red Hat JBoss Enterprise Application Platform :None.clipboard-2.0.11",
"Red Hat JBoss Enterprise Application Platform :None.clone-2.1.2",
"Red Hat JBoss Enterprise Application Platform :None.clone-buffer-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.clone-regexp-2.2.0",
"Red Hat JBoss Enterprise Application Platform :None.code-point-at-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.coffeescript-1.10.0",
"Red Hat JBoss Enterprise Application Platform :None.collapse-white-space-1.0.5",
"Red Hat JBoss Enterprise Application Platform :None.collection-visit-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.color-convert-1.9.3",
"Red Hat JBoss Enterprise Application Platform :None.color-logger-0.0.3",
"Red Hat JBoss Enterprise Application Platform :None.color-logger-0.0.6",
"Red Hat JBoss Enterprise Application Platform :None.color-name-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.colors-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.combined-stream-1.0.8",
"Red Hat JBoss Enterprise Application Platform :None.commander-2.20.0",
"Red Hat JBoss Enterprise Application Platform :None.component-emitter-1.3.0",
"Red Hat JBoss Enterprise Application Platform :None.concat-map-0.0.1",
"Red Hat JBoss Enterprise Application Platform :None.console-control-strings-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.continuable-cache-0.3.1",
"Red Hat JBoss Enterprise Application Platform :None.convert-source-map-1.6.0",
"Red Hat JBoss Enterprise Application Platform :None.copy-descriptor-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.core-js-0.9.18",
"Red Hat JBoss Enterprise Application Platform :None.core-js-2.6.9",
"Red Hat JBoss Enterprise Application Platform :None.core-util-is-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.cosmiconfig-5.2.1",
"Red Hat JBoss Enterprise Application Platform :None.css-2.2.4",
"Red Hat JBoss Enterprise Application Platform :None.css-parse-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.css-select-1.2.0",
"Red Hat JBoss Enterprise Application Platform :None.css-unit-converter-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.css-what-2.1.3",
"Red Hat JBoss Enterprise Application Platform :None.cssom-0.3.6",
"Red Hat JBoss Enterprise Application Platform :None.cssstyle-0.2.37",
"Red Hat JBoss Enterprise Application Platform :None.currently-unhandled-0.4.1",
"Red Hat JBoss Enterprise Application Platform :None.d3-3.5.17",
"Red Hat JBoss Enterprise Application Platform :None.d3-5.9.2",
"Red Hat JBoss Enterprise Application Platform :None.d3-array-1.2.4",
"Red Hat JBoss Enterprise Application Platform :None.d3-axis-1.0.12",
"Red Hat JBoss Enterprise Application Platform :None.d3-brush-1.0.6",
"Red Hat JBoss Enterprise Application Platform :None.d3-chord-1.0.6",
"Red Hat JBoss Enterprise Application Platform :None.d3-collection-1.0.7",
"Red Hat JBoss Enterprise Application Platform :None.d3-color-1.2.3",
"Red Hat JBoss Enterprise Application Platform :None.d3-contour-1.3.2",
"Red Hat JBoss Enterprise Application Platform :None.d3-dispatch-1.0.5",
"Red Hat JBoss Enterprise Application Platform :None.d3-drag-1.2.3",
"Red Hat JBoss Enterprise Application Platform :None.d3-dsv-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.d3-ease-1.0.5",
"Red Hat JBoss Enterprise Application Platform :None.d3-fetch-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.d3-force-1.2.1",
"Red Hat JBoss Enterprise Application Platform :None.d3-format-1.3.2",
"Red Hat JBoss Enterprise Application Platform :None.d3-geo-1.11.6",
"Red Hat JBoss Enterprise Application Platform :None.d3-hierarchy-1.1.8",
"Red Hat JBoss Enterprise Application Platform :None.d3-interpolate-1.3.2",
"Red Hat JBoss Enterprise Application Platform :None.d3-path-1.0.7",
"Red Hat JBoss Enterprise Application Platform :None.d3-polygon-1.0.5",
"Red Hat JBoss Enterprise Application Platform :None.d3-quadtree-1.0.6",
"Red Hat JBoss Enterprise Application Platform :None.d3-random-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.d3-scale-2.2.2",
"Red Hat JBoss Enterprise Application Platform :None.d3-scale-chromatic-1.3.3",
"Red Hat JBoss Enterprise Application Platform :None.d3-selection-1.4.0",
"Red Hat JBoss Enterprise Application Platform :None.d3-shape-1.3.5",
"Red Hat JBoss Enterprise Application Platform :None.d3-time-1.0.11",
"Red Hat JBoss Enterprise Application Platform :None.d3-time-format-2.1.3",
"Red Hat JBoss Enterprise Application Platform :None.d3-timer-1.0.9",
"Red Hat JBoss Enterprise Application Platform :None.d3-transition-1.2.0",
"Red Hat JBoss Enterprise Application Platform :None.d3-voronoi-1.1.4",
"Red Hat JBoss Enterprise Application Platform :None.d3-zoom-1.7.3",
"Red Hat JBoss Enterprise Application Platform :None.dashdash-1.14.1",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-1.10.16",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-1.10.19",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-bs-1.10.16",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-buttons-1.5.6",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-colreorder-1.4.1",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-colreorder-bs-1.3.3",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-keytable-2.5.0",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-select-1.2.7",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-select-1.3.0",
"Red Hat JBoss Enterprise Application Platform :None.dateformat-1.0.12",
"Red Hat JBoss Enterprise Application Platform :None.debug-2.6.9",
"Red Hat JBoss Enterprise Application Platform :None.debug-3.2.6",
"Red Hat JBoss Enterprise Application Platform :None.debug-4.1.1",
"Red Hat JBoss Enterprise Application Platform :None.decamelize-1.2.0",
"Red Hat JBoss Enterprise Application Platform :None.decamelize-keys-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.decode-uri-component-0.2.0",
"Red Hat JBoss Enterprise Application Platform :None.deep-is-0.1.3",
"Red Hat JBoss Enterprise Application Platform :None.deferred-leveldown-5.0.1",
"Red Hat JBoss Enterprise Application Platform :None.define-property-0.2.5",
"Red Hat JBoss Enterprise Application Platform :None.define-property-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.define-property-2.0.2",
"Red Hat JBoss Enterprise Application Platform :None.delayed-stream-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.delegate-3.2.0",
"Red Hat JBoss Enterprise Application Platform :None.delegates-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.detect-file-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.detect-indent-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.diff-3.5.0",
"Red Hat JBoss Enterprise Application Platform :None.dir-glob-2.2.2",
"Red Hat JBoss Enterprise Application Platform :None.dom-serializer-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.domelementtype-1.3.1",
"Red Hat JBoss Enterprise Application Platform :None.domhandler-2.3.0",
"Red Hat JBoss Enterprise Application Platform :None.domhandler-2.4.2",
"Red Hat JBoss Enterprise Application Platform :None.domutils-1.5.1",
"Red Hat JBoss Enterprise Application Platform :None.dot-prop-4.2.0",
"Red Hat JBoss Enterprise Application Platform :None.double-ended-queue-2.1.0-0",
"Red Hat JBoss Enterprise Application Platform :None.drmonty-datatables-colvis-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.duplexer-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.ecc-jsbn-0.1.2",
"Red Hat JBoss Enterprise Application Platform :None.electron-to-chromium-1.3.174",
"Red Hat JBoss Enterprise Application Platform :None.emoji-regex-7.0.3",
"Red Hat JBoss Enterprise Application Platform :None.emoji-regex-8.0.0",
"Red Hat JBoss Enterprise Application Platform :None.encoding-down-6.1.0",
"Red Hat JBoss Enterprise Application Platform :None.end-stream-0.1.0",
"Red Hat JBoss Enterprise Application Platform :None.entities-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.entities-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.env-paths-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.eonasdan-bootstrap-datetimepicker-4.17.47",
"Red Hat JBoss Enterprise Application Platform :None.errno-0.1.7",
"Red Hat JBoss Enterprise Application Platform :None.error-7.0.2",
"Red Hat JBoss Enterprise Application Platform :None.error-ex-1.3.2",
"Red Hat JBoss Enterprise Application Platform :None.es6-denodeify-0.1.5",
"Red Hat JBoss Enterprise Application Platform :None.escape-html-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.escape-html-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.escape-string-regexp-1.0.5",
"Red Hat JBoss Enterprise Application Platform :None.escodegen-1.11.1",
"Red Hat JBoss Enterprise Application Platform :None.escodegen-1.7.0",
"Red Hat JBoss Enterprise Application Platform :None.esdoc-0.4.8",
"Red Hat JBoss Enterprise Application Platform :None.esdoc-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.espree-2.2.0",
"Red Hat JBoss Enterprise Application Platform :None.esprima-1.2.5",
"Red Hat JBoss Enterprise Application Platform :None.esprima-3.1.3",
"Red Hat JBoss Enterprise Application Platform :None.esprima-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.estraverse-1.9.3",
"Red Hat JBoss Enterprise Application Platform :None.estraverse-4.1.0",
"Red Hat JBoss Enterprise Application Platform :None.estraverse-4.2.0",
"Red Hat JBoss Enterprise Application Platform :None.esutils-2.0.2",
"Red Hat JBoss Enterprise Application Platform :None.eventemitter2-0.4.14",
"Red Hat JBoss Enterprise Application Platform :None.execall-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.exit-0.1.2",
"Red Hat JBoss Enterprise Application Platform :None.expand-brackets-2.1.4",
"Red Hat JBoss Enterprise Application Platform :None.expand-tilde-2.0.2",
"Red Hat JBoss Enterprise Application Platform :None.extend-3.0.2",
"Red Hat JBoss Enterprise Application Platform :None.extend-shallow-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.extend-shallow-3.0.2",
"Red Hat JBoss Enterprise Application Platform :None.extglob-2.0.4",
"Red Hat JBoss Enterprise Application Platform :None.extsprintf-1.3.0",
"Red Hat JBoss Enterprise Application Platform :None.fast-deep-equal-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.fast-future-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.fast-glob-2.2.7",
"Red Hat JBoss Enterprise Application Platform :None.fast-json-stable-stringify-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.fast-levenshtein-1.0.7",
"Red Hat JBoss Enterprise Application Platform :None.fast-levenshtein-2.0.6",
"Red Hat JBoss Enterprise Application Platform :None.faye-websocket-0.10.0",
"Red Hat JBoss Enterprise Application Platform :None.fetch-cookie-0.7.0",
"Red Hat JBoss Enterprise Application Platform :None.figures-1.7.0",
"Red Hat JBoss Enterprise Application Platform :None.file-entry-cache-5.0.1",
"Red Hat JBoss Enterprise Application Platform :None.file-sync-cmp-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.fill-range-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.fill-range-7.0.1",
"Red Hat JBoss Enterprise Application Platform :None.find-up-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.find-up-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.findup-sync-0.3.0",
"Red Hat JBoss Enterprise Application Platform :None.findup-sync-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.fined-1.2.0",
"Red Hat JBoss Enterprise Application Platform :None.flagged-respawn-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.flat-cache-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.flatted-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.font-awesome-4.7.0",
"Red Hat JBoss Enterprise Application Platform :None.font-awesome-sass-4.7.0",
"Red Hat JBoss Enterprise Application Platform :None.for-in-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.for-own-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.forever-agent-0.6.1",
"Red Hat JBoss Enterprise Application Platform :None.form-data-2.3.3",
"Red Hat JBoss Enterprise Application Platform :None.fragment-cache-0.2.1",
"Red Hat JBoss Enterprise Application Platform :None.fs-extra-0.26.5",
"Red Hat JBoss Enterprise Application Platform :None.fs-extra-5.0.0",
"Red Hat JBoss Enterprise Application Platform :None.fs-minipass-1.2.6",
"Red Hat JBoss Enterprise Application Platform :None.fs.realpath-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.gauge-2.7.4",
"Red Hat JBoss Enterprise Application Platform :None.gaze-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.get-stdin-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.get-stdin-7.0.0",
"Red Hat JBoss Enterprise Application Platform :None.get-value-2.0.6",
"Red Hat JBoss Enterprise Application Platform :None.getobject-0.1.0",
"Red Hat JBoss Enterprise Application Platform :None.getpass-0.1.7",
"Red Hat JBoss Enterprise Application Platform :None.glob-5.0.15",
"Red Hat JBoss Enterprise Application Platform :None.glob-7.0.6",
"Red Hat JBoss Enterprise Application Platform :None.glob-7.1.4",
"Red Hat JBoss Enterprise Application Platform :None.glob-parent-3.1.0",
"Red Hat JBoss Enterprise Application Platform :None.glob-to-regexp-0.3.0",
"Red Hat JBoss Enterprise Application Platform :None.global-modules-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.global-modules-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.global-prefix-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.global-prefix-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.globals-11.12.0",
"Red Hat JBoss Enterprise Application Platform :None.globals-9.18.0",
"Red Hat JBoss Enterprise Application Platform :None.globby-9.2.0",
"Red Hat JBoss Enterprise Application Platform :None.globjoin-0.1.4",
"Red Hat JBoss Enterprise Application Platform :None.globule-1.2.1",
"Red Hat JBoss Enterprise Application Platform :None.gonzales-pe-4.2.4",
"Red Hat JBoss Enterprise Application Platform :None.good-listener-1.2.2",
"Red Hat JBoss Enterprise Application Platform :None.google-code-prettify-1.0.5",
"Red Hat JBoss Enterprise Application Platform :None.graceful-fs-4.1.15",
"Red Hat JBoss Enterprise Application Platform :None.grunt-1.0.4",
"Red Hat JBoss Enterprise Application Platform :None.grunt-cli-1.2.0",
"Red Hat JBoss Enterprise Application Platform :None.grunt-cli-1.3.2",
"Red Hat JBoss Enterprise Application Platform :None.grunt-contrib-clean-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.grunt-contrib-concat-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.grunt-contrib-copy-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.grunt-contrib-cssmin-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.grunt-contrib-less-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.grunt-contrib-watch-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.grunt-css-count-0.3.2",
"Red Hat JBoss Enterprise Application Platform :None.grunt-esdoc-0.0.4",
"Red Hat JBoss Enterprise Application Platform :None.grunt-known-options-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.grunt-legacy-log-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.grunt-legacy-log-utils-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.grunt-legacy-util-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.grunt-postcss-0.9.0",
"Red Hat JBoss Enterprise Application Platform :None.grunt-stylelint-0.11.0",
"Red Hat JBoss Enterprise Application Platform :None.gzip-size-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.har-schema-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.har-validator-5.1.3",
"Red Hat JBoss Enterprise Application Platform :None.has-ansi-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.has-flag-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.has-unicode-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.has-value-0.3.1",
"Red Hat JBoss Enterprise Application Platform :None.has-value-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.has-values-0.1.4",
"Red Hat JBoss Enterprise Application Platform :None.has-values-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.homedir-polyfill-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.hooker-0.2.3",
"Red Hat JBoss Enterprise Application Platform :None.hosted-git-info-2.7.1",
"Red Hat JBoss Enterprise Application Platform :None.html-tags-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.htmlparser2-3.10.1",
"Red Hat JBoss Enterprise Application Platform :None.htmlparser2-3.8.3",
"Red Hat JBoss Enterprise Application Platform :None.http-parser-js-0.4.10",
"Red Hat JBoss Enterprise Application Platform :None.http-signature-1.2.0",
"Red Hat JBoss Enterprise Application Platform :None.ice-cap-0.0.4",
"Red Hat JBoss Enterprise Application Platform :None.iconv-lite-0.4.24",
"Red Hat JBoss Enterprise Application Platform :None.ignore-4.0.6",
"Red Hat JBoss Enterprise Application Platform :None.ignore-5.1.2",
"Red Hat JBoss Enterprise Application Platform :None.image-size-0.5.5",
"Red Hat JBoss Enterprise Application Platform :None.immediate-3.0.6",
"Red Hat JBoss Enterprise Application Platform :None.immediate-3.2.3",
"Red Hat JBoss Enterprise Application Platform :None.import-fresh-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.import-lazy-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.imurmurhash-0.1.4",
"Red Hat JBoss Enterprise Application Platform :None.indent-string-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.indent-string-3.2.0",
"Red Hat JBoss Enterprise Application Platform :None.indexes-of-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.inflight-1.0.6",
"Red Hat JBoss Enterprise Application Platform :None.inherits-2.0.3",
"Red Hat JBoss Enterprise Application Platform :None.ini-1.3.5",
"Red Hat JBoss Enterprise Application Platform :None.interpret-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.invariant-2.2.4",
"Red Hat JBoss Enterprise Application Platform :None.is-absolute-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-accessor-descriptor-0.1.6",
"Red Hat JBoss Enterprise Application Platform :None.is-accessor-descriptor-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-alphabetical-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.is-alphanumeric-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-alphanumerical-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.is-arrayish-0.2.1",
"Red Hat JBoss Enterprise Application Platform :None.is-buffer-1.1.6",
"Red Hat JBoss Enterprise Application Platform :None.is-buffer-2.0.3",
"Red Hat JBoss Enterprise Application Platform :None.is-data-descriptor-0.1.4",
"Red Hat JBoss Enterprise Application Platform :None.is-data-descriptor-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-decimal-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.is-descriptor-0.1.6",
"Red Hat JBoss Enterprise Application Platform :None.is-descriptor-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.is-directory-0.3.1",
"Red Hat JBoss Enterprise Application Platform :None.is-extendable-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.is-extendable-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.is-extglob-2.1.1",
"Red Hat JBoss Enterprise Application Platform :None.is-finite-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.is-fullwidth-code-point-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-fullwidth-code-point-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-fullwidth-code-point-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-glob-3.1.0",
"Red Hat JBoss Enterprise Application Platform :None.is-glob-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.is-hexadecimal-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.is-number-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-number-7.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-obj-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.is-plain-obj-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.is-plain-object-2.0.4",
"Red Hat JBoss Enterprise Application Platform :None.is-regexp-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.is-relative-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-typedarray-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-unc-path-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-utf8-0.2.1",
"Red Hat JBoss Enterprise Application Platform :None.is-whitespace-character-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.is-windows-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.is-word-character-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.isarray-0.0.1",
"Red Hat JBoss Enterprise Application Platform :None.isarray-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.isexe-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.isobject-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.isobject-3.0.1",
"Red Hat JBoss Enterprise Application Platform :None.isstream-0.1.2",
"Red Hat JBoss Enterprise Application Platform :None.jansi.dll-None",
"Red Hat JBoss Enterprise Application Platform :None.jboss-eap-7.4.7-runtime-maven-repository.zip-None",
"Red Hat JBoss Enterprise Application Platform :None.jquery-3.2.1",
"Red Hat JBoss Enterprise Application Platform :None.jquery-3.4.1",
"Red Hat JBoss Enterprise Application Platform :None.jquery-match-height-0.7.2",
"Red Hat JBoss Enterprise Application Platform :None.js-cookie-2.2.0",
"Red Hat JBoss Enterprise Application Platform :None.js-tokens-3.0.2",
"Red Hat JBoss Enterprise Application Platform :None.js-tokens-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.js-yaml-3.13.1",
"Red Hat JBoss Enterprise Application Platform :None.jsbn-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.jsdom-7.2.2",
"Red Hat JBoss Enterprise Application Platform :None.jsesc-1.3.0",
"Red Hat JBoss Enterprise Application Platform :None.jsesc-2.5.2",
"Red Hat JBoss Enterprise Application Platform :None.json-parse-better-errors-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.json-schema-0.2.3",
"Red Hat JBoss Enterprise Application Platform :None.json-schema-traverse-0.4.1",
"Red Hat JBoss Enterprise Application Platform :None.json-stringify-safe-5.0.1",
"Red Hat JBoss Enterprise Application Platform :None.json5-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.jsonfile-2.4.0",
"Red Hat JBoss Enterprise Application Platform :None.jsonfile-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.jsprim-1.4.1",
"Red Hat JBoss Enterprise Application Platform :None.jstree-3.3.8",
"Red Hat JBoss Enterprise Application Platform :None.kind-of-3.2.2",
"Red Hat JBoss Enterprise Application Platform :None.kind-of-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.kind-of-5.1.0",
"Red Hat JBoss Enterprise Application Platform :None.kind-of-6.0.2",
"Red Hat JBoss Enterprise Application Platform :None.klaw-1.3.1",
"Red Hat JBoss Enterprise Application Platform :None.known-css-properties-0.14.0",
"Red Hat JBoss Enterprise Application Platform :None.less-3.9.0",
"Red Hat JBoss Enterprise Application Platform :None.level-5.0.1",
"Red Hat JBoss Enterprise Application Platform :None.level-codec-9.0.1",
"Red Hat JBoss Enterprise Application Platform :None.level-concat-iterator-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.level-errors-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.level-iterator-stream-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.level-js-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.level-packager-5.0.2",
"Red Hat JBoss Enterprise Application Platform :None.level-write-stream-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.leveldown-5.0.2",
"Red Hat JBoss Enterprise Application Platform :None.levelup-4.0.2",
"Red Hat JBoss Enterprise Application Platform :None.leven-3.1.0",
"Red Hat JBoss Enterprise Application Platform :None.levn-0.2.5",
"Red Hat JBoss Enterprise Application Platform :None.levn-0.3.0",
"Red Hat JBoss Enterprise Application Platform :None.libjansi.so-None",
"Red Hat JBoss Enterprise Application Platform :None.libnetty_transport_native_epoll_x86_64.so-None",
"Red Hat JBoss Enterprise Application Platform :None.liftoff-2.5.0",
"Red Hat JBoss Enterprise Application Platform :None.livereload-js-2.4.0",
"Red Hat JBoss Enterprise Application Platform :None.load-json-file-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.load-json-file-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.locate-path-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.lodash-4.17.11",
"Red Hat JBoss Enterprise Application Platform :None.log-symbols-2.2.0",
"Red Hat JBoss Enterprise Application Platform :None.log-symbols-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.longest-streak-2.0.3",
"Red Hat JBoss Enterprise Application Platform :None.loose-envify-1.4.0",
"Red Hat JBoss Enterprise Application Platform :None.loud-rejection-1.6.0",
"Red Hat JBoss Enterprise Application Platform :None.ltgt-2.2.1",
"Red Hat JBoss Enterprise Application Platform :None.make-iterator-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.map-cache-0.2.2",
"Red Hat JBoss Enterprise Application Platform :None.map-obj-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.map-obj-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.map-visit-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.markdown-escapes-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.markdown-table-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.marked-0.3.19",
"Red Hat JBoss Enterprise Application Platform :None.marked-0.3.5",
"Red Hat JBoss Enterprise Application Platform :None.marked-0.7.0",
"Red Hat JBoss Enterprise Application Platform :None.matchdep-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.mathml-tag-names-2.1.1",
"Red Hat JBoss Enterprise Application Platform :None.maxmin-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.mdast-util-compact-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.meow-3.7.0",
"Red Hat JBoss Enterprise Application Platform :None.meow-5.0.0",
"Red Hat JBoss Enterprise Application Platform :None.merge2-1.2.3",
"Red Hat JBoss Enterprise Application Platform :None.micromatch-3.1.10",
"Red Hat JBoss Enterprise Application Platform :None.micromatch-4.0.2",
"Red Hat JBoss Enterprise Application Platform :None.mime-1.6.0",
"Red Hat JBoss Enterprise Application Platform :None.mime-db-1.40.0",
"Red Hat JBoss Enterprise Application Platform :None.mime-types-2.1.24",
"Red Hat JBoss Enterprise Application Platform :None.minimatch-3.0.4",
"Red Hat JBoss Enterprise Application Platform :None.minimist-0.0.8",
"Red Hat JBoss Enterprise Application Platform :None.minimist-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.minimist-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.minimist-1.2.6",
"Red Hat JBoss Enterprise Application Platform :None.minimist-options-3.0.2",
"Red Hat JBoss Enterprise Application Platform :None.minipass-2.3.5",
"Red Hat JBoss Enterprise Application Platform :None.minizlib-1.2.1",
"Red Hat JBoss Enterprise Application Platform :None.mixin-deep-1.3.2",
"Red Hat JBoss Enterprise Application Platform :None.mkdirp-0.5.1",
"Red Hat JBoss Enterprise Application Platform :None.moment-2.29.4",
"Red Hat JBoss Enterprise Application Platform :None.moment-timezone-0.4.1",
"Red Hat JBoss Enterprise Application Platform :None.ms-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.ms-2.1.2",
"Red Hat JBoss Enterprise Application Platform :None.nanomatch-1.2.13",
"Red Hat JBoss Enterprise Application Platform :None.napi-macros-1.8.2",
"Red Hat JBoss Enterprise Application Platform :None.node-fetch-2.4.1",
"Red Hat JBoss Enterprise Application Platform :None.node-gyp-5.0.1",
"Red Hat JBoss Enterprise Application Platform :None.node-gyp-build-3.8.0",
"Red Hat JBoss Enterprise Application Platform :None.node-releases-1.1.23",
"Red Hat JBoss Enterprise Application Platform :None.nopt-3.0.6",
"Red Hat JBoss Enterprise Application Platform :None.nopt-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.normalize-package-data-2.5.0",
"Red Hat JBoss Enterprise Application Platform :None.normalize-range-0.1.2",
"Red Hat JBoss Enterprise Application Platform :None.normalize-selector-0.2.0",
"Red Hat JBoss Enterprise Application Platform :None.npmlog-4.1.2",
"Red Hat JBoss Enterprise Application Platform :None.nth-check-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.num2fraction-1.2.2",
"Red Hat JBoss Enterprise Application Platform :None.number-is-nan-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.nwmatcher-1.4.4",
"Red Hat JBoss Enterprise Application Platform :None.oauth-sign-0.9.0",
"Red Hat JBoss Enterprise Application Platform :None.object-assign-4.1.1",
"Red Hat JBoss Enterprise Application Platform :None.object-copy-0.1.0",
"Red Hat JBoss Enterprise Application Platform :None.object-visit-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.object.defaults-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.object.map-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.object.pick-1.3.0",
"Red Hat JBoss Enterprise Application Platform :None.once-1.4.0",
"Red Hat JBoss Enterprise Application Platform :None.opencollective-postinstall-2.0.2",
"Red Hat JBoss Enterprise Application Platform :None.optionator-0.5.0",
"Red Hat JBoss Enterprise Application Platform :None.optionator-0.8.2",
"Red Hat JBoss Enterprise Application Platform :None.os-homedir-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.os-tmpdir-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.osenv-0.1.5",
"Red Hat JBoss Enterprise Application Platform :None.p-limit-1.3.0",
"Red Hat JBoss Enterprise Application Platform :None.p-locate-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.p-try-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.parse-entities-1.2.2",
"Red Hat JBoss Enterprise Application Platform :None.parse-filepath-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.parse-json-2.2.0",
"Red Hat JBoss Enterprise Application Platform :None.parse-json-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.parse-passwd-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.parse5-1.5.1",
"Red Hat JBoss Enterprise Application Platform :None.parse5-3.0.3",
"Red Hat JBoss Enterprise Application Platform :None.pascalcase-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.path-dirname-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.path-exists-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.path-exists-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.path-is-absolute-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.path-parse-1.0.6",
"Red Hat JBoss Enterprise Application Platform :None.path-root-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.path-root-regex-0.1.2",
"Red Hat JBoss Enterprise Application Platform :None.path-type-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.path-type-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.patternfly-3.59.2",
"Red Hat JBoss Enterprise Application Platform :None.patternfly-bootstrap-combobox-1.1.7",
"Red Hat JBoss Enterprise Application Platform :None.patternfly-bootstrap-treeview-2.1.5",
"Red Hat JBoss Enterprise Application Platform :None.performance-now-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.picomatch-2.0.7",
"Red Hat JBoss Enterprise Application Platform :None.pify-2.3.0",
"Red Hat JBoss Enterprise Application Platform :None.pify-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.pify-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.pinkie-2.0.4",
"Red Hat JBoss Enterprise Application Platform :None.pinkie-promise-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.pixrem-5.0.0",
"Red Hat JBoss Enterprise Application Platform :None.pom.xml-None",
"Red Hat JBoss Enterprise Application Platform :None.posix-character-classes-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.postcss-6.0.23",
"Red Hat JBoss Enterprise Application Platform :None.postcss-7.0.17",
"Red Hat JBoss Enterprise Application Platform :None.postcss-html-0.36.0",
"Red Hat JBoss Enterprise Application Platform :None.postcss-jsx-0.36.1",
"Red Hat JBoss Enterprise Application Platform :None.postcss-less-3.1.4",
"Red Hat JBoss Enterprise Application Platform :None.postcss-markdown-0.36.0",
"Red Hat JBoss Enterprise Application Platform :None.postcss-media-query-parser-0.2.3",
"Red Hat JBoss Enterprise Application Platform :None.postcss-reporter-6.0.1",
"Red Hat JBoss Enterprise Application Platform :None.postcss-resolve-nested-selector-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.postcss-safe-parser-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.postcss-sass-0.3.5",
"Red Hat JBoss Enterprise Application Platform :None.postcss-scss-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.postcss-selector-parser-3.1.1",
"Red Hat JBoss Enterprise Application Platform :None.postcss-syntax-0.36.2",
"Red Hat JBoss Enterprise Application Platform :None.postcss-value-parser-3.3.1",
"Red Hat JBoss Enterprise Application Platform :None.pouchdb-7.1.1",
"Red Hat JBoss Enterprise Application Platform :None.prelude-ls-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.pretty-bytes-3.0.1",
"Red Hat JBoss Enterprise Application Platform :None.process-nextick-args-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.promise-7.3.1",
"Red Hat JBoss Enterprise Application Platform :None.promise-polyfill-8.1.3",
"Red Hat JBoss Enterprise Application Platform :None.prr-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.psl-1.1.33",
"Red Hat JBoss Enterprise Application Platform :None.punycode-1.4.1",
"Red Hat JBoss Enterprise Application Platform :None.punycode-2.1.1",
"Red Hat JBoss Enterprise Application Platform :None.qs-6.5.2",
"Red Hat JBoss Enterprise Application Platform :None.quick-lru-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.raw-body-1.1.7",
"Red Hat JBoss Enterprise Application Platform :None.read-pkg-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.read-pkg-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.read-pkg-up-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.read-pkg-up-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.readable-stream-0.0.4",
"Red Hat JBoss Enterprise Application Platform :None.readable-stream-1.0.33",
"Red Hat JBoss Enterprise Application Platform :None.readable-stream-1.1.14",
"Red Hat JBoss Enterprise Application Platform :None.readable-stream-2.3.6",
"Red Hat JBoss Enterprise Application Platform :None.readable-stream-3.4.0",
"Red Hat JBoss Enterprise Application Platform :None.rechoir-0.6.2",
"Red Hat JBoss Enterprise Application Platform :None.redent-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.redent-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.reduce-css-calc-2.1.6",
"Red Hat JBoss Enterprise Application Platform :None.regenerator-runtime-0.11.1",
"Red Hat JBoss Enterprise Application Platform :None.regex-not-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.remark-10.0.1",
"Red Hat JBoss Enterprise Application Platform :None.remark-parse-6.0.3",
"Red Hat JBoss Enterprise Application Platform :None.remark-stringify-6.0.4",
"Red Hat JBoss Enterprise Application Platform :None.repeat-element-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.repeat-string-1.6.1",
"Red Hat JBoss Enterprise Application Platform :None.repeating-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.replace-ext-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.request-2.88.0",
"Red Hat JBoss Enterprise Application Platform :None.resolve-1.1.7",
"Red Hat JBoss Enterprise Application Platform :None.resolve-1.11.1",
"Red Hat JBoss Enterprise Application Platform :None.resolve-dir-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.resolve-from-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.resolve-from-5.0.0",
"Red Hat JBoss Enterprise Application Platform :None.resolve-url-0.2.1",
"Red Hat JBoss Enterprise Application Platform :None.ret-0.1.15",
"Red Hat JBoss Enterprise Application Platform :None.rimraf-2.6.3",
"Red Hat JBoss Enterprise Application Platform :None.rw-1.3.3",
"Red Hat JBoss Enterprise Application Platform :None.safe-buffer-5.1.2",
"Red Hat JBoss Enterprise Application Platform :None.safe-json-parse-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.safe-regex-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.safer-buffer-2.1.2",
"Red Hat JBoss Enterprise Application Platform :None.sax-1.2.4",
"Red Hat JBoss Enterprise Application Platform :None.select-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.semver-5.3.0",
"Red Hat JBoss Enterprise Application Platform :None.semver-5.7.0",
"Red Hat JBoss Enterprise Application Platform :None.set-blocking-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.set-value-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.signal-exit-3.0.2",
"Red Hat JBoss Enterprise Application Platform :None.slash-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.slash-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.slice-ansi-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.snapdragon-0.8.2",
"Red Hat JBoss Enterprise Application Platform :None.snapdragon-node-2.1.1",
"Red Hat JBoss Enterprise Application Platform :None.snapdragon-util-3.0.1",
"Red Hat JBoss Enterprise Application Platform :None.source-map-0.2.0",
"Red Hat JBoss Enterprise Application Platform :None.source-map-0.5.7",
"Red Hat JBoss Enterprise Application Platform :None.source-map-0.6.1",
"Red Hat JBoss Enterprise Application Platform :None.source-map-resolve-0.5.2",
"Red Hat JBoss Enterprise Application Platform :None.source-map-url-0.4.0",
"Red Hat JBoss Enterprise Application Platform :None.spark-md5-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.spdx-correct-3.1.0",
"Red Hat JBoss Enterprise Application Platform :None.spdx-exceptions-2.2.0",
"Red Hat JBoss Enterprise Application Platform :None.spdx-expression-parse-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.spdx-license-ids-3.0.4",
"Red Hat JBoss Enterprise Application Platform :None.specificity-0.4.1",
"Red Hat JBoss Enterprise Application Platform :None.split-string-3.1.0",
"Red Hat JBoss Enterprise Application Platform :None.sprintf-js-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.sprintf-js-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.sshpk-1.16.1",
"Red Hat JBoss Enterprise Application Platform :None.stack-trace-0.0.10",
"Red Hat JBoss Enterprise Application Platform :None.state-toggle-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.static-extend-0.1.2",
"Red Hat JBoss Enterprise Application Platform :None.string-template-0.2.1",
"Red Hat JBoss Enterprise Application Platform :None.string-width-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.string-width-3.1.0",
"Red Hat JBoss Enterprise Application Platform :None.string-width-4.1.0",
"Red Hat JBoss Enterprise Application Platform :None.string_decoder-0.10.31",
"Red Hat JBoss Enterprise Application Platform :None.string_decoder-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.stringify-entities-1.3.2",
"Red Hat JBoss Enterprise Application Platform :None.strip-ansi-3.0.1",
"Red Hat JBoss Enterprise Application Platform :None.strip-ansi-5.2.0",
"Red Hat JBoss Enterprise Application Platform :None.strip-bom-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.strip-bom-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.strip-indent-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.strip-indent-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.style-search-0.1.0",
"Red Hat JBoss Enterprise Application Platform :None.stylelint-10.1.0",
"Red Hat JBoss Enterprise Application Platform :None.sugarss-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.supports-color-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.supports-color-5.5.0",
"Red Hat JBoss Enterprise Application Platform :None.supports-color-6.1.0",
"Red Hat JBoss Enterprise Application Platform :None.svg-tags-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.symbol-tree-3.2.4",
"Red Hat JBoss Enterprise Application Platform :None.table-5.4.1",
"Red Hat JBoss Enterprise Application Platform :None.taffydb-2.7.2",
"Red Hat JBoss Enterprise Application Platform :None.taffydb-2.7.3",
"Red Hat JBoss Enterprise Application Platform :None.tar-4.4.10",
"Red Hat JBoss Enterprise Application Platform :None.through2-3.0.1",
"Red Hat JBoss Enterprise Application Platform :None.tiny-emitter-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.tiny-lr-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.to-fast-properties-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.to-fast-properties-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.to-object-path-0.3.0",
"Red Hat JBoss Enterprise Application Platform :None.to-regex-3.0.2",
"Red Hat JBoss Enterprise Application Platform :None.to-regex-range-2.1.1",
"Red Hat JBoss Enterprise Application Platform :None.to-regex-range-5.0.1",
"Red Hat JBoss Enterprise Application Platform :None.tough-cookie-2.4.3",
"Red Hat JBoss Enterprise Application Platform :None.tough-cookie-2.5.0",
"Red Hat JBoss Enterprise Application Platform :None.tr46-0.0.3",
"Red Hat JBoss Enterprise Application Platform :None.trim-0.0.1",
"Red Hat JBoss Enterprise Application Platform :None.trim-newlines-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.trim-newlines-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.trim-right-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.trim-trailing-lines-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.trough-1.0.4",
"Red Hat JBoss Enterprise Application Platform :None.tunnel-agent-0.6.0",
"Red Hat JBoss Enterprise Application Platform :None.tweetnacl-0.14.5",
"Red Hat JBoss Enterprise Application Platform :None.type-check-0.3.2",
"Red Hat JBoss Enterprise Application Platform :None.typedarray-to-buffer-3.1.5",
"Red Hat JBoss Enterprise Application Platform :None.unc-path-regex-0.1.2",
"Red Hat JBoss Enterprise Application Platform :None.underscore.string-3.3.5",
"Red Hat JBoss Enterprise Application Platform :None.unherit-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.unified-7.1.0",
"Red Hat JBoss Enterprise Application Platform :None.union-value-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.uniq-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.unist-util-find-all-after-1.0.4",
"Red Hat JBoss Enterprise Application Platform :None.unist-util-is-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.unist-util-remove-position-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.unist-util-stringify-position-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.unist-util-visit-1.4.1",
"Red Hat JBoss Enterprise Application Platform :None.unist-util-visit-parents-2.1.2",
"Red Hat JBoss Enterprise Application Platform :None.universalify-0.1.2",
"Red Hat JBoss Enterprise Application Platform :None.unset-value-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.uri-js-4.2.2",
"Red Hat JBoss Enterprise Application Platform :None.urix-0.1.0",
"Red Hat JBoss Enterprise Application Platform :None.use-3.1.1",
"Red Hat JBoss Enterprise Application Platform :None.util-deprecate-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.uuid-3.2.1",
"Red Hat JBoss Enterprise Application Platform :None.uuid-3.3.2",
"Red Hat JBoss Enterprise Application Platform :None.v8flags-3.1.3",
"Red Hat JBoss Enterprise Application Platform :None.validate-npm-package-license-3.0.4",
"Red Hat JBoss Enterprise Application Platform :None.verror-1.10.0",
"Red Hat JBoss Enterprise Application Platform :None.vfile-3.0.1",
"Red Hat JBoss Enterprise Application Platform :None.vfile-location-2.0.5",
"Red Hat JBoss Enterprise Application Platform :None.vfile-message-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.vuvuzela-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.webidl-conversions-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.websocket-driver-0.7.3",
"Red Hat JBoss Enterprise Application Platform :None.websocket-extensions-0.1.3",
"Red Hat JBoss Enterprise Application Platform :None.whatwg-fetch-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.whatwg-url-compat-0.6.5",
"Red Hat JBoss Enterprise Application Platform :None.which-1.3.1",
"Red Hat JBoss Enterprise Application Platform :None.wide-align-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.wordwrap-0.0.3",
"Red Hat JBoss Enterprise Application Platform :None.wordwrap-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.wrappy-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.write-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.write-stream-0.4.3",
"Red Hat JBoss Enterprise Application Platform :None.x-is-string-0.1.0",
"Red Hat JBoss Enterprise Application Platform :None.xml-name-validator-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.xtend-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.yallist-3.0.3",
"Red Hat JBoss Enterprise Application Platform :None.yargs-parser-10.1.0",
"Red Hat JBoss Enterprise Application Platform :antlr.antlr-2.7.7.redhat-7.jar",
"Red Hat JBoss Enterprise Application Platform :antlr.antlr-2.7.7.redhat-7.pom",
"Red Hat JBoss Enterprise Application Platform :ch.qos.cal10n.cal10n-api-0.8.1.redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :ch.qos.cal10n.cal10n-api-0.8.1.redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.classmate-1.5.1.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.classmate-1.5.1.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-annotations-2.11.3.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-annotations-2.12.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-annotations-2.12.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-core-2.11.3.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-core-2.12.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-core-2.12.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-databind-2.11.3.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-databind-2.12.6.1-redhat-00004.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-databind-2.12.6.1-redhat-00004.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.datatype.jackson-datatype-jdk8-2.12.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.datatype.jackson-datatype-jdk8-2.12.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.datatype.jackson-datatype-jsr310-2.12.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.datatype.jackson-datatype-jsr310-2.12.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.jaxrs.jackson-jaxrs-base-2.12.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.jaxrs.jackson-jaxrs-base-2.12.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.jaxrs.jackson-jaxrs-json-provider-2.12.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.jaxrs.jackson-jaxrs-json-provider-2.12.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.module.jackson-module-jaxb-annotations-2.12.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.module.jackson-module-jaxb-annotations-2.12.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.woodstox.woodstox-core-6.0.3.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.github.ben-manes.caffeine.caffeine-2.8.8.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.github.fge.btf-1.2.0.redhat-00007.jar",
"Red Hat JBoss Enterprise Application Platform :com.github.fge.jackson-coreutils-1.8.0.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :com.github.fge.json-patch-1.9.0.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :com.github.fge.msg-simple-1.1.0.redhat-00007.jar",
"Red Hat JBoss Enterprise Application Platform :com.github.spullara.mustache.java.compiler-0.9.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.github.spullara.mustache.java.compiler-0.9.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.google.code.gson.gson-2.8.5.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.google.code.gson.gson-2.8.9.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.google.code.gson.gson-2.8.9.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.google.guava.failureaccess-1.0.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :com.google.guava.failureaccess-1.0.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :com.google.guava.guava-30.1.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.google.guava.guava-30.1.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.google.protobuf.protobuf-java-3.12.2.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :com.googlecode.javaewah.JavaEWAH-1.1.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.googlecode.javaewah.JavaEWAH-1.1.7.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.h2database.h2-1.4.197.redhat-00004.jar",
"Red Hat JBoss Enterprise Application Platform :com.h2database.h2-1.4.197.redhat-00004.pom",
"Red Hat JBoss Enterprise Application Platform :com.h2database.h2-1.4.197.redhat-00004.zip",
"Red Hat JBoss Enterprise Application Platform :com.microsoft.azure.azure-storage-8.6.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.microsoft.azure.azure-storage-8.6.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.squareup.protoparser-4.0.3.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.activation.jakarta.activation-1.2.2.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.activation.jakarta.activation-1.2.2.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.faces.jsf-impl-2.3.14.SP06-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.faces.jsf-impl-2.3.14.SP06-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.istack.istack-commons-runtime-3.0.10.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.istack.istack-commons-runtime-3.0.10.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.istack.istack-commons-tools-3.0.10.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.istack.istack-commons-tools-3.0.10.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.mail.jakarta.mail-1.6.5.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.mail.jakarta.mail-1.6.5.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.bind.external.relaxng-datatype-2.3.3.b02-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.bind.external.relaxng-datatype-2.3.3.b02-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.bind.external.rngom-2.3.3.b02-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.bind.external.rngom-2.3.3.b02-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.bind.jaxb.isorelax-20090621.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.fastinfoset.FastInfoset-1.2.13.redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.fastinfoset.FastInfoset-1.2.13.redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.messaging.saaj.saaj-impl-1.4.1.SP1-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.messaging.saaj.saaj-impl-1.4.1.SP1-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :commons-beanutils.commons-beanutils-1.9.4.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :commons-beanutils.commons-beanutils-1.9.4.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :commons-cli.commons-cli-1.2.0.redhat-10.pom",
"Red Hat JBoss Enterprise Application Platform :commons-cli.commons-cli-1.4.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :commons-cli.commons-cli-1.4.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :commons-codec.commons-codec-1.11.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :commons-codec.commons-codec-1.15.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :commons-codec.commons-codec-1.15.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :commons-collections.commons-collections-3.2.2.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :commons-collections.commons-collections-3.2.2.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :commons-io.commons-io-2.10.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :commons-io.commons-io-2.10.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :commons-io.commons-io-2.8.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :commons-lang.commons-lang-2.6.0.redhat-7.jar",
"Red Hat JBoss Enterprise Application Platform :commons-lang.commons-lang-2.6.0.redhat-7.pom",
"Red Hat JBoss Enterprise Application Platform :commons-logging.commons-logging-1.2.0.redhat-00004.pom",
"Red Hat JBoss Enterprise Application Platform :gnu.getopt.java-getopt-1.0.13.redhat-5.jar",
"Red Hat JBoss Enterprise Application Platform :gnu.getopt.java-getopt-1.0.13.redhat-5.pom",
"Red Hat JBoss Enterprise Application Platform :io.agroal.agroal-api-1.3.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.agroal.agroal-api-1.3.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.agroal.agroal-narayana-1.3.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.agroal.agroal-narayana-1.3.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.agroal.agroal-pool-1.3.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.agroal.agroal-pool-1.3.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-buffer-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-buffer-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-dns-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-dns-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-haproxy-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-haproxy-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-http-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-http-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-http2-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-http2-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-memcache-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-memcache-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-mqtt-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-mqtt-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-redis-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-redis-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-smtp-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-smtp-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-socks-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-socks-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-stomp-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-stomp-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-xml-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-xml-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-common-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-handler-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-handler-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-handler-proxy-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-handler-proxy-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-resolver-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-resolver-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-resolver-dns-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-resolver-dns-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-resolver-dns-classes-macos-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-resolver-dns-classes-macos-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-tcnative-classes-2.0.52.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-tcnative-classes-2.0.52.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-classes-epoll-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-classes-epoll-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-classes-kqueue-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-classes-kqueue-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-native-epoll-4.1.77.Final-redhat-00001-linux-x86_64.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-native-epoll-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-native-unix-common-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-native-unix-common-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-rxtx-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-rxtx-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-sctp-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-sctp-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-udt-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-udt-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.reactivex.rxjava2.rxjava-2.2.20.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.reactivex.rxjava3.rxjava-3.0.9.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.undertow.jastow.jastow-2.0.11.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.undertow.jastow.jastow-2.0.11.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.undertow.js.undertow-js-1.0.2.Final-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :io.undertow.js.undertow-js-1.0.2.Final-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :io.undertow.undertow-core-2.2.19.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.undertow.undertow-servlet-2.2.19.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.undertow.undertow-servlet-2.2.19.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.undertow.undertow-websockets-jsr-2.2.19.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.undertow.undertow-websockets-jsr-2.2.19.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :jakarta.enterprise.jakarta.enterprise.cdi-api-2.0.2.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :jakarta.enterprise.jakarta.enterprise.cdi-api-2.0.2.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :jakarta.inject.jakarta.inject-api-1.0.3.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :jakarta.inject.jakarta.inject-api-1.0.3.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :jakarta.json.bind.jakarta.json.bind-api-1.0.2.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :jakarta.json.bind.jakarta.json.bind-api-1.0.2.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :jakarta.json.jakarta.json-api-1.1.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :jakarta.json.jakarta.json-api-1.1.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :jakarta.persistence.jakarta.persistence-api-2.2.3.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :jakarta.persistence.jakarta.persistence-api-2.2.3.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :jakarta.security.enterprise.jakarta.security.enterprise-api-1.0.2.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :jakarta.security.enterprise.jakarta.security.enterprise-api-1.0.2.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :jakarta.validation.jakarta.validation-api-2.0.2.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :jakarta.validation.jakarta.validation-api-2.0.2.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :javax.jws.jsr181-api-1.0.0.MR1-redhat-8.jar",
"Red Hat JBoss Enterprise Application Platform :javax.jws.jsr181-api-1.0.0.MR1-redhat-8.pom",
"Red Hat JBoss Enterprise Application Platform :jaxen.jaxen-1.1.6.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :jaxen.jaxen-1.1.6.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :jboss.jaxbintros.jboss-jaxb-intros-1.0.3.GA-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :jboss.jaxbintros.jboss-jaxb-intros-1.0.3.GA-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :joda-time.joda-time-2.9.7.redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :joda-time.joda-time-2.9.7.redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :net.bytebuddy.byte-buddy-1.11.12.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :net.bytebuddy.byte-buddy-dep-1.11.12.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :net.java.dev.msv.msv-core-2013.6.1.pom",
"Red Hat JBoss Enterprise Application Platform :net.java.dev.msv.xsdlib-2013.6.1.pom",
"Red Hat JBoss Enterprise Application Platform :net.jcip.jcip-annotations-1.0.0.redhat-8.jar",
"Red Hat JBoss Enterprise Application Platform :net.jcip.jcip-annotations-1.0.0.redhat-8.pom",
"Red Hat JBoss Enterprise Application Platform :net.shibboleth.utilities.java-support-7.3.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :net.shibboleth.utilities.java-support-7.3.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.aesh.aesh-2.4.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.aesh.aesh-2.4.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.aesh.aesh-extensions-1.8.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.aesh.aesh-extensions-1.8.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.aesh.readline-2.2.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.aesh.readline-2.2.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.aesh.terminal-api-2.2.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.activemq-artemis-native-1.0.2.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.activemq-artemis-native-1.0.2.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-cli-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-cli-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-commons-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-commons-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-core-client-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-core-client-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-dto-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-dto-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-hornetq-protocol-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-hornetq-protocol-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-hqclient-protocol-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-hqclient-protocol-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-jdbc-store-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-jdbc-store-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-jms-client-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-jms-client-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-jms-server-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-jms-server-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-journal-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-journal-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-ra-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-ra-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-selector-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-selector-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-server-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-server-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-service-extensions-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-service-extensions-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-tools-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-tools-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.avro.avro-1.7.6.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.avro.avro-1.7.6.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.commons.commons-lang3-3.11.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.commons.commons-lang3-3.11.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-core-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-core-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-bindings-coloc-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-bindings-coloc-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-bindings-soap-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-bindings-soap-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-bindings-xml-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-bindings-xml-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-databinding-aegis-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-databinding-aegis-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-databinding-jaxb-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-databinding-jaxb-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-features-clustering-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-features-clustering-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-features-logging-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-features-logging-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-frontend-jaxws-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-frontend-jaxws-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-frontend-simple-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-frontend-simple-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-management-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-management-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-security-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-security-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-security-saml-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-security-saml-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-http-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-http-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-http-hc-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-http-hc-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-jms-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-jms-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-local-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-local-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-addr-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-addr-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-mex-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-mex-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-policy-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-policy-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-rm-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-rm-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-security-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-security-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-wsdl-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-wsdl-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-common-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-common-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-java2ws-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-java2ws-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-validator-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-validator-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-wsdlto-core-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-wsdlto-core-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-wsdlto-databinding-jaxb-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-wsdlto-databinding-jaxb-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-wsdlto-frontend-jaxws-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-wsdlto-frontend-jaxws-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.services.sts.cxf-services-sts-core-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.services.sts.cxf-services-sts-core-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.services.ws-discovery.cxf-services-ws-discovery-api-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.services.ws-discovery.cxf-services-ws-discovery-api-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjc-utils.cxf-xjc-runtime-3.3.1.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjc-utils.cxf-xjc-runtime-3.3.1.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-boolean-3.3.1.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-boolean-3.3.1.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-bug986-3.3.1.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-bug986-3.3.1.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-dv-3.3.1.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-dv-3.3.1.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-ts-3.3.1.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-ts-3.3.1.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpasyncclient-4.1.4.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpasyncclient-4.1.4.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpclient-4.5.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpclient-4.5.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpcore-4.4.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpcore-4.4.14.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpcore-4.4.14.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpcore-nio-4.4.14.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpcore-nio-4.4.14.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpmime-4.5.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpmime-4.5.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.james.apache-mime4j-0.6.0.redhat-7.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.james.apache-mime4j-0.6.0.redhat-7.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.logging.log4j.log4j-api-2.17.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.logging.log4j.log4j-api-2.17.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-analyzers-common-5.5.5.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-analyzers-common-5.5.5.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-backward-codecs-5.5.5.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-backward-codecs-5.5.5.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-core-5.5.5.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-core-5.5.5.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-facet-5.5.5.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-facet-5.5.5.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-misc-5.5.5.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-misc-5.5.5.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-queries-5.5.5.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-queries-5.5.5.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-queryparser-5.5.5.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-queryparser-5.5.5.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.neethi.neethi-3.1.1.redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.neethi.neethi-3.1.1.redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.santuario.xmlsec-2.1.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.santuario.xmlsec-2.1.7.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.sshd.sshd-common-2.7.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.sshd.sshd-common-2.7.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.sshd.sshd-core-2.7.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.sshd.sshd-core-2.7.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.taglibs.taglibs-standard-compat-1.2.6.RC1-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.taglibs.taglibs-standard-compat-1.2.6.RC1-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.taglibs.taglibs-standard-impl-1.2.6.RC1-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.taglibs.taglibs-standard-impl-1.2.6.RC1-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.taglibs.taglibs-standard-spec-1.2.6.RC1-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.taglibs.taglibs-standard-spec-1.2.6.RC1-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.velocity.velocity-engine-core-2.3.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.ws.xmlschema.xmlschema-core-2.2.5.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.ws.xmlschema.xmlschema-core-2.2.5.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-bindings-2.2.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-bindings-2.2.7.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-policy-2.2.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-policy-2.2.7.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-common-2.2.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-common-2.2.7.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-dom-2.2.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-dom-2.2.7.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-policy-stax-2.2.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-policy-stax-2.2.7.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-stax-2.2.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-stax-2.2.7.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.bitbucket.b_c.jose4j-0.7.5.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcmail-jdk15on-1.68.0.redhat-00005.jar",
"Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcmail-jdk15on-1.68.0.redhat-00005.pom",
"Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcpg-jdk15on-1.68.0.redhat-00005.jar",
"Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcpg-jdk15on-1.68.0.redhat-00005.pom",
"Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcpkix-jdk15on-1.68.0.redhat-00005.jar",
"Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcpkix-jdk15on-1.68.0.redhat-00005.pom",
"Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcprov-jdk15on-1.68.0.redhat-00005.jar",
"Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcprov-jdk15on-1.68.0.redhat-00005.pom",
"Red Hat JBoss Enterprise Application Platform :org.codehaus.jackson.jackson-core-asl-1.9.13.redhat-00007.jar",
"Red Hat JBoss Enterprise Application Platform :org.codehaus.jackson.jackson-jaxrs-1.9.13.redhat-00007.jar",
"Red Hat JBoss Enterprise Application Platform :org.codehaus.jackson.jackson-mapper-asl-1.9.13.redhat-00007.jar",
"Red Hat JBoss Enterprise Application Platform :org.codehaus.jackson.jackson-xc-1.9.13.redhat-00007.jar",
"Red Hat JBoss Enterprise Application Platform :org.codehaus.jettison.jettison-1.4.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.codehaus.jettison.jettison-1.4.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.codehaus.woodstox.stax2-api-4.2.1.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.codehaus.woodstox.stax2-api-4.2.1.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.cryptacular.cryptacular-1.2.4.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.cryptacular.cryptacular-1.2.4.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.dom4j.dom4j-2.1.3.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.dom4j.dom4j-2.1.3.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.eclipse.jdt.ecj-3.26.0.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.eclipse.jdt.ecj-3.26.0.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.eclipse.jgit.org.eclipse.jgit-5.13.0.202109080827-r-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.eclipse.jgit.org.eclipse.jgit-5.13.0.202109080827-r-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.eclipse.jgit.org.eclipse.jgit.ssh.apache-5.13.0.202109080827-r-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.eclipse.jgit.org.eclipse.jgit.ssh.apache-5.13.0.202109080827-r-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.eclipse.yasson-1.0.10.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.eclipse.yasson-1.0.10.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.fusesource.hawtjni.hawtjni-runtime-1.17.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.fusesource.jansi.jansi-1.18.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.fusesource.jansi.jansi-linux32-1.8.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.fusesource.jansi.jansi-linux64-1.8.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.fusesource.jansi.jansi-native-1.8.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jakarta.el-3.0.3.redhat-00007.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jakarta.el-3.0.3.redhat-00007.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jakarta.enterprise.concurrent-1.1.1.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jakarta.enterprise.concurrent-1.1.1.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jakarta.json-1.1.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jakarta.json-1.1.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.codemodel-2.3.3.b02-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.codemodel-2.3.3.b02-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.jaxb-jxc-2.3.3.b02-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.jaxb-jxc-2.3.3.b02-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.jaxb-runtime-2.3.3.b02-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.jaxb-runtime-2.3.3.b02-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.jaxb-xjc-2.3.3.b02-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.jaxb-xjc-2.3.3.b02-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.txw2-2.3.3.b02-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.txw2-2.3.3.b02-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.xsom-2.3.3.b02-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.xsom-2.3.3.b02-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.soteria.jakarta.security.enterprise-1.0.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.soteria.jakarta.security.enterprise-1.0.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.common.hibernate-commons-annotations-5.0.5.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-core-5.3.28.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-envers-5.3.28.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-backend-jms-5.10.7.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-backend-jms-5.10.7.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-engine-5.10.7.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-engine-5.10.7.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-orm-5.10.7.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-orm-5.10.7.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-serialization-avro-5.10.7.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-serialization-avro-5.10.7.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.validator.hibernate-validator-6.0.23.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.validator.hibernate-validator-6.0.23.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.validator.hibernate-validator-cdi-6.0.23.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.validator.hibernate-validator-cdi-6.0.23.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.hornetq.hornetq-commons-2.4.8.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hornetq.hornetq-commons-2.4.8.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.hornetq.hornetq-core-client-2.4.8.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hornetq.hornetq-core-client-2.4.8.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.hornetq.hornetq-jms-client-2.4.8.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hornetq.hornetq-jms-client-2.4.8.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-cachestore-jdbc-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-cachestore-jdbc-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-cachestore-remote-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-cachestore-remote-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-client-hotrod-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-client-hotrod-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-commons-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-commons-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-component-annotations-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-component-annotations-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-core-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-core-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-commons-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-commons-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-spi-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-spi-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-v51-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-v51-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-v53-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-v53-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.protostream.protostream-4.3.5.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.protostream.protostream-4.3.5.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jasypt.jasypt-1.9.3.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.jasypt.jasypt-1.9.3.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.javassist.javassist-3.26.0.GA-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.javassist.javassist-3.27.0.GA-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.javassist.javassist-3.27.0.GA-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jberet.jberet-core-1.3.9.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jberet.jberet-core-1.3.9.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.activemq.artemis.integration.artemis-wildfly-integration-1.0.4.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.activemq.artemis.integration.artemis-wildfly-integration-1.0.4.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.classfilewriter.jboss-classfilewriter-1.2.5.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.classfilewriter.jboss-classfilewriter-1.2.5.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.common.jboss-common-beans-2.0.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.common.jboss-common-beans-2.0.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-eclipselink-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-eclipselink-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate4-1-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate4-1-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate4-3-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate4-3-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate5-3-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate5-3-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate5-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate5-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-openjpa-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-openjpa-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-appclient-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-appclient-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-batch-jberet-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-batch-jberet-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-bean-validation-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-bean-validation-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-client-all-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-client-properties-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-client-properties-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-api-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-api-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-common-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-common-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-cache-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-cache-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-hotrod-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-hotrod-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-infinispan-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-infinispan-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ejb-infinispan-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ejb-infinispan-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ejb-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ejb-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-client-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-client-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-extension-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-extension-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-marshalling-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-marshalling-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-jgroups-api-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-jgroups-api-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-jgroups-extension-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-jgroups-extension-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-jgroups-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-jgroups-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-api-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-api-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-jboss-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-jboss-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-protostream-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-protostream-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-server-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-server-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-service-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-service-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-singleton-api-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-singleton-api-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-singleton-extension-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-singleton-extension-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-api-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-api-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-cache-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-cache-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-container-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-container-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-extension-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-extension-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-hotrod-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-hotrod-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-infinispan-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-infinispan-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-undertow-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-undertow-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-cmp-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-cmp-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-configadmin-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-configadmin-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-connector-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-connector-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-datasources-agroal-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-datasources-agroal-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ee-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ee-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ee-security-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ee-security-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ejb3-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ejb3-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-health-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-health-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-iiop-openjdk-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-iiop-openjdk-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jacorb-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jacorb-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jaxr-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jaxr-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jaxrs-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jaxrs-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jdr-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jdr-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jpa-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jpa-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jsf-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jsf-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jsf-injection-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jsf-injection-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jsr77-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jsr77-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-mail-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-mail-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-messaging-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-messaging-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-messaging-activemq-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-messaging-activemq-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-metrics-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-metrics-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-mod_cluster-extension-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-mod_cluster-extension-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-mod_cluster-undertow-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-mod_cluster-undertow-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-naming-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-naming-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ormtransformer-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ormtransformer-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-picketlink-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-picketlink-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-pojo-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-pojo-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-rts-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-rts-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-sar-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-sar-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-api-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-api-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-integration-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-integration-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-plugins-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-plugins-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-vault-tool-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-vault-tool-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-system-jmx-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-system-jmx-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-transactions-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-transactions-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-undertow-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-undertow-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-web-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-web-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-web-common-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-web-common-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-webservices-server-integration-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-webservices-server-integration-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-bean-validation-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-bean-validation-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-common-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-common-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-ejb-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-ejb-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-jpa-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-jpa-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-transactions-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-transactions-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-webservices-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-webservices-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-xts-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-xts-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ejb3.jboss-ejb3-ext-api-2.3.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ejb3.jboss-ejb3-ext-api-2.3.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.genericjms.generic-jms-ra-jar-2.0.9.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.genericjms.generic-jms-ra-jar-2.0.9.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.hal.hal-console-3.3.14.Final-redhat-00001-resources.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.hal.hal-console-3.3.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.invocation.jboss-invocation-1.6.3.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.invocation.jboss-invocation-1.6.3.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-common-api-1.5.3.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-common-api-1.5.3.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-common-impl-1.5.3.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-common-impl-1.5.3.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-common-spi-1.5.3.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-common-spi-1.5.3.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-core-api-1.5.3.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-core-api-1.5.3.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-core-impl-1.5.3.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-core-impl-1.5.3.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-deployers-common-1.5.3.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-deployers-common-1.5.3.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-jdbc-1.5.3.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-jdbc-1.5.3.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-validator-1.5.3.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-validator-1.5.3.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jandex-2.4.2.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jandex-2.4.2.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-dmr-1.5.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-dmr-1.5.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-ejb-client-4.0.45.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-ejb-client-4.0.45.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-ejb-client-legacy-3.0.3.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-ejb-client-legacy-3.0.3.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-iiop-client-1.0.1.Final-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-iiop-client-1.0.1.Final-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-transaction-spi-7.6.0.Final-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-transaction-spi-7.6.0.Final-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-vfs-3.2.17.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-vfs-3.2.17.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logging.commons-logging-jboss-logging-1.0.0.Final-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logging.commons-logging-jboss-logging-1.0.0.Final-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logging.jboss-logging-3.4.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logging.jboss-logging-3.4.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logging.jul-to-slf4j-stub-1.0.1.Final-redhat-3.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logging.jul-to-slf4j-stub-1.0.1.Final-redhat-3.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logmanager.jboss-logmanager-2.1.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logmanager.jboss-logmanager-2.1.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logmanager.log4j-jboss-logmanager-1.2.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logmanager.log4j2-jboss-logmanager-1.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logmanager.log4j2-jboss-logmanager-1.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.marshalling.jboss-marshalling-2.0.12.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.marshalling.jboss-marshalling-2.0.12.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.marshalling.jboss-marshalling-river-2.0.12.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.marshalling.jboss-marshalling-river-2.0.12.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-appclient-13.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-appclient-13.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-common-13.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-common-13.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-ear-13.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-ear-13.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-ejb-13.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-ejb-13.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-web-13.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-web-13.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-cli-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-cli-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-core-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-core-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap6.4-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap6.4-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap6.4-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap6.4-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.0-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.0-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.0-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.0-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.1-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.1-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.1-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.1-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.2-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.2-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.2-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.2-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.3-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.3-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.3-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.3-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.4-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.4-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.4-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.4-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly10.0-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly10.0-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly10.1-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly10.1-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly11.0-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly11.0-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly12.0-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly12.0-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly13.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly13.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly14.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly14.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly15.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly15.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly16.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly16.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly17.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly17.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly18.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly18.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly19.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly19.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly20.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly20.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly21.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly21.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly22.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly22.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly8.2-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly8.2-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly9.0-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly9.0-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.mod_cluster.mod_cluster-container-spi-1.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.mod_cluster.mod_cluster-container-spi-1.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.mod_cluster.mod_cluster-core-1.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.mod_cluster.mod_cluster-core-1.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.mod_cluster.mod_cluster-load-spi-1.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.mod_cluster.mod_cluster-load-spi-1.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.modules.jboss-modules-1.12.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.modules.jboss-modules-1.12.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.msc.jboss-msc-1.4.12.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.msc.jboss-msc-1.4.12.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.arjunacore.arjuna-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.arjunacore.txoj-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.common-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.compensations.compensations-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.compensations.compensations-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jbosstxbridge-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jbosstxbridge-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jta.cdi-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jta.jdbc-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jta.jms-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jta.jta-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jts.idlj-idl-jdk8-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jts.jtax-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jts.jts-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jts.narayana-jts-idlj-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jts.narayana-jts-integration-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jts.narayana-jts-integration-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jts.orbportability-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-api-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-api-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-bridge-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-bridge-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-integration-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-integration-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-util-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-util-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.txframework.txframework-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.txframework.txframework-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.bridge-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.jbossxts-5.11.4.Final-redhat-00001-api.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.jbossxts-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.recovery-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.service-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.ws-c11-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.ws-t11-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.wsas-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.wscf11-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.wstx11-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.openjdk-orb.openjdk-orb-8.1.4.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.openjdk-orb.openjdk-orb-8.1.4.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.remoting.jboss-remoting-5.0.25.SP1-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.remoting.jboss-remoting-5.0.25.SP1-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.remotingjmx.remoting-jmx-3.0.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.remotingjmx.remoting-jmx-3.0.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.jose-jwt-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.jose-jwt-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-atom-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-atom-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-cdi-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-cdi-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-client-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-client-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-crypto-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-crypto-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jackson-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jackson-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jackson2-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jackson2-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jaxb-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jaxb-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jaxrs-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jaxrs-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jettison-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jettison-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jsapi-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jsapi-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-json-binding-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-json-binding-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-json-p-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-json-p-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-multipart-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-multipart-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-rxjava2-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-rxjava2-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-spring-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-spring-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-validator-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-validator-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-yaml-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-yaml-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.seam.integration.jboss-seam-int-jbossas-7.0.0.GA-redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.seam.integration.jboss-seam-int-jbossas-7.0.0.GA-redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-common-3.0.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-common-3.0.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-extras-3.0.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-extras-3.0.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-ntlm-3.0.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-ntlm-3.0.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-spnego-3.0.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-spnego-3.0.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jbossxacml-2.0.8.Final-redhat-8.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.slf4j.slf4j-jboss-logmanager-1.1.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.slf4j.slf4j-jboss-logmanager-1.1.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.annotation.jboss-annotations-api_1.3_spec-2.0.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.annotation.jboss-annotations-api_1.3_spec-2.0.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.batch.jboss-batch-api_1.0_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.batch.jboss-batch-api_1.0_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.ejb.jboss-ejb-api_3.2_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.ejb.jboss-ejb-api_3.2_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.el.jboss-el-api_3.0_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.el.jboss-el-api_3.0_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.enterprise.concurrent.jboss-concurrency-api_1.0_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.enterprise.concurrent.jboss-concurrency-api_1.0_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.faces.jboss-jsf-api_2.3_spec-3.0.0.SP06-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.faces.jboss-jsf-api_2.3_spec-3.0.0.SP06-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.interceptor.jboss-interceptors-api_1.2_spec-2.0.0.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.interceptor.jboss-interceptors-api_1.2_spec-2.0.0.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.jms.jboss-jms-api_2.0_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.jms.jboss-jms-api_2.0_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.management.j2ee.jboss-j2eemgmt-api_1.1_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.management.j2ee.jboss-j2eemgmt-api_1.1_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.resource.jboss-connector-api_1.7_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.resource.jboss-connector-api_1.7_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.security.auth.message.jboss-jaspi-api_1.1_spec-2.0.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.security.auth.message.jboss-jaspi-api_1.1_spec-2.0.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.security.jacc.jboss-jacc-api_1.5_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.security.jacc.jboss-jacc-api_1.5_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.servlet.jboss-servlet-api_4.0_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.servlet.jboss-servlet-api_4.0_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.servlet.jsp.jboss-jsp-api_2.3_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.servlet.jsp.jboss-jsp-api_2.3_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.transaction.jboss-transaction-api_1.3_spec-2.0.0.Final-redhat-00005.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.transaction.jboss-transaction-api_1.3_spec-2.0.0.Final-redhat-00005.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.websocket.jboss-websocket-api_1.1_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.websocket.jboss-websocket-api_1.1_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.ws.rs.jboss-jaxrs-api_2.1_spec-2.0.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.ws.rs.jboss-jaxrs-api_2.1_spec-2.0.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.bind.jboss-jaxb-api_2.3_spec-2.0.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.bind.jboss-jaxb-api_2.3_spec-2.0.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.rpc.jboss-jaxrpc-api_1.1_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.rpc.jboss-jaxrpc-api_1.1_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.soap.jboss-saaj-api_1.3_spec-1.0.6.Final-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.soap.jboss-saaj-api_1.3_spec-1.0.6.Final-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.soap.jboss-saaj-api_1.4_spec-1.0.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.soap.jboss-saaj-api_1.4_spec-1.0.2.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.ws.jboss-jaxws-api_2.3_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.ws.jboss-jaxws-api_2.3_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.staxmapper-1.3.0.Final-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.staxmapper-1.3.0.Final-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.stdio.jboss-stdio-1.1.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.stdio.jboss-stdio-1.1.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.threads.jboss-threads-2.4.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.threads.jboss-threads-2.4.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-ejb-3.1.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-ejb-3.1.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-jsf-3.1.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-jsf-3.1.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-jta-3.1.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-jta-3.1.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-web-3.1.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-web-3.1.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.probe.weld-probe-core-3.1.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.probe.weld-probe-core-3.1.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.weld-api-3.1.0.SP3-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.weld-api-3.1.0.SP3-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.weld-core-impl-3.1.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.weld-core-impl-3.1.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.weld-spi-3.1.0.SP3-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.weld-spi-3.1.0.SP3-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-client-5.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-client-5.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-factories-5.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-factories-5.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-jaspi-5.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-jaspi-5.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-resources-5.4.4.Final-redhat-00001-wildfly2000.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-resources-5.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-server-5.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-server-5.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-transports-udp-5.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-transports-udp-5.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-transports-undertow-5.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-transports-undertow-5.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-api-1.1.2.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-api-1.1.2.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-common-3.3.3.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-common-3.3.3.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-common-tools-1.3.2.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-common-tools-1.3.2.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-spi-3.3.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-spi-3.3.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.projects.jaxws-undertow-httpspi-1.0.1.Final-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.projects.jaxws-undertow-httpspi-1.0.1.Final-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.xnio.netty.netty-xnio-transport-0.1.9.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.xnio.netty.netty-xnio-transport-0.1.9.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.xnio.xnio-api-3.8.7.SP1-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.xnio.xnio-api-3.8.7.SP1-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.xnio.xnio-nio-3.8.7.SP1-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.xnio.xnio-nio-3.8.7.SP1-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jctools.jctools-core-2.1.2.redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jctools.jctools-core-2.1.2.redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jctools.jctools-core-3.1.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jgroups.azure.jgroups-azure-1.3.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jgroups.azure.jgroups-azure-1.3.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jgroups.jgroups-4.2.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jgroups.jgroups-4.2.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jgroups.kubernetes.jgroups-kubernetes-1.0.16.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jgroups.kubernetes.jgroups-kubernetes-1.0.16.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jsoup.jsoup-1.14.2.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.jsoup.jsoup-1.14.2.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.jvnet.staxex.stax-ex-1.8.3.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.jvnet.staxex.stax-ex-1.8.3.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-core-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-core-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-profile-api-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-profile-api-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-saml-api-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-saml-api-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-saml-impl-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-saml-impl-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-security-api-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-security-api-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-security-impl-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-security-impl-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-soap-api-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-soap-api-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-api-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-api-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-impl-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-impl-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-saml-api-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-saml-api-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-saml-impl-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-saml-impl-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xmlsec-api-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xmlsec-api-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xmlsec-impl-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xmlsec-impl-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.ow2.asm.asm-9.1.0.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.ow2.asm.asm-util-9.1.0.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.acl-spi-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.authorization-spi-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.common-spi-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.identity-spi-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.jboss-security-spi-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.jbosssx-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.jbosssx-bare-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-5.0.3.Final-redhat-00009.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-acl-impl-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-bare-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-commons-1.0.0.final-redhat-5.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-commons-1.0.0.final-redhat-5.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-identity-impl-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-infinispan-5.0.3.Final-redhat-00009.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-infinispan-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-spi-bare-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.distribution.picketlink-wildfly8-2.5.5.SP12-redhat-00014.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-api-2.5.5.SP12-redhat-00011.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-api-2.5.5.SP12-redhat-00011.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-common-2.5.5.SP12-redhat-00011.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-common-2.5.5.SP12-redhat-00011.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-config-2.5.5.SP12-redhat-00011.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-config-2.5.5.SP12-redhat-00011.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-federation-2.5.5.SP12-redhat-00011.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-federation-2.5.5.SP12-redhat-00011.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-idm-api-2.5.5.SP12-redhat-00011.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-idm-api-2.5.5.SP12-redhat-00011.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-idm-impl-2.5.5.SP12-redhat-00011.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-idm-impl-2.5.5.SP12-redhat-00011.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-idm-simple-schema-2.5.5.SP12-redhat-00011.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-idm-simple-schema-2.5.5.SP12-redhat-00011.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-impl-2.5.5.SP12-redhat-00011.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-impl-2.5.5.SP12-redhat-00011.pom",
"Red Hat JBoss Enterprise Application Platform :org.projectodd.vdx.vdx-core-1.1.6.redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.projectodd.vdx.vdx-core-1.1.6.redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.projectodd.vdx.vdx-wildfly-1.1.6.redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.projectodd.vdx.vdx-wildfly-1.1.6.redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.reactivestreams.reactive-streams-1.0.3.redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.slf4j.jcl-over-slf4j-1.7.30.redhat-00004.pom",
"Red Hat JBoss Enterprise Application Platform :org.slf4j.slf4j-api-1.7.22.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.slf4j.slf4j-api-1.7.22.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.slf4j.slf4j-api-1.7.30.redhat-00004.pom",
"Red Hat JBoss Enterprise Application Platform :org.slf4j.slf4j-ext-1.7.22.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.slf4j.slf4j-ext-1.7.22.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.client.wildfly-client-config-1.0.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.client.wildfly-client-config-1.0.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.common.wildfly-common-1.5.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.common.wildfly-common-1.5.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-cli-15.0.18.Final-redhat-00001-client.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-cli-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-cli-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-controller-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-controller-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-controller-client-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-controller-client-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-management-client-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-management-client-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-management-subsystem-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-management-subsystem-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-security-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-security-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-security-api-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-security-api-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-deployment-repository-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-deployment-repository-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-deployment-scanner-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-deployment-scanner-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-discovery-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-discovery-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-domain-http-error-context-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-domain-http-error-context-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-domain-http-interface-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-domain-http-interface-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-domain-management-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-domain-management-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-elytron-integration-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-elytron-integration-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-elytron-tool-wrapper-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-elytron-tool-wrapper-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-embedded-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-embedded-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-event-logger-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-event-logger-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-host-controller-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-host-controller-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-io-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-io-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-jmx-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-jmx-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-launcher-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-launcher-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-logging-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-logging-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-management-client-content-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-management-client-content-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-network-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-network-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-patching-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-patching-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-platform-mbean-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-platform-mbean-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-process-controller-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-process-controller-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-protocol-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-protocol-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-remoting-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-remoting-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-request-controller-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-request-controller-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-security-manager-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-security-manager-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-server-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-server-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-threads-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-threads-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-version-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-version-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.discovery.wildfly-discovery-client-1.2.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.discovery.wildfly-discovery-client-1.2.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-java-2.2.3.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-java-2.2.3.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-ppc64le-2.2.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-ppc64le-2.2.2.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel6-x86_64-2.2.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel6-x86_64-2.2.2.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel7-x86_64-2.2.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel7-x86_64-2.2.2.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel8-x86_64-2.2.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel8-x86_64-2.2.2.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel9-x86_64-2.2.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel9-x86_64-2.2.2.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-s390x-2.2.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-s390x-2.2.2.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-windows-x86_64-2.2.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.elytron-web.undertow-server-1.9.2.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.elytron-web.undertow-server-1.9.2.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.elytron-web.undertow-server-servlet-1.9.2.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.elytron-web.undertow-server-servlet-1.9.2.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-asn1-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-asn1-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-audit-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-audit-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-deprecated-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-deprecated-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-http-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-http-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-sasl-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-sasl-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-util-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-util-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-base-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-base-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-client-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-client-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-source-deprecated-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-source-deprecated-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-source-impl-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-source-impl-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-store-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-store-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-digest-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-digest-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-encryption-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-encryption-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-basic-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-basic-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-bearer-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-bearer-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-cert-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-cert-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-deprecated-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-deprecated-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-digest-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-digest-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-external-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-external-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-form-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-form-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-oidc-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-spnego-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-spnego-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-sso-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-sso-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-stateful-basic-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-stateful-basic-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-util-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-util-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-jacc-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-jacc-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-jaspi-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-jaspi-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-jose-jwk-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-jose-util-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-json-util-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-json-util-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-keystore-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-keystore-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-digest-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-digest-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-gssapi-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-gssapi-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-http-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-http-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-oauth2-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-oauth2-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-scram-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-scram-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-password-impl-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-password-impl-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-permission-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-permission-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-provider-util-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-provider-util-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-jdbc-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-jdbc-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-ldap-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-ldap-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-token-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-token-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-anonymous-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-anonymous-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-auth-util-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-auth-util-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-deprecated-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-deprecated-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-digest-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-digest-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-entity-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-entity-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-external-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-external-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-gs2-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-gs2-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-gssapi-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-gssapi-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-localuser-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-localuser-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-oauth2-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-oauth2-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-otp-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-otp-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-plain-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-plain-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-scram-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-scram-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-security-manager-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-security-manager-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-security-manager-action-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-security-manager-action-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-ssl-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-ssl-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-tool-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-tool-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-util-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-util-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-cert-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-cert-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-cert-acme-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-cert-acme-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-cert-util-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-cert-util-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-deprecated-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-deprecated-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-principal-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-principal-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.transaction.wildfly-transaction-client-1.1.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.transaction.wildfly-transaction-client-1.1.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-client-common-1.1.13.SP1-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-client-common-1.1.13.SP1-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-ejb-client-1.1.13.SP1-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-ejb-client-1.1.13.SP1-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-naming-client-1.1.13.SP1-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-naming-client-1.1.13.SP1-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-transaction-client-1.1.13.SP1-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-transaction-client-1.1.13.SP1-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-naming-client-1.0.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-naming-client-1.0.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.yaml.snakeyaml-1.31.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.yaml.snakeyaml-1.31.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :wsdl4j.wsdl4j-1.6.3.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :wsdl4j.wsdl4j-1.6.3.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :xalan.serializer-2.7.1.redhat-00013.jar",
"Red Hat JBoss Enterprise Application Platform :xalan.serializer-2.7.1.redhat-00013.pom",
"Red Hat JBoss Enterprise Application Platform :xalan.xalan-2.7.1.redhat-00013.jar",
"Red Hat JBoss Enterprise Application Platform :xalan.xalan-2.7.1.redhat-00013.pom",
"Red Hat JBoss Enterprise Application Platform :xerces.xercesImpl-2.12.0.SP04-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :xerces.xercesImpl-2.12.0.SP04-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :xml-resolver.xml-resolver-1.2.0.redhat-12.jar",
"Red Hat JBoss Enterprise Application Platform :xml-resolver.xml-resolver-1.2.0.redhat-12.pom",
"Red Hat JBoss Enterprise Application Platform :xom.xom-1.3.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :xom.xom-1.3.7.redhat-00001.pom"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2072339"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Undertow. A potential security issue in flow control handling by the browser over HTTP/2 may cause overhead or a denial of service in the server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: potential security issue in flow control over HTTP/2 may lead to DOS(incomplete fix for CVE-2021-3629)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw occurs because of an incomplete fix for CVE-2021-3629.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform :io.undertow.undertow-core-2.2.19.SP2-redhat-00001.jar"
],
"known_not_affected": [
"Red Hat JBoss Enterprise Application Platform :@babel.code-frame-7.0.0",
"Red Hat JBoss Enterprise Application Platform :@babel.core-7.4.5",
"Red Hat JBoss Enterprise Application Platform :@babel.generator-7.4.4",
"Red Hat JBoss Enterprise Application Platform :@babel.helper-function-name-7.1.0",
"Red Hat JBoss Enterprise Application Platform :@babel.helper-get-function-arity-7.0.0",
"Red Hat JBoss Enterprise Application Platform :@babel.helper-split-export-declaration-7.4.4",
"Red Hat JBoss Enterprise Application Platform :@babel.helpers-7.4.4",
"Red Hat JBoss Enterprise Application Platform :@babel.highlight-7.0.0",
"Red Hat JBoss Enterprise Application Platform :@babel.parser-7.4.5",
"Red Hat JBoss Enterprise Application Platform :@babel.template-7.4.4",
"Red Hat JBoss Enterprise Application Platform :@babel.traverse-7.4.5",
"Red Hat JBoss Enterprise Application Platform :@babel.types-7.4.4",
"Red Hat JBoss Enterprise Application Platform :@mrmlnc.readdir-enhanced-2.2.1",
"Red Hat JBoss Enterprise Application Platform :@nodelib.fs.stat-1.1.3",
"Red Hat JBoss Enterprise Application Platform :@types.c3-0.6.0",
"Red Hat JBoss Enterprise Application Platform :@types.d3-4.13.0",
"Red Hat JBoss Enterprise Application Platform :@types.d3-array-1.2.1",
"Red Hat JBoss Enterprise Application Platform :@types.d3-axis-1.0.10",
"Red Hat JBoss Enterprise Application Platform :@types.d3-brush-1.0.8",
"Red Hat JBoss Enterprise Application Platform :@types.d3-chord-1.0.7",
"Red Hat JBoss Enterprise Application Platform :@types.d3-collection-1.0.7",
"Red Hat JBoss Enterprise Application Platform :@types.d3-color-1.2.1",
"Red Hat JBoss Enterprise Application Platform :@types.d3-dispatch-1.0.6",
"Red Hat JBoss Enterprise Application Platform :@types.d3-drag-1.2.1",
"Red Hat JBoss Enterprise Application Platform :@types.d3-dsv-1.0.33",
"Red Hat JBoss Enterprise Application Platform :@types.d3-ease-1.0.7",
"Red Hat JBoss Enterprise Application Platform :@types.d3-force-1.1.1",
"Red Hat JBoss Enterprise Application Platform :@types.d3-format-1.3.0",
"Red Hat JBoss Enterprise Application Platform :@types.d3-geo-1.10.3",
"Red Hat JBoss Enterprise Application Platform :@types.d3-hierarchy-1.1.2",
"Red Hat JBoss Enterprise Application Platform :@types.d3-interpolate-1.2.0",
"Red Hat JBoss Enterprise Application Platform :@types.d3-path-1.0.7",
"Red Hat JBoss Enterprise Application Platform :@types.d3-polygon-1.0.6",
"Red Hat JBoss Enterprise Application Platform :@types.d3-quadtree-1.0.5",
"Red Hat JBoss Enterprise Application Platform :@types.d3-queue-3.0.6",
"Red Hat JBoss Enterprise Application Platform :@types.d3-random-1.1.1",
"Red Hat JBoss Enterprise Application Platform :@types.d3-request-1.0.2",
"Red Hat JBoss Enterprise Application Platform :@types.d3-scale-1.0.13",
"Red Hat JBoss Enterprise Application Platform :@types.d3-selection-1.3.1",
"Red Hat JBoss Enterprise Application Platform :@types.d3-shape-1.2.3",
"Red Hat JBoss Enterprise Application Platform :@types.d3-time-1.0.8",
"Red Hat JBoss Enterprise Application Platform :@types.d3-time-format-2.1.0",
"Red Hat JBoss Enterprise Application Platform :@types.d3-timer-1.0.7",
"Red Hat JBoss Enterprise Application Platform :@types.d3-transition-1.1.1",
"Red Hat JBoss Enterprise Application Platform :@types.d3-voronoi-1.1.7",
"Red Hat JBoss Enterprise Application Platform :@types.d3-zoom-1.7.1",
"Red Hat JBoss Enterprise Application Platform :@types.events-3.0.0",
"Red Hat JBoss Enterprise Application Platform :@types.geojson-7946.0.3",
"Red Hat JBoss Enterprise Application Platform :@types.glob-7.1.1",
"Red Hat JBoss Enterprise Application Platform :@types.minimatch-3.0.3",
"Red Hat JBoss Enterprise Application Platform :@types.node-12.0.10",
"Red Hat JBoss Enterprise Application Platform :@types.unist-2.0.3",
"Red Hat JBoss Enterprise Application Platform :@types.vfile-3.0.2",
"Red Hat JBoss Enterprise Application Platform :@types.vfile-message-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.abab-1.0.4",
"Red Hat JBoss Enterprise Application Platform :None.abbrev-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.abstract-leveldown-6.0.3",
"Red Hat JBoss Enterprise Application Platform :None.ace-builds-1.4.5",
"Red Hat JBoss Enterprise Application Platform :None.acorn-2.7.0",
"Red Hat JBoss Enterprise Application Platform :None.acorn-globals-1.0.9",
"Red Hat JBoss Enterprise Application Platform :None.ajv-6.10.0",
"Red Hat JBoss Enterprise Application Platform :None.amdefine-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.ansi-regex-2.1.1",
"Red Hat JBoss Enterprise Application Platform :None.ansi-regex-4.1.0",
"Red Hat JBoss Enterprise Application Platform :None.ansi-styles-2.2.1",
"Red Hat JBoss Enterprise Application Platform :None.ansi-styles-3.2.1",
"Red Hat JBoss Enterprise Application Platform :None.aproba-1.2.0",
"Red Hat JBoss Enterprise Application Platform :None.are-we-there-yet-1.1.5",
"Red Hat JBoss Enterprise Application Platform :None.argparse-1.0.10",
"Red Hat JBoss Enterprise Application Platform :None.argsarray-0.0.1",
"Red Hat JBoss Enterprise Application Platform :None.arr-diff-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.arr-flatten-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.arr-union-3.1.0",
"Red Hat JBoss Enterprise Application Platform :None.array-each-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.array-find-index-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.array-slice-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.array-union-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.array-uniq-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.array-unique-0.3.2",
"Red Hat JBoss Enterprise Application Platform :None.arrify-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.artemis-service.exe-None",
"Red Hat JBoss Enterprise Application Platform :None.asap-2.0.6",
"Red Hat JBoss Enterprise Application Platform :None.asn1-0.2.4",
"Red Hat JBoss Enterprise Application Platform :None.assert-plus-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.assign-symbols-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.astral-regex-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.async-1.5.2",
"Red Hat JBoss Enterprise Application Platform :None.async-2.6.2",
"Red Hat JBoss Enterprise Application Platform :None.asynckit-0.4.0",
"Red Hat JBoss Enterprise Application Platform :None.atob-2.1.2",
"Red Hat JBoss Enterprise Application Platform :None.autocompleter-4.0.2",
"Red Hat JBoss Enterprise Application Platform :None.autoprefixer-9.6.0",
"Red Hat JBoss Enterprise Application Platform :None.aws-sign2-0.7.0",
"Red Hat JBoss Enterprise Application Platform :None.aws4-1.8.0",
"Red Hat JBoss Enterprise Application Platform :None.babel-code-frame-6.26.0",
"Red Hat JBoss Enterprise Application Platform :None.babel-generator-6.26.1",
"Red Hat JBoss Enterprise Application Platform :None.babel-messages-6.23.0",
"Red Hat JBoss Enterprise Application Platform :None.babel-runtime-6.26.0",
"Red Hat JBoss Enterprise Application Platform :None.babel-traverse-6.26.0",
"Red Hat JBoss Enterprise Application Platform :None.babel-types-6.26.0",
"Red Hat JBoss Enterprise Application Platform :None.babylon-6.18.0",
"Red Hat JBoss Enterprise Application Platform :None.bail-1.0.4",
"Red Hat JBoss Enterprise Application Platform :None.balanced-match-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.base-0.11.2",
"Red Hat JBoss Enterprise Application Platform :None.bcrypt-pbkdf-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.body-5.1.0",
"Red Hat JBoss Enterprise Application Platform :None.boolbase-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-3.3.7",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-3.4.1",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-datepicker-1.8.0",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-datepicker-1.9.0",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-sass-3.4.1",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-select-1.12.2",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-select-1.13.10",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-slider-10.6.1",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-slider-9.10.0",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-switch-3.3.4",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-switch-3.3.5",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-touchspin-3.1.1",
"Red Hat JBoss Enterprise Application Platform :None.brace-expansion-1.1.11",
"Red Hat JBoss Enterprise Application Platform :None.braces-2.3.2",
"Red Hat JBoss Enterprise Application Platform :None.braces-3.0.2",
"Red Hat JBoss Enterprise Application Platform :None.browserslist-4.6.3",
"Red Hat JBoss Enterprise Application Platform :None.buffer-from-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.bytes-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.c3-0.4.23",
"Red Hat JBoss Enterprise Application Platform :None.c3-0.7.1",
"Red Hat JBoss Enterprise Application Platform :None.cache-base-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.call-me-maybe-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.caller-callsite-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.caller-path-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.callsites-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.camelcase-2.1.1",
"Red Hat JBoss Enterprise Application Platform :None.camelcase-4.1.0",
"Red Hat JBoss Enterprise Application Platform :None.camelcase-keys-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.camelcase-keys-4.2.0",
"Red Hat JBoss Enterprise Application Platform :None.caniuse-lite-1.0.30000978",
"Red Hat JBoss Enterprise Application Platform :None.caseless-0.12.0",
"Red Hat JBoss Enterprise Application Platform :None.ccount-1.0.4",
"Red Hat JBoss Enterprise Application Platform :None.chalk-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.chalk-2.4.2",
"Red Hat JBoss Enterprise Application Platform :None.character-entities-1.2.3",
"Red Hat JBoss Enterprise Application Platform :None.character-entities-html4-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.character-entities-legacy-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.character-reference-invalid-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.cheerio-0.20.0",
"Red Hat JBoss Enterprise Application Platform :None.cheerio-1.0.0-rc.2",
"Red Hat JBoss Enterprise Application Platform :None.chownr-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.class-utils-0.3.6",
"Red Hat JBoss Enterprise Application Platform :None.clean-css-4.2.1",
"Red Hat JBoss Enterprise Application Platform :None.clipboard-2.0.11",
"Red Hat JBoss Enterprise Application Platform :None.clone-2.1.2",
"Red Hat JBoss Enterprise Application Platform :None.clone-buffer-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.clone-regexp-2.2.0",
"Red Hat JBoss Enterprise Application Platform :None.code-point-at-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.coffeescript-1.10.0",
"Red Hat JBoss Enterprise Application Platform :None.collapse-white-space-1.0.5",
"Red Hat JBoss Enterprise Application Platform :None.collection-visit-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.color-convert-1.9.3",
"Red Hat JBoss Enterprise Application Platform :None.color-logger-0.0.3",
"Red Hat JBoss Enterprise Application Platform :None.color-logger-0.0.6",
"Red Hat JBoss Enterprise Application Platform :None.color-name-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.colors-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.combined-stream-1.0.8",
"Red Hat JBoss Enterprise Application Platform :None.commander-2.20.0",
"Red Hat JBoss Enterprise Application Platform :None.component-emitter-1.3.0",
"Red Hat JBoss Enterprise Application Platform :None.concat-map-0.0.1",
"Red Hat JBoss Enterprise Application Platform :None.console-control-strings-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.continuable-cache-0.3.1",
"Red Hat JBoss Enterprise Application Platform :None.convert-source-map-1.6.0",
"Red Hat JBoss Enterprise Application Platform :None.copy-descriptor-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.core-js-0.9.18",
"Red Hat JBoss Enterprise Application Platform :None.core-js-2.6.9",
"Red Hat JBoss Enterprise Application Platform :None.core-util-is-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.cosmiconfig-5.2.1",
"Red Hat JBoss Enterprise Application Platform :None.css-2.2.4",
"Red Hat JBoss Enterprise Application Platform :None.css-parse-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.css-select-1.2.0",
"Red Hat JBoss Enterprise Application Platform :None.css-unit-converter-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.css-what-2.1.3",
"Red Hat JBoss Enterprise Application Platform :None.cssom-0.3.6",
"Red Hat JBoss Enterprise Application Platform :None.cssstyle-0.2.37",
"Red Hat JBoss Enterprise Application Platform :None.currently-unhandled-0.4.1",
"Red Hat JBoss Enterprise Application Platform :None.d3-3.5.17",
"Red Hat JBoss Enterprise Application Platform :None.d3-5.9.2",
"Red Hat JBoss Enterprise Application Platform :None.d3-array-1.2.4",
"Red Hat JBoss Enterprise Application Platform :None.d3-axis-1.0.12",
"Red Hat JBoss Enterprise Application Platform :None.d3-brush-1.0.6",
"Red Hat JBoss Enterprise Application Platform :None.d3-chord-1.0.6",
"Red Hat JBoss Enterprise Application Platform :None.d3-collection-1.0.7",
"Red Hat JBoss Enterprise Application Platform :None.d3-color-1.2.3",
"Red Hat JBoss Enterprise Application Platform :None.d3-contour-1.3.2",
"Red Hat JBoss Enterprise Application Platform :None.d3-dispatch-1.0.5",
"Red Hat JBoss Enterprise Application Platform :None.d3-drag-1.2.3",
"Red Hat JBoss Enterprise Application Platform :None.d3-dsv-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.d3-ease-1.0.5",
"Red Hat JBoss Enterprise Application Platform :None.d3-fetch-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.d3-force-1.2.1",
"Red Hat JBoss Enterprise Application Platform :None.d3-format-1.3.2",
"Red Hat JBoss Enterprise Application Platform :None.d3-geo-1.11.6",
"Red Hat JBoss Enterprise Application Platform :None.d3-hierarchy-1.1.8",
"Red Hat JBoss Enterprise Application Platform :None.d3-interpolate-1.3.2",
"Red Hat JBoss Enterprise Application Platform :None.d3-path-1.0.7",
"Red Hat JBoss Enterprise Application Platform :None.d3-polygon-1.0.5",
"Red Hat JBoss Enterprise Application Platform :None.d3-quadtree-1.0.6",
"Red Hat JBoss Enterprise Application Platform :None.d3-random-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.d3-scale-2.2.2",
"Red Hat JBoss Enterprise Application Platform :None.d3-scale-chromatic-1.3.3",
"Red Hat JBoss Enterprise Application Platform :None.d3-selection-1.4.0",
"Red Hat JBoss Enterprise Application Platform :None.d3-shape-1.3.5",
"Red Hat JBoss Enterprise Application Platform :None.d3-time-1.0.11",
"Red Hat JBoss Enterprise Application Platform :None.d3-time-format-2.1.3",
"Red Hat JBoss Enterprise Application Platform :None.d3-timer-1.0.9",
"Red Hat JBoss Enterprise Application Platform :None.d3-transition-1.2.0",
"Red Hat JBoss Enterprise Application Platform :None.d3-voronoi-1.1.4",
"Red Hat JBoss Enterprise Application Platform :None.d3-zoom-1.7.3",
"Red Hat JBoss Enterprise Application Platform :None.dashdash-1.14.1",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-1.10.16",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-1.10.19",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-bs-1.10.16",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-buttons-1.5.6",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-colreorder-1.4.1",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-colreorder-bs-1.3.3",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-keytable-2.5.0",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-select-1.2.7",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-select-1.3.0",
"Red Hat JBoss Enterprise Application Platform :None.dateformat-1.0.12",
"Red Hat JBoss Enterprise Application Platform :None.debug-2.6.9",
"Red Hat JBoss Enterprise Application Platform :None.debug-3.2.6",
"Red Hat JBoss Enterprise Application Platform :None.debug-4.1.1",
"Red Hat JBoss Enterprise Application Platform :None.decamelize-1.2.0",
"Red Hat JBoss Enterprise Application Platform :None.decamelize-keys-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.decode-uri-component-0.2.0",
"Red Hat JBoss Enterprise Application Platform :None.deep-is-0.1.3",
"Red Hat JBoss Enterprise Application Platform :None.deferred-leveldown-5.0.1",
"Red Hat JBoss Enterprise Application Platform :None.define-property-0.2.5",
"Red Hat JBoss Enterprise Application Platform :None.define-property-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.define-property-2.0.2",
"Red Hat JBoss Enterprise Application Platform :None.delayed-stream-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.delegate-3.2.0",
"Red Hat JBoss Enterprise Application Platform :None.delegates-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.detect-file-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.detect-indent-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.diff-3.5.0",
"Red Hat JBoss Enterprise Application Platform :None.dir-glob-2.2.2",
"Red Hat JBoss Enterprise Application Platform :None.dom-serializer-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.domelementtype-1.3.1",
"Red Hat JBoss Enterprise Application Platform :None.domhandler-2.3.0",
"Red Hat JBoss Enterprise Application Platform :None.domhandler-2.4.2",
"Red Hat JBoss Enterprise Application Platform :None.domutils-1.5.1",
"Red Hat JBoss Enterprise Application Platform :None.dot-prop-4.2.0",
"Red Hat JBoss Enterprise Application Platform :None.double-ended-queue-2.1.0-0",
"Red Hat JBoss Enterprise Application Platform :None.drmonty-datatables-colvis-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.duplexer-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.ecc-jsbn-0.1.2",
"Red Hat JBoss Enterprise Application Platform :None.electron-to-chromium-1.3.174",
"Red Hat JBoss Enterprise Application Platform :None.emoji-regex-7.0.3",
"Red Hat JBoss Enterprise Application Platform :None.emoji-regex-8.0.0",
"Red Hat JBoss Enterprise Application Platform :None.encoding-down-6.1.0",
"Red Hat JBoss Enterprise Application Platform :None.end-stream-0.1.0",
"Red Hat JBoss Enterprise Application Platform :None.entities-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.entities-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.env-paths-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.eonasdan-bootstrap-datetimepicker-4.17.47",
"Red Hat JBoss Enterprise Application Platform :None.errno-0.1.7",
"Red Hat JBoss Enterprise Application Platform :None.error-7.0.2",
"Red Hat JBoss Enterprise Application Platform :None.error-ex-1.3.2",
"Red Hat JBoss Enterprise Application Platform :None.es6-denodeify-0.1.5",
"Red Hat JBoss Enterprise Application Platform :None.escape-html-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.escape-html-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.escape-string-regexp-1.0.5",
"Red Hat JBoss Enterprise Application Platform :None.escodegen-1.11.1",
"Red Hat JBoss Enterprise Application Platform :None.escodegen-1.7.0",
"Red Hat JBoss Enterprise Application Platform :None.esdoc-0.4.8",
"Red Hat JBoss Enterprise Application Platform :None.esdoc-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.espree-2.2.0",
"Red Hat JBoss Enterprise Application Platform :None.esprima-1.2.5",
"Red Hat JBoss Enterprise Application Platform :None.esprima-3.1.3",
"Red Hat JBoss Enterprise Application Platform :None.esprima-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.estraverse-1.9.3",
"Red Hat JBoss Enterprise Application Platform :None.estraverse-4.1.0",
"Red Hat JBoss Enterprise Application Platform :None.estraverse-4.2.0",
"Red Hat JBoss Enterprise Application Platform :None.esutils-2.0.2",
"Red Hat JBoss Enterprise Application Platform :None.eventemitter2-0.4.14",
"Red Hat JBoss Enterprise Application Platform :None.execall-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.exit-0.1.2",
"Red Hat JBoss Enterprise Application Platform :None.expand-brackets-2.1.4",
"Red Hat JBoss Enterprise Application Platform :None.expand-tilde-2.0.2",
"Red Hat JBoss Enterprise Application Platform :None.extend-3.0.2",
"Red Hat JBoss Enterprise Application Platform :None.extend-shallow-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.extend-shallow-3.0.2",
"Red Hat JBoss Enterprise Application Platform :None.extglob-2.0.4",
"Red Hat JBoss Enterprise Application Platform :None.extsprintf-1.3.0",
"Red Hat JBoss Enterprise Application Platform :None.fast-deep-equal-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.fast-future-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.fast-glob-2.2.7",
"Red Hat JBoss Enterprise Application Platform :None.fast-json-stable-stringify-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.fast-levenshtein-1.0.7",
"Red Hat JBoss Enterprise Application Platform :None.fast-levenshtein-2.0.6",
"Red Hat JBoss Enterprise Application Platform :None.faye-websocket-0.10.0",
"Red Hat JBoss Enterprise Application Platform :None.fetch-cookie-0.7.0",
"Red Hat JBoss Enterprise Application Platform :None.figures-1.7.0",
"Red Hat JBoss Enterprise Application Platform :None.file-entry-cache-5.0.1",
"Red Hat JBoss Enterprise Application Platform :None.file-sync-cmp-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.fill-range-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.fill-range-7.0.1",
"Red Hat JBoss Enterprise Application Platform :None.find-up-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.find-up-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.findup-sync-0.3.0",
"Red Hat JBoss Enterprise Application Platform :None.findup-sync-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.fined-1.2.0",
"Red Hat JBoss Enterprise Application Platform :None.flagged-respawn-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.flat-cache-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.flatted-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.font-awesome-4.7.0",
"Red Hat JBoss Enterprise Application Platform :None.font-awesome-sass-4.7.0",
"Red Hat JBoss Enterprise Application Platform :None.for-in-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.for-own-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.forever-agent-0.6.1",
"Red Hat JBoss Enterprise Application Platform :None.form-data-2.3.3",
"Red Hat JBoss Enterprise Application Platform :None.fragment-cache-0.2.1",
"Red Hat JBoss Enterprise Application Platform :None.fs-extra-0.26.5",
"Red Hat JBoss Enterprise Application Platform :None.fs-extra-5.0.0",
"Red Hat JBoss Enterprise Application Platform :None.fs-minipass-1.2.6",
"Red Hat JBoss Enterprise Application Platform :None.fs.realpath-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.gauge-2.7.4",
"Red Hat JBoss Enterprise Application Platform :None.gaze-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.get-stdin-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.get-stdin-7.0.0",
"Red Hat JBoss Enterprise Application Platform :None.get-value-2.0.6",
"Red Hat JBoss Enterprise Application Platform :None.getobject-0.1.0",
"Red Hat JBoss Enterprise Application Platform :None.getpass-0.1.7",
"Red Hat JBoss Enterprise Application Platform :None.glob-5.0.15",
"Red Hat JBoss Enterprise Application Platform :None.glob-7.0.6",
"Red Hat JBoss Enterprise Application Platform :None.glob-7.1.4",
"Red Hat JBoss Enterprise Application Platform :None.glob-parent-3.1.0",
"Red Hat JBoss Enterprise Application Platform :None.glob-to-regexp-0.3.0",
"Red Hat JBoss Enterprise Application Platform :None.global-modules-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.global-modules-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.global-prefix-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.global-prefix-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.globals-11.12.0",
"Red Hat JBoss Enterprise Application Platform :None.globals-9.18.0",
"Red Hat JBoss Enterprise Application Platform :None.globby-9.2.0",
"Red Hat JBoss Enterprise Application Platform :None.globjoin-0.1.4",
"Red Hat JBoss Enterprise Application Platform :None.globule-1.2.1",
"Red Hat JBoss Enterprise Application Platform :None.gonzales-pe-4.2.4",
"Red Hat JBoss Enterprise Application Platform :None.good-listener-1.2.2",
"Red Hat JBoss Enterprise Application Platform :None.google-code-prettify-1.0.5",
"Red Hat JBoss Enterprise Application Platform :None.graceful-fs-4.1.15",
"Red Hat JBoss Enterprise Application Platform :None.grunt-1.0.4",
"Red Hat JBoss Enterprise Application Platform :None.grunt-cli-1.2.0",
"Red Hat JBoss Enterprise Application Platform :None.grunt-cli-1.3.2",
"Red Hat JBoss Enterprise Application Platform :None.grunt-contrib-clean-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.grunt-contrib-concat-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.grunt-contrib-copy-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.grunt-contrib-cssmin-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.grunt-contrib-less-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.grunt-contrib-watch-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.grunt-css-count-0.3.2",
"Red Hat JBoss Enterprise Application Platform :None.grunt-esdoc-0.0.4",
"Red Hat JBoss Enterprise Application Platform :None.grunt-known-options-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.grunt-legacy-log-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.grunt-legacy-log-utils-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.grunt-legacy-util-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.grunt-postcss-0.9.0",
"Red Hat JBoss Enterprise Application Platform :None.grunt-stylelint-0.11.0",
"Red Hat JBoss Enterprise Application Platform :None.gzip-size-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.har-schema-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.har-validator-5.1.3",
"Red Hat JBoss Enterprise Application Platform :None.has-ansi-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.has-flag-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.has-unicode-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.has-value-0.3.1",
"Red Hat JBoss Enterprise Application Platform :None.has-value-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.has-values-0.1.4",
"Red Hat JBoss Enterprise Application Platform :None.has-values-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.homedir-polyfill-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.hooker-0.2.3",
"Red Hat JBoss Enterprise Application Platform :None.hosted-git-info-2.7.1",
"Red Hat JBoss Enterprise Application Platform :None.html-tags-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.htmlparser2-3.10.1",
"Red Hat JBoss Enterprise Application Platform :None.htmlparser2-3.8.3",
"Red Hat JBoss Enterprise Application Platform :None.http-parser-js-0.4.10",
"Red Hat JBoss Enterprise Application Platform :None.http-signature-1.2.0",
"Red Hat JBoss Enterprise Application Platform :None.ice-cap-0.0.4",
"Red Hat JBoss Enterprise Application Platform :None.iconv-lite-0.4.24",
"Red Hat JBoss Enterprise Application Platform :None.ignore-4.0.6",
"Red Hat JBoss Enterprise Application Platform :None.ignore-5.1.2",
"Red Hat JBoss Enterprise Application Platform :None.image-size-0.5.5",
"Red Hat JBoss Enterprise Application Platform :None.immediate-3.0.6",
"Red Hat JBoss Enterprise Application Platform :None.immediate-3.2.3",
"Red Hat JBoss Enterprise Application Platform :None.import-fresh-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.import-lazy-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.imurmurhash-0.1.4",
"Red Hat JBoss Enterprise Application Platform :None.indent-string-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.indent-string-3.2.0",
"Red Hat JBoss Enterprise Application Platform :None.indexes-of-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.inflight-1.0.6",
"Red Hat JBoss Enterprise Application Platform :None.inherits-2.0.3",
"Red Hat JBoss Enterprise Application Platform :None.ini-1.3.5",
"Red Hat JBoss Enterprise Application Platform :None.interpret-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.invariant-2.2.4",
"Red Hat JBoss Enterprise Application Platform :None.is-absolute-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-accessor-descriptor-0.1.6",
"Red Hat JBoss Enterprise Application Platform :None.is-accessor-descriptor-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-alphabetical-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.is-alphanumeric-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-alphanumerical-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.is-arrayish-0.2.1",
"Red Hat JBoss Enterprise Application Platform :None.is-buffer-1.1.6",
"Red Hat JBoss Enterprise Application Platform :None.is-buffer-2.0.3",
"Red Hat JBoss Enterprise Application Platform :None.is-data-descriptor-0.1.4",
"Red Hat JBoss Enterprise Application Platform :None.is-data-descriptor-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-decimal-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.is-descriptor-0.1.6",
"Red Hat JBoss Enterprise Application Platform :None.is-descriptor-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.is-directory-0.3.1",
"Red Hat JBoss Enterprise Application Platform :None.is-extendable-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.is-extendable-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.is-extglob-2.1.1",
"Red Hat JBoss Enterprise Application Platform :None.is-finite-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.is-fullwidth-code-point-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-fullwidth-code-point-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-fullwidth-code-point-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-glob-3.1.0",
"Red Hat JBoss Enterprise Application Platform :None.is-glob-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.is-hexadecimal-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.is-number-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-number-7.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-obj-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.is-plain-obj-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.is-plain-object-2.0.4",
"Red Hat JBoss Enterprise Application Platform :None.is-regexp-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.is-relative-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-typedarray-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-unc-path-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-utf8-0.2.1",
"Red Hat JBoss Enterprise Application Platform :None.is-whitespace-character-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.is-windows-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.is-word-character-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.isarray-0.0.1",
"Red Hat JBoss Enterprise Application Platform :None.isarray-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.isexe-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.isobject-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.isobject-3.0.1",
"Red Hat JBoss Enterprise Application Platform :None.isstream-0.1.2",
"Red Hat JBoss Enterprise Application Platform :None.jansi.dll-None",
"Red Hat JBoss Enterprise Application Platform :None.jboss-eap-7.4.7-runtime-maven-repository.zip-None",
"Red Hat JBoss Enterprise Application Platform :None.jquery-3.2.1",
"Red Hat JBoss Enterprise Application Platform :None.jquery-3.4.1",
"Red Hat JBoss Enterprise Application Platform :None.jquery-match-height-0.7.2",
"Red Hat JBoss Enterprise Application Platform :None.js-cookie-2.2.0",
"Red Hat JBoss Enterprise Application Platform :None.js-tokens-3.0.2",
"Red Hat JBoss Enterprise Application Platform :None.js-tokens-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.js-yaml-3.13.1",
"Red Hat JBoss Enterprise Application Platform :None.jsbn-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.jsdom-7.2.2",
"Red Hat JBoss Enterprise Application Platform :None.jsesc-1.3.0",
"Red Hat JBoss Enterprise Application Platform :None.jsesc-2.5.2",
"Red Hat JBoss Enterprise Application Platform :None.json-parse-better-errors-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.json-schema-0.2.3",
"Red Hat JBoss Enterprise Application Platform :None.json-schema-traverse-0.4.1",
"Red Hat JBoss Enterprise Application Platform :None.json-stringify-safe-5.0.1",
"Red Hat JBoss Enterprise Application Platform :None.json5-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.jsonfile-2.4.0",
"Red Hat JBoss Enterprise Application Platform :None.jsonfile-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.jsprim-1.4.1",
"Red Hat JBoss Enterprise Application Platform :None.jstree-3.3.8",
"Red Hat JBoss Enterprise Application Platform :None.kind-of-3.2.2",
"Red Hat JBoss Enterprise Application Platform :None.kind-of-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.kind-of-5.1.0",
"Red Hat JBoss Enterprise Application Platform :None.kind-of-6.0.2",
"Red Hat JBoss Enterprise Application Platform :None.klaw-1.3.1",
"Red Hat JBoss Enterprise Application Platform :None.known-css-properties-0.14.0",
"Red Hat JBoss Enterprise Application Platform :None.less-3.9.0",
"Red Hat JBoss Enterprise Application Platform :None.level-5.0.1",
"Red Hat JBoss Enterprise Application Platform :None.level-codec-9.0.1",
"Red Hat JBoss Enterprise Application Platform :None.level-concat-iterator-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.level-errors-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.level-iterator-stream-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.level-js-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.level-packager-5.0.2",
"Red Hat JBoss Enterprise Application Platform :None.level-write-stream-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.leveldown-5.0.2",
"Red Hat JBoss Enterprise Application Platform :None.levelup-4.0.2",
"Red Hat JBoss Enterprise Application Platform :None.leven-3.1.0",
"Red Hat JBoss Enterprise Application Platform :None.levn-0.2.5",
"Red Hat JBoss Enterprise Application Platform :None.levn-0.3.0",
"Red Hat JBoss Enterprise Application Platform :None.libjansi.so-None",
"Red Hat JBoss Enterprise Application Platform :None.libnetty_transport_native_epoll_x86_64.so-None",
"Red Hat JBoss Enterprise Application Platform :None.liftoff-2.5.0",
"Red Hat JBoss Enterprise Application Platform :None.livereload-js-2.4.0",
"Red Hat JBoss Enterprise Application Platform :None.load-json-file-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.load-json-file-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.locate-path-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.lodash-4.17.11",
"Red Hat JBoss Enterprise Application Platform :None.log-symbols-2.2.0",
"Red Hat JBoss Enterprise Application Platform :None.log-symbols-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.longest-streak-2.0.3",
"Red Hat JBoss Enterprise Application Platform :None.loose-envify-1.4.0",
"Red Hat JBoss Enterprise Application Platform :None.loud-rejection-1.6.0",
"Red Hat JBoss Enterprise Application Platform :None.ltgt-2.2.1",
"Red Hat JBoss Enterprise Application Platform :None.make-iterator-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.map-cache-0.2.2",
"Red Hat JBoss Enterprise Application Platform :None.map-obj-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.map-obj-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.map-visit-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.markdown-escapes-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.markdown-table-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.marked-0.3.19",
"Red Hat JBoss Enterprise Application Platform :None.marked-0.3.5",
"Red Hat JBoss Enterprise Application Platform :None.marked-0.7.0",
"Red Hat JBoss Enterprise Application Platform :None.matchdep-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.mathml-tag-names-2.1.1",
"Red Hat JBoss Enterprise Application Platform :None.maxmin-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.mdast-util-compact-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.meow-3.7.0",
"Red Hat JBoss Enterprise Application Platform :None.meow-5.0.0",
"Red Hat JBoss Enterprise Application Platform :None.merge2-1.2.3",
"Red Hat JBoss Enterprise Application Platform :None.micromatch-3.1.10",
"Red Hat JBoss Enterprise Application Platform :None.micromatch-4.0.2",
"Red Hat JBoss Enterprise Application Platform :None.mime-1.6.0",
"Red Hat JBoss Enterprise Application Platform :None.mime-db-1.40.0",
"Red Hat JBoss Enterprise Application Platform :None.mime-types-2.1.24",
"Red Hat JBoss Enterprise Application Platform :None.minimatch-3.0.4",
"Red Hat JBoss Enterprise Application Platform :None.minimist-0.0.8",
"Red Hat JBoss Enterprise Application Platform :None.minimist-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.minimist-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.minimist-1.2.6",
"Red Hat JBoss Enterprise Application Platform :None.minimist-options-3.0.2",
"Red Hat JBoss Enterprise Application Platform :None.minipass-2.3.5",
"Red Hat JBoss Enterprise Application Platform :None.minizlib-1.2.1",
"Red Hat JBoss Enterprise Application Platform :None.mixin-deep-1.3.2",
"Red Hat JBoss Enterprise Application Platform :None.mkdirp-0.5.1",
"Red Hat JBoss Enterprise Application Platform :None.moment-2.29.4",
"Red Hat JBoss Enterprise Application Platform :None.moment-timezone-0.4.1",
"Red Hat JBoss Enterprise Application Platform :None.ms-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.ms-2.1.2",
"Red Hat JBoss Enterprise Application Platform :None.nanomatch-1.2.13",
"Red Hat JBoss Enterprise Application Platform :None.napi-macros-1.8.2",
"Red Hat JBoss Enterprise Application Platform :None.node-fetch-2.4.1",
"Red Hat JBoss Enterprise Application Platform :None.node-gyp-5.0.1",
"Red Hat JBoss Enterprise Application Platform :None.node-gyp-build-3.8.0",
"Red Hat JBoss Enterprise Application Platform :None.node-releases-1.1.23",
"Red Hat JBoss Enterprise Application Platform :None.nopt-3.0.6",
"Red Hat JBoss Enterprise Application Platform :None.nopt-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.normalize-package-data-2.5.0",
"Red Hat JBoss Enterprise Application Platform :None.normalize-range-0.1.2",
"Red Hat JBoss Enterprise Application Platform :None.normalize-selector-0.2.0",
"Red Hat JBoss Enterprise Application Platform :None.npmlog-4.1.2",
"Red Hat JBoss Enterprise Application Platform :None.nth-check-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.num2fraction-1.2.2",
"Red Hat JBoss Enterprise Application Platform :None.number-is-nan-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.nwmatcher-1.4.4",
"Red Hat JBoss Enterprise Application Platform :None.oauth-sign-0.9.0",
"Red Hat JBoss Enterprise Application Platform :None.object-assign-4.1.1",
"Red Hat JBoss Enterprise Application Platform :None.object-copy-0.1.0",
"Red Hat JBoss Enterprise Application Platform :None.object-visit-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.object.defaults-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.object.map-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.object.pick-1.3.0",
"Red Hat JBoss Enterprise Application Platform :None.once-1.4.0",
"Red Hat JBoss Enterprise Application Platform :None.opencollective-postinstall-2.0.2",
"Red Hat JBoss Enterprise Application Platform :None.optionator-0.5.0",
"Red Hat JBoss Enterprise Application Platform :None.optionator-0.8.2",
"Red Hat JBoss Enterprise Application Platform :None.os-homedir-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.os-tmpdir-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.osenv-0.1.5",
"Red Hat JBoss Enterprise Application Platform :None.p-limit-1.3.0",
"Red Hat JBoss Enterprise Application Platform :None.p-locate-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.p-try-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.parse-entities-1.2.2",
"Red Hat JBoss Enterprise Application Platform :None.parse-filepath-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.parse-json-2.2.0",
"Red Hat JBoss Enterprise Application Platform :None.parse-json-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.parse-passwd-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.parse5-1.5.1",
"Red Hat JBoss Enterprise Application Platform :None.parse5-3.0.3",
"Red Hat JBoss Enterprise Application Platform :None.pascalcase-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.path-dirname-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.path-exists-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.path-exists-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.path-is-absolute-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.path-parse-1.0.6",
"Red Hat JBoss Enterprise Application Platform :None.path-root-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.path-root-regex-0.1.2",
"Red Hat JBoss Enterprise Application Platform :None.path-type-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.path-type-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.patternfly-3.59.2",
"Red Hat JBoss Enterprise Application Platform :None.patternfly-bootstrap-combobox-1.1.7",
"Red Hat JBoss Enterprise Application Platform :None.patternfly-bootstrap-treeview-2.1.5",
"Red Hat JBoss Enterprise Application Platform :None.performance-now-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.picomatch-2.0.7",
"Red Hat JBoss Enterprise Application Platform :None.pify-2.3.0",
"Red Hat JBoss Enterprise Application Platform :None.pify-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.pify-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.pinkie-2.0.4",
"Red Hat JBoss Enterprise Application Platform :None.pinkie-promise-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.pixrem-5.0.0",
"Red Hat JBoss Enterprise Application Platform :None.pom.xml-None",
"Red Hat JBoss Enterprise Application Platform :None.posix-character-classes-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.postcss-6.0.23",
"Red Hat JBoss Enterprise Application Platform :None.postcss-7.0.17",
"Red Hat JBoss Enterprise Application Platform :None.postcss-html-0.36.0",
"Red Hat JBoss Enterprise Application Platform :None.postcss-jsx-0.36.1",
"Red Hat JBoss Enterprise Application Platform :None.postcss-less-3.1.4",
"Red Hat JBoss Enterprise Application Platform :None.postcss-markdown-0.36.0",
"Red Hat JBoss Enterprise Application Platform :None.postcss-media-query-parser-0.2.3",
"Red Hat JBoss Enterprise Application Platform :None.postcss-reporter-6.0.1",
"Red Hat JBoss Enterprise Application Platform :None.postcss-resolve-nested-selector-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.postcss-safe-parser-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.postcss-sass-0.3.5",
"Red Hat JBoss Enterprise Application Platform :None.postcss-scss-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.postcss-selector-parser-3.1.1",
"Red Hat JBoss Enterprise Application Platform :None.postcss-syntax-0.36.2",
"Red Hat JBoss Enterprise Application Platform :None.postcss-value-parser-3.3.1",
"Red Hat JBoss Enterprise Application Platform :None.pouchdb-7.1.1",
"Red Hat JBoss Enterprise Application Platform :None.prelude-ls-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.pretty-bytes-3.0.1",
"Red Hat JBoss Enterprise Application Platform :None.process-nextick-args-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.promise-7.3.1",
"Red Hat JBoss Enterprise Application Platform :None.promise-polyfill-8.1.3",
"Red Hat JBoss Enterprise Application Platform :None.prr-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.psl-1.1.33",
"Red Hat JBoss Enterprise Application Platform :None.punycode-1.4.1",
"Red Hat JBoss Enterprise Application Platform :None.punycode-2.1.1",
"Red Hat JBoss Enterprise Application Platform :None.qs-6.5.2",
"Red Hat JBoss Enterprise Application Platform :None.quick-lru-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.raw-body-1.1.7",
"Red Hat JBoss Enterprise Application Platform :None.read-pkg-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.read-pkg-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.read-pkg-up-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.read-pkg-up-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.readable-stream-0.0.4",
"Red Hat JBoss Enterprise Application Platform :None.readable-stream-1.0.33",
"Red Hat JBoss Enterprise Application Platform :None.readable-stream-1.1.14",
"Red Hat JBoss Enterprise Application Platform :None.readable-stream-2.3.6",
"Red Hat JBoss Enterprise Application Platform :None.readable-stream-3.4.0",
"Red Hat JBoss Enterprise Application Platform :None.rechoir-0.6.2",
"Red Hat JBoss Enterprise Application Platform :None.redent-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.redent-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.reduce-css-calc-2.1.6",
"Red Hat JBoss Enterprise Application Platform :None.regenerator-runtime-0.11.1",
"Red Hat JBoss Enterprise Application Platform :None.regex-not-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.remark-10.0.1",
"Red Hat JBoss Enterprise Application Platform :None.remark-parse-6.0.3",
"Red Hat JBoss Enterprise Application Platform :None.remark-stringify-6.0.4",
"Red Hat JBoss Enterprise Application Platform :None.repeat-element-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.repeat-string-1.6.1",
"Red Hat JBoss Enterprise Application Platform :None.repeating-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.replace-ext-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.request-2.88.0",
"Red Hat JBoss Enterprise Application Platform :None.resolve-1.1.7",
"Red Hat JBoss Enterprise Application Platform :None.resolve-1.11.1",
"Red Hat JBoss Enterprise Application Platform :None.resolve-dir-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.resolve-from-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.resolve-from-5.0.0",
"Red Hat JBoss Enterprise Application Platform :None.resolve-url-0.2.1",
"Red Hat JBoss Enterprise Application Platform :None.ret-0.1.15",
"Red Hat JBoss Enterprise Application Platform :None.rimraf-2.6.3",
"Red Hat JBoss Enterprise Application Platform :None.rw-1.3.3",
"Red Hat JBoss Enterprise Application Platform :None.safe-buffer-5.1.2",
"Red Hat JBoss Enterprise Application Platform :None.safe-json-parse-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.safe-regex-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.safer-buffer-2.1.2",
"Red Hat JBoss Enterprise Application Platform :None.sax-1.2.4",
"Red Hat JBoss Enterprise Application Platform :None.select-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.semver-5.3.0",
"Red Hat JBoss Enterprise Application Platform :None.semver-5.7.0",
"Red Hat JBoss Enterprise Application Platform :None.set-blocking-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.set-value-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.signal-exit-3.0.2",
"Red Hat JBoss Enterprise Application Platform :None.slash-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.slash-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.slice-ansi-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.snapdragon-0.8.2",
"Red Hat JBoss Enterprise Application Platform :None.snapdragon-node-2.1.1",
"Red Hat JBoss Enterprise Application Platform :None.snapdragon-util-3.0.1",
"Red Hat JBoss Enterprise Application Platform :None.source-map-0.2.0",
"Red Hat JBoss Enterprise Application Platform :None.source-map-0.5.7",
"Red Hat JBoss Enterprise Application Platform :None.source-map-0.6.1",
"Red Hat JBoss Enterprise Application Platform :None.source-map-resolve-0.5.2",
"Red Hat JBoss Enterprise Application Platform :None.source-map-url-0.4.0",
"Red Hat JBoss Enterprise Application Platform :None.spark-md5-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.spdx-correct-3.1.0",
"Red Hat JBoss Enterprise Application Platform :None.spdx-exceptions-2.2.0",
"Red Hat JBoss Enterprise Application Platform :None.spdx-expression-parse-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.spdx-license-ids-3.0.4",
"Red Hat JBoss Enterprise Application Platform :None.specificity-0.4.1",
"Red Hat JBoss Enterprise Application Platform :None.split-string-3.1.0",
"Red Hat JBoss Enterprise Application Platform :None.sprintf-js-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.sprintf-js-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.sshpk-1.16.1",
"Red Hat JBoss Enterprise Application Platform :None.stack-trace-0.0.10",
"Red Hat JBoss Enterprise Application Platform :None.state-toggle-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.static-extend-0.1.2",
"Red Hat JBoss Enterprise Application Platform :None.string-template-0.2.1",
"Red Hat JBoss Enterprise Application Platform :None.string-width-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.string-width-3.1.0",
"Red Hat JBoss Enterprise Application Platform :None.string-width-4.1.0",
"Red Hat JBoss Enterprise Application Platform :None.string_decoder-0.10.31",
"Red Hat JBoss Enterprise Application Platform :None.string_decoder-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.stringify-entities-1.3.2",
"Red Hat JBoss Enterprise Application Platform :None.strip-ansi-3.0.1",
"Red Hat JBoss Enterprise Application Platform :None.strip-ansi-5.2.0",
"Red Hat JBoss Enterprise Application Platform :None.strip-bom-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.strip-bom-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.strip-indent-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.strip-indent-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.style-search-0.1.0",
"Red Hat JBoss Enterprise Application Platform :None.stylelint-10.1.0",
"Red Hat JBoss Enterprise Application Platform :None.sugarss-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.supports-color-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.supports-color-5.5.0",
"Red Hat JBoss Enterprise Application Platform :None.supports-color-6.1.0",
"Red Hat JBoss Enterprise Application Platform :None.svg-tags-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.symbol-tree-3.2.4",
"Red Hat JBoss Enterprise Application Platform :None.table-5.4.1",
"Red Hat JBoss Enterprise Application Platform :None.taffydb-2.7.2",
"Red Hat JBoss Enterprise Application Platform :None.taffydb-2.7.3",
"Red Hat JBoss Enterprise Application Platform :None.tar-4.4.10",
"Red Hat JBoss Enterprise Application Platform :None.through2-3.0.1",
"Red Hat JBoss Enterprise Application Platform :None.tiny-emitter-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.tiny-lr-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.to-fast-properties-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.to-fast-properties-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.to-object-path-0.3.0",
"Red Hat JBoss Enterprise Application Platform :None.to-regex-3.0.2",
"Red Hat JBoss Enterprise Application Platform :None.to-regex-range-2.1.1",
"Red Hat JBoss Enterprise Application Platform :None.to-regex-range-5.0.1",
"Red Hat JBoss Enterprise Application Platform :None.tough-cookie-2.4.3",
"Red Hat JBoss Enterprise Application Platform :None.tough-cookie-2.5.0",
"Red Hat JBoss Enterprise Application Platform :None.tr46-0.0.3",
"Red Hat JBoss Enterprise Application Platform :None.trim-0.0.1",
"Red Hat JBoss Enterprise Application Platform :None.trim-newlines-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.trim-newlines-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.trim-right-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.trim-trailing-lines-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.trough-1.0.4",
"Red Hat JBoss Enterprise Application Platform :None.tunnel-agent-0.6.0",
"Red Hat JBoss Enterprise Application Platform :None.tweetnacl-0.14.5",
"Red Hat JBoss Enterprise Application Platform :None.type-check-0.3.2",
"Red Hat JBoss Enterprise Application Platform :None.typedarray-to-buffer-3.1.5",
"Red Hat JBoss Enterprise Application Platform :None.unc-path-regex-0.1.2",
"Red Hat JBoss Enterprise Application Platform :None.underscore.string-3.3.5",
"Red Hat JBoss Enterprise Application Platform :None.unherit-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.unified-7.1.0",
"Red Hat JBoss Enterprise Application Platform :None.union-value-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.uniq-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.unist-util-find-all-after-1.0.4",
"Red Hat JBoss Enterprise Application Platform :None.unist-util-is-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.unist-util-remove-position-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.unist-util-stringify-position-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.unist-util-visit-1.4.1",
"Red Hat JBoss Enterprise Application Platform :None.unist-util-visit-parents-2.1.2",
"Red Hat JBoss Enterprise Application Platform :None.universalify-0.1.2",
"Red Hat JBoss Enterprise Application Platform :None.unset-value-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.uri-js-4.2.2",
"Red Hat JBoss Enterprise Application Platform :None.urix-0.1.0",
"Red Hat JBoss Enterprise Application Platform :None.use-3.1.1",
"Red Hat JBoss Enterprise Application Platform :None.util-deprecate-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.uuid-3.2.1",
"Red Hat JBoss Enterprise Application Platform :None.uuid-3.3.2",
"Red Hat JBoss Enterprise Application Platform :None.v8flags-3.1.3",
"Red Hat JBoss Enterprise Application Platform :None.validate-npm-package-license-3.0.4",
"Red Hat JBoss Enterprise Application Platform :None.verror-1.10.0",
"Red Hat JBoss Enterprise Application Platform :None.vfile-3.0.1",
"Red Hat JBoss Enterprise Application Platform :None.vfile-location-2.0.5",
"Red Hat JBoss Enterprise Application Platform :None.vfile-message-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.vuvuzela-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.webidl-conversions-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.websocket-driver-0.7.3",
"Red Hat JBoss Enterprise Application Platform :None.websocket-extensions-0.1.3",
"Red Hat JBoss Enterprise Application Platform :None.whatwg-fetch-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.whatwg-url-compat-0.6.5",
"Red Hat JBoss Enterprise Application Platform :None.which-1.3.1",
"Red Hat JBoss Enterprise Application Platform :None.wide-align-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.wordwrap-0.0.3",
"Red Hat JBoss Enterprise Application Platform :None.wordwrap-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.wrappy-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.write-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.write-stream-0.4.3",
"Red Hat JBoss Enterprise Application Platform :None.x-is-string-0.1.0",
"Red Hat JBoss Enterprise Application Platform :None.xml-name-validator-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.xtend-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.yallist-3.0.3",
"Red Hat JBoss Enterprise Application Platform :None.yargs-parser-10.1.0",
"Red Hat JBoss Enterprise Application Platform :antlr.antlr-2.7.7.redhat-7.jar",
"Red Hat JBoss Enterprise Application Platform :antlr.antlr-2.7.7.redhat-7.pom",
"Red Hat JBoss Enterprise Application Platform :ch.qos.cal10n.cal10n-api-0.8.1.redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :ch.qos.cal10n.cal10n-api-0.8.1.redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.classmate-1.5.1.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.classmate-1.5.1.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-annotations-2.11.3.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-annotations-2.12.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-annotations-2.12.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-core-2.11.3.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-core-2.12.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-core-2.12.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-databind-2.11.3.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-databind-2.12.6.1-redhat-00004.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-databind-2.12.6.1-redhat-00004.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.datatype.jackson-datatype-jdk8-2.12.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.datatype.jackson-datatype-jdk8-2.12.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.datatype.jackson-datatype-jsr310-2.12.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.datatype.jackson-datatype-jsr310-2.12.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.jaxrs.jackson-jaxrs-base-2.12.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.jaxrs.jackson-jaxrs-base-2.12.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.jaxrs.jackson-jaxrs-json-provider-2.12.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.jaxrs.jackson-jaxrs-json-provider-2.12.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.module.jackson-module-jaxb-annotations-2.12.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.module.jackson-module-jaxb-annotations-2.12.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.woodstox.woodstox-core-6.0.3.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.github.ben-manes.caffeine.caffeine-2.8.8.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.github.fge.btf-1.2.0.redhat-00007.jar",
"Red Hat JBoss Enterprise Application Platform :com.github.fge.jackson-coreutils-1.8.0.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :com.github.fge.json-patch-1.9.0.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :com.github.fge.msg-simple-1.1.0.redhat-00007.jar",
"Red Hat JBoss Enterprise Application Platform :com.github.spullara.mustache.java.compiler-0.9.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.github.spullara.mustache.java.compiler-0.9.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.google.code.gson.gson-2.8.5.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.google.code.gson.gson-2.8.9.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.google.code.gson.gson-2.8.9.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.google.guava.failureaccess-1.0.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :com.google.guava.failureaccess-1.0.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :com.google.guava.guava-30.1.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.google.guava.guava-30.1.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.google.protobuf.protobuf-java-3.12.2.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :com.googlecode.javaewah.JavaEWAH-1.1.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.googlecode.javaewah.JavaEWAH-1.1.7.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.h2database.h2-1.4.197.redhat-00004.jar",
"Red Hat JBoss Enterprise Application Platform :com.h2database.h2-1.4.197.redhat-00004.pom",
"Red Hat JBoss Enterprise Application Platform :com.h2database.h2-1.4.197.redhat-00004.zip",
"Red Hat JBoss Enterprise Application Platform :com.microsoft.azure.azure-storage-8.6.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.microsoft.azure.azure-storage-8.6.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.squareup.protoparser-4.0.3.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.activation.jakarta.activation-1.2.2.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.activation.jakarta.activation-1.2.2.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.faces.jsf-impl-2.3.14.SP06-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.faces.jsf-impl-2.3.14.SP06-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.istack.istack-commons-runtime-3.0.10.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.istack.istack-commons-runtime-3.0.10.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.istack.istack-commons-tools-3.0.10.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.istack.istack-commons-tools-3.0.10.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.mail.jakarta.mail-1.6.5.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.mail.jakarta.mail-1.6.5.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.bind.external.relaxng-datatype-2.3.3.b02-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.bind.external.relaxng-datatype-2.3.3.b02-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.bind.external.rngom-2.3.3.b02-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.bind.external.rngom-2.3.3.b02-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.bind.jaxb.isorelax-20090621.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.fastinfoset.FastInfoset-1.2.13.redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.fastinfoset.FastInfoset-1.2.13.redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.messaging.saaj.saaj-impl-1.4.1.SP1-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.messaging.saaj.saaj-impl-1.4.1.SP1-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :commons-beanutils.commons-beanutils-1.9.4.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :commons-beanutils.commons-beanutils-1.9.4.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :commons-cli.commons-cli-1.2.0.redhat-10.pom",
"Red Hat JBoss Enterprise Application Platform :commons-cli.commons-cli-1.4.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :commons-cli.commons-cli-1.4.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :commons-codec.commons-codec-1.11.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :commons-codec.commons-codec-1.15.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :commons-codec.commons-codec-1.15.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :commons-collections.commons-collections-3.2.2.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :commons-collections.commons-collections-3.2.2.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :commons-io.commons-io-2.10.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :commons-io.commons-io-2.10.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :commons-io.commons-io-2.8.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :commons-lang.commons-lang-2.6.0.redhat-7.jar",
"Red Hat JBoss Enterprise Application Platform :commons-lang.commons-lang-2.6.0.redhat-7.pom",
"Red Hat JBoss Enterprise Application Platform :commons-logging.commons-logging-1.2.0.redhat-00004.pom",
"Red Hat JBoss Enterprise Application Platform :gnu.getopt.java-getopt-1.0.13.redhat-5.jar",
"Red Hat JBoss Enterprise Application Platform :gnu.getopt.java-getopt-1.0.13.redhat-5.pom",
"Red Hat JBoss Enterprise Application Platform :io.agroal.agroal-api-1.3.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.agroal.agroal-api-1.3.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.agroal.agroal-narayana-1.3.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.agroal.agroal-narayana-1.3.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.agroal.agroal-pool-1.3.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.agroal.agroal-pool-1.3.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-buffer-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-buffer-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-dns-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-dns-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-haproxy-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-haproxy-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-http-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-http-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-http2-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-http2-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-memcache-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-memcache-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-mqtt-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-mqtt-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-redis-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-redis-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-smtp-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-smtp-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-socks-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-socks-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-stomp-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-stomp-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-xml-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-xml-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-common-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-handler-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-handler-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-handler-proxy-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-handler-proxy-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-resolver-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-resolver-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-resolver-dns-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-resolver-dns-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-resolver-dns-classes-macos-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-resolver-dns-classes-macos-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-tcnative-classes-2.0.52.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-tcnative-classes-2.0.52.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-classes-epoll-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-classes-epoll-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-classes-kqueue-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-classes-kqueue-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-native-epoll-4.1.77.Final-redhat-00001-linux-x86_64.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-native-epoll-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-native-unix-common-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-native-unix-common-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-rxtx-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-rxtx-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-sctp-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-sctp-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-udt-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-udt-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.reactivex.rxjava2.rxjava-2.2.20.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.reactivex.rxjava3.rxjava-3.0.9.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.undertow.jastow.jastow-2.0.11.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.undertow.jastow.jastow-2.0.11.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.undertow.js.undertow-js-1.0.2.Final-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :io.undertow.js.undertow-js-1.0.2.Final-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :io.undertow.undertow-core-2.2.19.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.undertow.undertow-servlet-2.2.19.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.undertow.undertow-servlet-2.2.19.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.undertow.undertow-websockets-jsr-2.2.19.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.undertow.undertow-websockets-jsr-2.2.19.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :jakarta.enterprise.jakarta.enterprise.cdi-api-2.0.2.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :jakarta.enterprise.jakarta.enterprise.cdi-api-2.0.2.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :jakarta.inject.jakarta.inject-api-1.0.3.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :jakarta.inject.jakarta.inject-api-1.0.3.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :jakarta.json.bind.jakarta.json.bind-api-1.0.2.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :jakarta.json.bind.jakarta.json.bind-api-1.0.2.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :jakarta.json.jakarta.json-api-1.1.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :jakarta.json.jakarta.json-api-1.1.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :jakarta.persistence.jakarta.persistence-api-2.2.3.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :jakarta.persistence.jakarta.persistence-api-2.2.3.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :jakarta.security.enterprise.jakarta.security.enterprise-api-1.0.2.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :jakarta.security.enterprise.jakarta.security.enterprise-api-1.0.2.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :jakarta.validation.jakarta.validation-api-2.0.2.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :jakarta.validation.jakarta.validation-api-2.0.2.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :javax.jws.jsr181-api-1.0.0.MR1-redhat-8.jar",
"Red Hat JBoss Enterprise Application Platform :javax.jws.jsr181-api-1.0.0.MR1-redhat-8.pom",
"Red Hat JBoss Enterprise Application Platform :jaxen.jaxen-1.1.6.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :jaxen.jaxen-1.1.6.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :jboss.jaxbintros.jboss-jaxb-intros-1.0.3.GA-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :jboss.jaxbintros.jboss-jaxb-intros-1.0.3.GA-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :joda-time.joda-time-2.9.7.redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :joda-time.joda-time-2.9.7.redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :net.bytebuddy.byte-buddy-1.11.12.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :net.bytebuddy.byte-buddy-dep-1.11.12.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :net.java.dev.msv.msv-core-2013.6.1.pom",
"Red Hat JBoss Enterprise Application Platform :net.java.dev.msv.xsdlib-2013.6.1.pom",
"Red Hat JBoss Enterprise Application Platform :net.jcip.jcip-annotations-1.0.0.redhat-8.jar",
"Red Hat JBoss Enterprise Application Platform :net.jcip.jcip-annotations-1.0.0.redhat-8.pom",
"Red Hat JBoss Enterprise Application Platform :net.shibboleth.utilities.java-support-7.3.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :net.shibboleth.utilities.java-support-7.3.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.aesh.aesh-2.4.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.aesh.aesh-2.4.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.aesh.aesh-extensions-1.8.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.aesh.aesh-extensions-1.8.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.aesh.readline-2.2.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.aesh.readline-2.2.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.aesh.terminal-api-2.2.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.activemq-artemis-native-1.0.2.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.activemq-artemis-native-1.0.2.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-cli-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-cli-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-commons-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-commons-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-core-client-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-core-client-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-dto-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-dto-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-hornetq-protocol-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-hornetq-protocol-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-hqclient-protocol-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-hqclient-protocol-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-jdbc-store-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-jdbc-store-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-jms-client-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-jms-client-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-jms-server-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-jms-server-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-journal-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-journal-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-ra-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-ra-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-selector-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-selector-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-server-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-server-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-service-extensions-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-service-extensions-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-tools-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-tools-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.avro.avro-1.7.6.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.avro.avro-1.7.6.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.commons.commons-lang3-3.11.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.commons.commons-lang3-3.11.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-core-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-core-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-bindings-coloc-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-bindings-coloc-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-bindings-soap-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-bindings-soap-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-bindings-xml-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-bindings-xml-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-databinding-aegis-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-databinding-aegis-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-databinding-jaxb-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-databinding-jaxb-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-features-clustering-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-features-clustering-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-features-logging-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-features-logging-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-frontend-jaxws-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-frontend-jaxws-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-frontend-simple-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-frontend-simple-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-management-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-management-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-security-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-security-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-security-saml-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-security-saml-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-http-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-http-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-http-hc-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-http-hc-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-jms-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-jms-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-local-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-local-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-addr-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-addr-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-mex-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-mex-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-policy-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-policy-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-rm-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-rm-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-security-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-security-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-wsdl-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-wsdl-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-common-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-common-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-java2ws-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-java2ws-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-validator-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-validator-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-wsdlto-core-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-wsdlto-core-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-wsdlto-databinding-jaxb-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-wsdlto-databinding-jaxb-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-wsdlto-frontend-jaxws-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-wsdlto-frontend-jaxws-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.services.sts.cxf-services-sts-core-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.services.sts.cxf-services-sts-core-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.services.ws-discovery.cxf-services-ws-discovery-api-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.services.ws-discovery.cxf-services-ws-discovery-api-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjc-utils.cxf-xjc-runtime-3.3.1.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjc-utils.cxf-xjc-runtime-3.3.1.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-boolean-3.3.1.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-boolean-3.3.1.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-bug986-3.3.1.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-bug986-3.3.1.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-dv-3.3.1.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-dv-3.3.1.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-ts-3.3.1.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-ts-3.3.1.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpasyncclient-4.1.4.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpasyncclient-4.1.4.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpclient-4.5.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpclient-4.5.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpcore-4.4.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpcore-4.4.14.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpcore-4.4.14.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpcore-nio-4.4.14.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpcore-nio-4.4.14.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpmime-4.5.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpmime-4.5.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.james.apache-mime4j-0.6.0.redhat-7.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.james.apache-mime4j-0.6.0.redhat-7.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.logging.log4j.log4j-api-2.17.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.logging.log4j.log4j-api-2.17.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-analyzers-common-5.5.5.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-analyzers-common-5.5.5.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-backward-codecs-5.5.5.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-backward-codecs-5.5.5.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-core-5.5.5.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-core-5.5.5.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-facet-5.5.5.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-facet-5.5.5.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-misc-5.5.5.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-misc-5.5.5.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-queries-5.5.5.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-queries-5.5.5.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-queryparser-5.5.5.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-queryparser-5.5.5.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.neethi.neethi-3.1.1.redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.neethi.neethi-3.1.1.redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.santuario.xmlsec-2.1.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.santuario.xmlsec-2.1.7.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.sshd.sshd-common-2.7.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.sshd.sshd-common-2.7.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.sshd.sshd-core-2.7.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.sshd.sshd-core-2.7.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.taglibs.taglibs-standard-compat-1.2.6.RC1-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.taglibs.taglibs-standard-compat-1.2.6.RC1-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.taglibs.taglibs-standard-impl-1.2.6.RC1-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.taglibs.taglibs-standard-impl-1.2.6.RC1-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.taglibs.taglibs-standard-spec-1.2.6.RC1-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.taglibs.taglibs-standard-spec-1.2.6.RC1-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.velocity.velocity-engine-core-2.3.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.ws.xmlschema.xmlschema-core-2.2.5.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.ws.xmlschema.xmlschema-core-2.2.5.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-bindings-2.2.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-bindings-2.2.7.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-policy-2.2.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-policy-2.2.7.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-common-2.2.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-common-2.2.7.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-dom-2.2.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-dom-2.2.7.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-policy-stax-2.2.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-policy-stax-2.2.7.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-stax-2.2.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-stax-2.2.7.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.bitbucket.b_c.jose4j-0.7.5.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcmail-jdk15on-1.68.0.redhat-00005.jar",
"Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcmail-jdk15on-1.68.0.redhat-00005.pom",
"Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcpg-jdk15on-1.68.0.redhat-00005.jar",
"Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcpg-jdk15on-1.68.0.redhat-00005.pom",
"Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcpkix-jdk15on-1.68.0.redhat-00005.jar",
"Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcpkix-jdk15on-1.68.0.redhat-00005.pom",
"Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcprov-jdk15on-1.68.0.redhat-00005.jar",
"Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcprov-jdk15on-1.68.0.redhat-00005.pom",
"Red Hat JBoss Enterprise Application Platform :org.codehaus.jackson.jackson-core-asl-1.9.13.redhat-00007.jar",
"Red Hat JBoss Enterprise Application Platform :org.codehaus.jackson.jackson-jaxrs-1.9.13.redhat-00007.jar",
"Red Hat JBoss Enterprise Application Platform :org.codehaus.jackson.jackson-mapper-asl-1.9.13.redhat-00007.jar",
"Red Hat JBoss Enterprise Application Platform :org.codehaus.jackson.jackson-xc-1.9.13.redhat-00007.jar",
"Red Hat JBoss Enterprise Application Platform :org.codehaus.jettison.jettison-1.4.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.codehaus.jettison.jettison-1.4.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.codehaus.woodstox.stax2-api-4.2.1.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.codehaus.woodstox.stax2-api-4.2.1.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.cryptacular.cryptacular-1.2.4.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.cryptacular.cryptacular-1.2.4.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.dom4j.dom4j-2.1.3.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.dom4j.dom4j-2.1.3.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.eclipse.jdt.ecj-3.26.0.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.eclipse.jdt.ecj-3.26.0.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.eclipse.jgit.org.eclipse.jgit-5.13.0.202109080827-r-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.eclipse.jgit.org.eclipse.jgit-5.13.0.202109080827-r-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.eclipse.jgit.org.eclipse.jgit.ssh.apache-5.13.0.202109080827-r-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.eclipse.jgit.org.eclipse.jgit.ssh.apache-5.13.0.202109080827-r-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.eclipse.yasson-1.0.10.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.eclipse.yasson-1.0.10.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.fusesource.hawtjni.hawtjni-runtime-1.17.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.fusesource.jansi.jansi-1.18.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.fusesource.jansi.jansi-linux32-1.8.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.fusesource.jansi.jansi-linux64-1.8.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.fusesource.jansi.jansi-native-1.8.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jakarta.el-3.0.3.redhat-00007.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jakarta.el-3.0.3.redhat-00007.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jakarta.enterprise.concurrent-1.1.1.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jakarta.enterprise.concurrent-1.1.1.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jakarta.json-1.1.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jakarta.json-1.1.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.codemodel-2.3.3.b02-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.codemodel-2.3.3.b02-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.jaxb-jxc-2.3.3.b02-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.jaxb-jxc-2.3.3.b02-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.jaxb-runtime-2.3.3.b02-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.jaxb-runtime-2.3.3.b02-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.jaxb-xjc-2.3.3.b02-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.jaxb-xjc-2.3.3.b02-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.txw2-2.3.3.b02-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.txw2-2.3.3.b02-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.xsom-2.3.3.b02-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.xsom-2.3.3.b02-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.soteria.jakarta.security.enterprise-1.0.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.soteria.jakarta.security.enterprise-1.0.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.common.hibernate-commons-annotations-5.0.5.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-core-5.3.28.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-envers-5.3.28.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-backend-jms-5.10.7.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-backend-jms-5.10.7.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-engine-5.10.7.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-engine-5.10.7.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-orm-5.10.7.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-orm-5.10.7.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-serialization-avro-5.10.7.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-serialization-avro-5.10.7.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.validator.hibernate-validator-6.0.23.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.validator.hibernate-validator-6.0.23.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.validator.hibernate-validator-cdi-6.0.23.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.validator.hibernate-validator-cdi-6.0.23.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.hornetq.hornetq-commons-2.4.8.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hornetq.hornetq-commons-2.4.8.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.hornetq.hornetq-core-client-2.4.8.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hornetq.hornetq-core-client-2.4.8.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.hornetq.hornetq-jms-client-2.4.8.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hornetq.hornetq-jms-client-2.4.8.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-cachestore-jdbc-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-cachestore-jdbc-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-cachestore-remote-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-cachestore-remote-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-client-hotrod-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-client-hotrod-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-commons-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-commons-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-component-annotations-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-component-annotations-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-core-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-core-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-commons-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-commons-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-spi-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-spi-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-v51-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-v51-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-v53-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-v53-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.protostream.protostream-4.3.5.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.protostream.protostream-4.3.5.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jasypt.jasypt-1.9.3.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.jasypt.jasypt-1.9.3.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.javassist.javassist-3.26.0.GA-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.javassist.javassist-3.27.0.GA-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.javassist.javassist-3.27.0.GA-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jberet.jberet-core-1.3.9.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jberet.jberet-core-1.3.9.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.activemq.artemis.integration.artemis-wildfly-integration-1.0.4.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.activemq.artemis.integration.artemis-wildfly-integration-1.0.4.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.classfilewriter.jboss-classfilewriter-1.2.5.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.classfilewriter.jboss-classfilewriter-1.2.5.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.common.jboss-common-beans-2.0.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.common.jboss-common-beans-2.0.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-eclipselink-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-eclipselink-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate4-1-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate4-1-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate4-3-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate4-3-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate5-3-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate5-3-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate5-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate5-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-openjpa-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-openjpa-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-appclient-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-appclient-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-batch-jberet-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-batch-jberet-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-bean-validation-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-bean-validation-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-client-all-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-client-properties-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-client-properties-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-api-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-api-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-common-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-common-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-cache-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-cache-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-hotrod-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-hotrod-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-infinispan-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-infinispan-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ejb-infinispan-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ejb-infinispan-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ejb-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ejb-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-client-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-client-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-extension-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-extension-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-marshalling-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-marshalling-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-jgroups-api-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-jgroups-api-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-jgroups-extension-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-jgroups-extension-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-jgroups-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-jgroups-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-api-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-api-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-jboss-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-jboss-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-protostream-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-protostream-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-server-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-server-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-service-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-service-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-singleton-api-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-singleton-api-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-singleton-extension-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-singleton-extension-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-api-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-api-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-cache-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-cache-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-container-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-container-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-extension-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-extension-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-hotrod-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-hotrod-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-infinispan-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-infinispan-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-undertow-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-undertow-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-cmp-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-cmp-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-configadmin-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-configadmin-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-connector-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-connector-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-datasources-agroal-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-datasources-agroal-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ee-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ee-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ee-security-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ee-security-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ejb3-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ejb3-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-health-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-health-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-iiop-openjdk-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-iiop-openjdk-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jacorb-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jacorb-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jaxr-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jaxr-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jaxrs-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jaxrs-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jdr-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jdr-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jpa-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jpa-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jsf-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jsf-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jsf-injection-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jsf-injection-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jsr77-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jsr77-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-mail-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-mail-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-messaging-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-messaging-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-messaging-activemq-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-messaging-activemq-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-metrics-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-metrics-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-mod_cluster-extension-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-mod_cluster-extension-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-mod_cluster-undertow-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-mod_cluster-undertow-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-naming-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-naming-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ormtransformer-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ormtransformer-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-picketlink-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-picketlink-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-pojo-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-pojo-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-rts-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-rts-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-sar-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-sar-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-api-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-api-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-integration-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-integration-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-plugins-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-plugins-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-vault-tool-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-vault-tool-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-system-jmx-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-system-jmx-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-transactions-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-transactions-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-undertow-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-undertow-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-web-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-web-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-web-common-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-web-common-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-webservices-server-integration-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-webservices-server-integration-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-bean-validation-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-bean-validation-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-common-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-common-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-ejb-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-ejb-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-jpa-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-jpa-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-transactions-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-transactions-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-webservices-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-webservices-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-xts-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-xts-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ejb3.jboss-ejb3-ext-api-2.3.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ejb3.jboss-ejb3-ext-api-2.3.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.genericjms.generic-jms-ra-jar-2.0.9.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.genericjms.generic-jms-ra-jar-2.0.9.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.hal.hal-console-3.3.14.Final-redhat-00001-resources.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.hal.hal-console-3.3.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.invocation.jboss-invocation-1.6.3.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.invocation.jboss-invocation-1.6.3.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-common-api-1.5.3.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-common-api-1.5.3.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-common-impl-1.5.3.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-common-impl-1.5.3.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-common-spi-1.5.3.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-common-spi-1.5.3.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-core-api-1.5.3.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-core-api-1.5.3.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-core-impl-1.5.3.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-core-impl-1.5.3.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-deployers-common-1.5.3.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-deployers-common-1.5.3.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-jdbc-1.5.3.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-jdbc-1.5.3.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-validator-1.5.3.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-validator-1.5.3.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jandex-2.4.2.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jandex-2.4.2.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-dmr-1.5.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-dmr-1.5.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-ejb-client-4.0.45.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-ejb-client-4.0.45.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-ejb-client-legacy-3.0.3.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-ejb-client-legacy-3.0.3.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-iiop-client-1.0.1.Final-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-iiop-client-1.0.1.Final-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-transaction-spi-7.6.0.Final-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-transaction-spi-7.6.0.Final-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-vfs-3.2.17.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-vfs-3.2.17.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logging.commons-logging-jboss-logging-1.0.0.Final-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logging.commons-logging-jboss-logging-1.0.0.Final-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logging.jboss-logging-3.4.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logging.jboss-logging-3.4.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logging.jul-to-slf4j-stub-1.0.1.Final-redhat-3.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logging.jul-to-slf4j-stub-1.0.1.Final-redhat-3.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logmanager.jboss-logmanager-2.1.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logmanager.jboss-logmanager-2.1.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logmanager.log4j-jboss-logmanager-1.2.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logmanager.log4j2-jboss-logmanager-1.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logmanager.log4j2-jboss-logmanager-1.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.marshalling.jboss-marshalling-2.0.12.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.marshalling.jboss-marshalling-2.0.12.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.marshalling.jboss-marshalling-river-2.0.12.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.marshalling.jboss-marshalling-river-2.0.12.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-appclient-13.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-appclient-13.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-common-13.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-common-13.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-ear-13.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-ear-13.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-ejb-13.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-ejb-13.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-web-13.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-web-13.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-cli-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-cli-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-core-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-core-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap6.4-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap6.4-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap6.4-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap6.4-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.0-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.0-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.0-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.0-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.1-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.1-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.1-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.1-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.2-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.2-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.2-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.2-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.3-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.3-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.3-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.3-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.4-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.4-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.4-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.4-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly10.0-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly10.0-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly10.1-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly10.1-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly11.0-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly11.0-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly12.0-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly12.0-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly13.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly13.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly14.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly14.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly15.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly15.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly16.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly16.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly17.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly17.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly18.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly18.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly19.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly19.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly20.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly20.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly21.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly21.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly22.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly22.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly8.2-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly8.2-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly9.0-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly9.0-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.mod_cluster.mod_cluster-container-spi-1.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.mod_cluster.mod_cluster-container-spi-1.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.mod_cluster.mod_cluster-core-1.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.mod_cluster.mod_cluster-core-1.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.mod_cluster.mod_cluster-load-spi-1.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.mod_cluster.mod_cluster-load-spi-1.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.modules.jboss-modules-1.12.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.modules.jboss-modules-1.12.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.msc.jboss-msc-1.4.12.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.msc.jboss-msc-1.4.12.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.arjunacore.arjuna-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.arjunacore.txoj-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.common-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.compensations.compensations-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.compensations.compensations-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jbosstxbridge-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jbosstxbridge-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jta.cdi-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jta.jdbc-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jta.jms-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jta.jta-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jts.idlj-idl-jdk8-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jts.jtax-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jts.jts-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jts.narayana-jts-idlj-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jts.narayana-jts-integration-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jts.narayana-jts-integration-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jts.orbportability-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-api-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-api-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-bridge-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-bridge-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-integration-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-integration-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-util-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-util-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.txframework.txframework-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.txframework.txframework-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.bridge-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.jbossxts-5.11.4.Final-redhat-00001-api.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.jbossxts-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.recovery-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.service-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.ws-c11-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.ws-t11-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.wsas-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.wscf11-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.wstx11-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.openjdk-orb.openjdk-orb-8.1.4.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.openjdk-orb.openjdk-orb-8.1.4.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.remoting.jboss-remoting-5.0.25.SP1-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.remoting.jboss-remoting-5.0.25.SP1-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.remotingjmx.remoting-jmx-3.0.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.remotingjmx.remoting-jmx-3.0.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.jose-jwt-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.jose-jwt-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-atom-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-atom-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-cdi-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-cdi-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-client-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-client-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-crypto-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-crypto-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jackson-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jackson-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jackson2-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jackson2-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jaxb-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jaxb-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jaxrs-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jaxrs-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jettison-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jettison-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jsapi-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jsapi-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-json-binding-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-json-binding-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-json-p-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-json-p-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-multipart-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-multipart-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-rxjava2-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-rxjava2-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-spring-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-spring-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-validator-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-validator-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-yaml-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-yaml-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.seam.integration.jboss-seam-int-jbossas-7.0.0.GA-redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.seam.integration.jboss-seam-int-jbossas-7.0.0.GA-redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-common-3.0.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-common-3.0.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-extras-3.0.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-extras-3.0.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-ntlm-3.0.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-ntlm-3.0.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-spnego-3.0.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-spnego-3.0.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jbossxacml-2.0.8.Final-redhat-8.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.slf4j.slf4j-jboss-logmanager-1.1.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.slf4j.slf4j-jboss-logmanager-1.1.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.annotation.jboss-annotations-api_1.3_spec-2.0.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.annotation.jboss-annotations-api_1.3_spec-2.0.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.batch.jboss-batch-api_1.0_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.batch.jboss-batch-api_1.0_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.ejb.jboss-ejb-api_3.2_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.ejb.jboss-ejb-api_3.2_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.el.jboss-el-api_3.0_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.el.jboss-el-api_3.0_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.enterprise.concurrent.jboss-concurrency-api_1.0_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.enterprise.concurrent.jboss-concurrency-api_1.0_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.faces.jboss-jsf-api_2.3_spec-3.0.0.SP06-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.faces.jboss-jsf-api_2.3_spec-3.0.0.SP06-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.interceptor.jboss-interceptors-api_1.2_spec-2.0.0.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.interceptor.jboss-interceptors-api_1.2_spec-2.0.0.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.jms.jboss-jms-api_2.0_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.jms.jboss-jms-api_2.0_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.management.j2ee.jboss-j2eemgmt-api_1.1_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.management.j2ee.jboss-j2eemgmt-api_1.1_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.resource.jboss-connector-api_1.7_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.resource.jboss-connector-api_1.7_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.security.auth.message.jboss-jaspi-api_1.1_spec-2.0.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.security.auth.message.jboss-jaspi-api_1.1_spec-2.0.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.security.jacc.jboss-jacc-api_1.5_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.security.jacc.jboss-jacc-api_1.5_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.servlet.jboss-servlet-api_4.0_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.servlet.jboss-servlet-api_4.0_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.servlet.jsp.jboss-jsp-api_2.3_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.servlet.jsp.jboss-jsp-api_2.3_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.transaction.jboss-transaction-api_1.3_spec-2.0.0.Final-redhat-00005.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.transaction.jboss-transaction-api_1.3_spec-2.0.0.Final-redhat-00005.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.websocket.jboss-websocket-api_1.1_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.websocket.jboss-websocket-api_1.1_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.ws.rs.jboss-jaxrs-api_2.1_spec-2.0.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.ws.rs.jboss-jaxrs-api_2.1_spec-2.0.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.bind.jboss-jaxb-api_2.3_spec-2.0.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.bind.jboss-jaxb-api_2.3_spec-2.0.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.rpc.jboss-jaxrpc-api_1.1_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.rpc.jboss-jaxrpc-api_1.1_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.soap.jboss-saaj-api_1.3_spec-1.0.6.Final-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.soap.jboss-saaj-api_1.3_spec-1.0.6.Final-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.soap.jboss-saaj-api_1.4_spec-1.0.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.soap.jboss-saaj-api_1.4_spec-1.0.2.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.ws.jboss-jaxws-api_2.3_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.ws.jboss-jaxws-api_2.3_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.staxmapper-1.3.0.Final-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.staxmapper-1.3.0.Final-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.stdio.jboss-stdio-1.1.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.stdio.jboss-stdio-1.1.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.threads.jboss-threads-2.4.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.threads.jboss-threads-2.4.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-ejb-3.1.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-ejb-3.1.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-jsf-3.1.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-jsf-3.1.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-jta-3.1.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-jta-3.1.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-web-3.1.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-web-3.1.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.probe.weld-probe-core-3.1.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.probe.weld-probe-core-3.1.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.weld-api-3.1.0.SP3-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.weld-api-3.1.0.SP3-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.weld-core-impl-3.1.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.weld-core-impl-3.1.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.weld-spi-3.1.0.SP3-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.weld-spi-3.1.0.SP3-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-client-5.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-client-5.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-factories-5.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-factories-5.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-jaspi-5.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-jaspi-5.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-resources-5.4.4.Final-redhat-00001-wildfly2000.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-resources-5.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-server-5.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-server-5.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-transports-udp-5.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-transports-udp-5.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-transports-undertow-5.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-transports-undertow-5.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-api-1.1.2.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-api-1.1.2.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-common-3.3.3.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-common-3.3.3.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-common-tools-1.3.2.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-common-tools-1.3.2.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-spi-3.3.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-spi-3.3.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.projects.jaxws-undertow-httpspi-1.0.1.Final-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.projects.jaxws-undertow-httpspi-1.0.1.Final-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.xnio.netty.netty-xnio-transport-0.1.9.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.xnio.netty.netty-xnio-transport-0.1.9.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.xnio.xnio-api-3.8.7.SP1-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.xnio.xnio-api-3.8.7.SP1-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.xnio.xnio-nio-3.8.7.SP1-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.xnio.xnio-nio-3.8.7.SP1-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jctools.jctools-core-2.1.2.redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jctools.jctools-core-2.1.2.redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jctools.jctools-core-3.1.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jgroups.azure.jgroups-azure-1.3.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jgroups.azure.jgroups-azure-1.3.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jgroups.jgroups-4.2.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jgroups.jgroups-4.2.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jgroups.kubernetes.jgroups-kubernetes-1.0.16.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jgroups.kubernetes.jgroups-kubernetes-1.0.16.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jsoup.jsoup-1.14.2.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.jsoup.jsoup-1.14.2.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.jvnet.staxex.stax-ex-1.8.3.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.jvnet.staxex.stax-ex-1.8.3.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-core-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-core-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-profile-api-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-profile-api-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-saml-api-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-saml-api-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-saml-impl-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-saml-impl-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-security-api-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-security-api-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-security-impl-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-security-impl-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-soap-api-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-soap-api-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-api-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-api-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-impl-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-impl-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-saml-api-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-saml-api-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-saml-impl-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-saml-impl-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xmlsec-api-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xmlsec-api-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xmlsec-impl-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xmlsec-impl-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.ow2.asm.asm-9.1.0.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.ow2.asm.asm-util-9.1.0.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.acl-spi-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.authorization-spi-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.common-spi-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.identity-spi-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.jboss-security-spi-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.jbosssx-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.jbosssx-bare-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-5.0.3.Final-redhat-00009.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-acl-impl-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-bare-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-commons-1.0.0.final-redhat-5.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-commons-1.0.0.final-redhat-5.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-identity-impl-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-infinispan-5.0.3.Final-redhat-00009.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-infinispan-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-spi-bare-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.distribution.picketlink-wildfly8-2.5.5.SP12-redhat-00014.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-api-2.5.5.SP12-redhat-00011.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-api-2.5.5.SP12-redhat-00011.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-common-2.5.5.SP12-redhat-00011.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-common-2.5.5.SP12-redhat-00011.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-config-2.5.5.SP12-redhat-00011.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-config-2.5.5.SP12-redhat-00011.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-federation-2.5.5.SP12-redhat-00011.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-federation-2.5.5.SP12-redhat-00011.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-idm-api-2.5.5.SP12-redhat-00011.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-idm-api-2.5.5.SP12-redhat-00011.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-idm-impl-2.5.5.SP12-redhat-00011.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-idm-impl-2.5.5.SP12-redhat-00011.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-idm-simple-schema-2.5.5.SP12-redhat-00011.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-idm-simple-schema-2.5.5.SP12-redhat-00011.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-impl-2.5.5.SP12-redhat-00011.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-impl-2.5.5.SP12-redhat-00011.pom",
"Red Hat JBoss Enterprise Application Platform :org.projectodd.vdx.vdx-core-1.1.6.redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.projectodd.vdx.vdx-core-1.1.6.redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.projectodd.vdx.vdx-wildfly-1.1.6.redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.projectodd.vdx.vdx-wildfly-1.1.6.redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.reactivestreams.reactive-streams-1.0.3.redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.slf4j.jcl-over-slf4j-1.7.30.redhat-00004.pom",
"Red Hat JBoss Enterprise Application Platform :org.slf4j.slf4j-api-1.7.22.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.slf4j.slf4j-api-1.7.22.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.slf4j.slf4j-api-1.7.30.redhat-00004.pom",
"Red Hat JBoss Enterprise Application Platform :org.slf4j.slf4j-ext-1.7.22.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.slf4j.slf4j-ext-1.7.22.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.client.wildfly-client-config-1.0.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.client.wildfly-client-config-1.0.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.common.wildfly-common-1.5.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.common.wildfly-common-1.5.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-cli-15.0.18.Final-redhat-00001-client.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-cli-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-cli-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-controller-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-controller-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-controller-client-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-controller-client-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-management-client-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-management-client-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-management-subsystem-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-management-subsystem-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-security-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-security-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-security-api-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-security-api-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-deployment-repository-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-deployment-repository-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-deployment-scanner-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-deployment-scanner-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-discovery-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-discovery-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-domain-http-error-context-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-domain-http-error-context-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-domain-http-interface-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-domain-http-interface-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-domain-management-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-domain-management-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-elytron-integration-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-elytron-integration-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-elytron-tool-wrapper-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-elytron-tool-wrapper-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-embedded-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-embedded-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-event-logger-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-event-logger-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-host-controller-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-host-controller-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-io-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-io-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-jmx-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-jmx-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-launcher-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-launcher-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-logging-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-logging-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-management-client-content-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-management-client-content-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-network-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-network-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-patching-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-patching-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-platform-mbean-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-platform-mbean-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-process-controller-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-process-controller-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-protocol-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-protocol-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-remoting-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-remoting-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-request-controller-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-request-controller-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-security-manager-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-security-manager-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-server-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-server-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-threads-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-threads-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-version-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-version-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.discovery.wildfly-discovery-client-1.2.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.discovery.wildfly-discovery-client-1.2.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-java-2.2.3.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-java-2.2.3.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-ppc64le-2.2.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-ppc64le-2.2.2.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel6-x86_64-2.2.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel6-x86_64-2.2.2.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel7-x86_64-2.2.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel7-x86_64-2.2.2.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel8-x86_64-2.2.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel8-x86_64-2.2.2.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel9-x86_64-2.2.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel9-x86_64-2.2.2.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-s390x-2.2.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-s390x-2.2.2.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-windows-x86_64-2.2.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.elytron-web.undertow-server-1.9.2.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.elytron-web.undertow-server-1.9.2.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.elytron-web.undertow-server-servlet-1.9.2.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.elytron-web.undertow-server-servlet-1.9.2.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-asn1-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-asn1-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-audit-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-audit-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-deprecated-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-deprecated-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-http-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-http-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-sasl-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-sasl-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-util-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-util-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-base-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-base-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-client-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-client-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-source-deprecated-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-source-deprecated-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-source-impl-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-source-impl-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-store-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-store-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-digest-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-digest-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-encryption-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-encryption-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-basic-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-basic-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-bearer-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-bearer-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-cert-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-cert-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-deprecated-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-deprecated-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-digest-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-digest-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-external-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-external-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-form-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-form-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-oidc-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-spnego-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-spnego-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-sso-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-sso-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-stateful-basic-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-stateful-basic-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-util-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-util-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-jacc-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-jacc-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-jaspi-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-jaspi-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-jose-jwk-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-jose-util-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-json-util-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-json-util-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-keystore-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-keystore-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-digest-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-digest-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-gssapi-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-gssapi-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-http-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-http-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-oauth2-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-oauth2-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-scram-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-scram-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-password-impl-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-password-impl-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-permission-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-permission-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-provider-util-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-provider-util-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-jdbc-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-jdbc-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-ldap-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-ldap-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-token-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-token-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-anonymous-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-anonymous-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-auth-util-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-auth-util-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-deprecated-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-deprecated-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-digest-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-digest-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-entity-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-entity-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-external-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-external-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-gs2-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-gs2-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-gssapi-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-gssapi-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-localuser-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-localuser-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-oauth2-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-oauth2-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-otp-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-otp-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-plain-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-plain-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-scram-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-scram-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-security-manager-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-security-manager-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-security-manager-action-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-security-manager-action-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-ssl-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-ssl-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-tool-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-tool-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-util-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-util-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-cert-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-cert-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-cert-acme-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-cert-acme-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-cert-util-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-cert-util-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-deprecated-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-deprecated-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-principal-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-principal-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.transaction.wildfly-transaction-client-1.1.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.transaction.wildfly-transaction-client-1.1.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-client-common-1.1.13.SP1-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-client-common-1.1.13.SP1-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-ejb-client-1.1.13.SP1-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-ejb-client-1.1.13.SP1-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-naming-client-1.1.13.SP1-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-naming-client-1.1.13.SP1-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-transaction-client-1.1.13.SP1-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-transaction-client-1.1.13.SP1-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-naming-client-1.0.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-naming-client-1.0.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.yaml.snakeyaml-1.31.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.yaml.snakeyaml-1.31.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :wsdl4j.wsdl4j-1.6.3.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :wsdl4j.wsdl4j-1.6.3.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :xalan.serializer-2.7.1.redhat-00013.jar",
"Red Hat JBoss Enterprise Application Platform :xalan.serializer-2.7.1.redhat-00013.pom",
"Red Hat JBoss Enterprise Application Platform :xalan.xalan-2.7.1.redhat-00013.jar",
"Red Hat JBoss Enterprise Application Platform :xalan.xalan-2.7.1.redhat-00013.pom",
"Red Hat JBoss Enterprise Application Platform :xerces.xercesImpl-2.12.0.SP04-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :xerces.xercesImpl-2.12.0.SP04-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :xml-resolver.xml-resolver-1.2.0.redhat-12.jar",
"Red Hat JBoss Enterprise Application Platform :xml-resolver.xml-resolver-1.2.0.redhat-12.pom",
"Red Hat JBoss Enterprise Application Platform :xom.xom-1.3.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :xom.xom-1.3.7.redhat-00001.pom"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-1259"
},
{
"category": "external",
"summary": "RHBZ#2072339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072339"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-1259",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1259"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1259",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1259"
}
],
"release_date": "2022-04-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-05T16:46:28+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied. For details about how to apply this update, see: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform :io.undertow.undertow-core-2.2.19.SP2-redhat-00001.jar"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6825"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform :@babel.code-frame-7.0.0",
"Red Hat JBoss Enterprise Application Platform :@babel.core-7.4.5",
"Red Hat JBoss Enterprise Application Platform :@babel.generator-7.4.4",
"Red Hat JBoss Enterprise Application Platform :@babel.helper-function-name-7.1.0",
"Red Hat JBoss Enterprise Application Platform :@babel.helper-get-function-arity-7.0.0",
"Red Hat JBoss Enterprise Application Platform :@babel.helper-split-export-declaration-7.4.4",
"Red Hat JBoss Enterprise Application Platform :@babel.helpers-7.4.4",
"Red Hat JBoss Enterprise Application Platform :@babel.highlight-7.0.0",
"Red Hat JBoss Enterprise Application Platform :@babel.parser-7.4.5",
"Red Hat JBoss Enterprise Application Platform :@babel.template-7.4.4",
"Red Hat JBoss Enterprise Application Platform :@babel.traverse-7.4.5",
"Red Hat JBoss Enterprise Application Platform :@babel.types-7.4.4",
"Red Hat JBoss Enterprise Application Platform :@mrmlnc.readdir-enhanced-2.2.1",
"Red Hat JBoss Enterprise Application Platform :@nodelib.fs.stat-1.1.3",
"Red Hat JBoss Enterprise Application Platform :@types.c3-0.6.0",
"Red Hat JBoss Enterprise Application Platform :@types.d3-4.13.0",
"Red Hat JBoss Enterprise Application Platform :@types.d3-array-1.2.1",
"Red Hat JBoss Enterprise Application Platform :@types.d3-axis-1.0.10",
"Red Hat JBoss Enterprise Application Platform :@types.d3-brush-1.0.8",
"Red Hat JBoss Enterprise Application Platform :@types.d3-chord-1.0.7",
"Red Hat JBoss Enterprise Application Platform :@types.d3-collection-1.0.7",
"Red Hat JBoss Enterprise Application Platform :@types.d3-color-1.2.1",
"Red Hat JBoss Enterprise Application Platform :@types.d3-dispatch-1.0.6",
"Red Hat JBoss Enterprise Application Platform :@types.d3-drag-1.2.1",
"Red Hat JBoss Enterprise Application Platform :@types.d3-dsv-1.0.33",
"Red Hat JBoss Enterprise Application Platform :@types.d3-ease-1.0.7",
"Red Hat JBoss Enterprise Application Platform :@types.d3-force-1.1.1",
"Red Hat JBoss Enterprise Application Platform :@types.d3-format-1.3.0",
"Red Hat JBoss Enterprise Application Platform :@types.d3-geo-1.10.3",
"Red Hat JBoss Enterprise Application Platform :@types.d3-hierarchy-1.1.2",
"Red Hat JBoss Enterprise Application Platform :@types.d3-interpolate-1.2.0",
"Red Hat JBoss Enterprise Application Platform :@types.d3-path-1.0.7",
"Red Hat JBoss Enterprise Application Platform :@types.d3-polygon-1.0.6",
"Red Hat JBoss Enterprise Application Platform :@types.d3-quadtree-1.0.5",
"Red Hat JBoss Enterprise Application Platform :@types.d3-queue-3.0.6",
"Red Hat JBoss Enterprise Application Platform :@types.d3-random-1.1.1",
"Red Hat JBoss Enterprise Application Platform :@types.d3-request-1.0.2",
"Red Hat JBoss Enterprise Application Platform :@types.d3-scale-1.0.13",
"Red Hat JBoss Enterprise Application Platform :@types.d3-selection-1.3.1",
"Red Hat JBoss Enterprise Application Platform :@types.d3-shape-1.2.3",
"Red Hat JBoss Enterprise Application Platform :@types.d3-time-1.0.8",
"Red Hat JBoss Enterprise Application Platform :@types.d3-time-format-2.1.0",
"Red Hat JBoss Enterprise Application Platform :@types.d3-timer-1.0.7",
"Red Hat JBoss Enterprise Application Platform :@types.d3-transition-1.1.1",
"Red Hat JBoss Enterprise Application Platform :@types.d3-voronoi-1.1.7",
"Red Hat JBoss Enterprise Application Platform :@types.d3-zoom-1.7.1",
"Red Hat JBoss Enterprise Application Platform :@types.events-3.0.0",
"Red Hat JBoss Enterprise Application Platform :@types.geojson-7946.0.3",
"Red Hat JBoss Enterprise Application Platform :@types.glob-7.1.1",
"Red Hat JBoss Enterprise Application Platform :@types.minimatch-3.0.3",
"Red Hat JBoss Enterprise Application Platform :@types.node-12.0.10",
"Red Hat JBoss Enterprise Application Platform :@types.unist-2.0.3",
"Red Hat JBoss Enterprise Application Platform :@types.vfile-3.0.2",
"Red Hat JBoss Enterprise Application Platform :@types.vfile-message-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.abab-1.0.4",
"Red Hat JBoss Enterprise Application Platform :None.abbrev-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.abstract-leveldown-6.0.3",
"Red Hat JBoss Enterprise Application Platform :None.ace-builds-1.4.5",
"Red Hat JBoss Enterprise Application Platform :None.acorn-2.7.0",
"Red Hat JBoss Enterprise Application Platform :None.acorn-globals-1.0.9",
"Red Hat JBoss Enterprise Application Platform :None.ajv-6.10.0",
"Red Hat JBoss Enterprise Application Platform :None.amdefine-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.ansi-regex-2.1.1",
"Red Hat JBoss Enterprise Application Platform :None.ansi-regex-4.1.0",
"Red Hat JBoss Enterprise Application Platform :None.ansi-styles-2.2.1",
"Red Hat JBoss Enterprise Application Platform :None.ansi-styles-3.2.1",
"Red Hat JBoss Enterprise Application Platform :None.aproba-1.2.0",
"Red Hat JBoss Enterprise Application Platform :None.are-we-there-yet-1.1.5",
"Red Hat JBoss Enterprise Application Platform :None.argparse-1.0.10",
"Red Hat JBoss Enterprise Application Platform :None.argsarray-0.0.1",
"Red Hat JBoss Enterprise Application Platform :None.arr-diff-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.arr-flatten-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.arr-union-3.1.0",
"Red Hat JBoss Enterprise Application Platform :None.array-each-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.array-find-index-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.array-slice-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.array-union-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.array-uniq-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.array-unique-0.3.2",
"Red Hat JBoss Enterprise Application Platform :None.arrify-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.artemis-service.exe-None",
"Red Hat JBoss Enterprise Application Platform :None.asap-2.0.6",
"Red Hat JBoss Enterprise Application Platform :None.asn1-0.2.4",
"Red Hat JBoss Enterprise Application Platform :None.assert-plus-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.assign-symbols-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.astral-regex-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.async-1.5.2",
"Red Hat JBoss Enterprise Application Platform :None.async-2.6.2",
"Red Hat JBoss Enterprise Application Platform :None.asynckit-0.4.0",
"Red Hat JBoss Enterprise Application Platform :None.atob-2.1.2",
"Red Hat JBoss Enterprise Application Platform :None.autocompleter-4.0.2",
"Red Hat JBoss Enterprise Application Platform :None.autoprefixer-9.6.0",
"Red Hat JBoss Enterprise Application Platform :None.aws-sign2-0.7.0",
"Red Hat JBoss Enterprise Application Platform :None.aws4-1.8.0",
"Red Hat JBoss Enterprise Application Platform :None.babel-code-frame-6.26.0",
"Red Hat JBoss Enterprise Application Platform :None.babel-generator-6.26.1",
"Red Hat JBoss Enterprise Application Platform :None.babel-messages-6.23.0",
"Red Hat JBoss Enterprise Application Platform :None.babel-runtime-6.26.0",
"Red Hat JBoss Enterprise Application Platform :None.babel-traverse-6.26.0",
"Red Hat JBoss Enterprise Application Platform :None.babel-types-6.26.0",
"Red Hat JBoss Enterprise Application Platform :None.babylon-6.18.0",
"Red Hat JBoss Enterprise Application Platform :None.bail-1.0.4",
"Red Hat JBoss Enterprise Application Platform :None.balanced-match-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.base-0.11.2",
"Red Hat JBoss Enterprise Application Platform :None.bcrypt-pbkdf-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.body-5.1.0",
"Red Hat JBoss Enterprise Application Platform :None.boolbase-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-3.3.7",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-3.4.1",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-datepicker-1.8.0",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-datepicker-1.9.0",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-sass-3.4.1",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-select-1.12.2",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-select-1.13.10",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-slider-10.6.1",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-slider-9.10.0",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-switch-3.3.4",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-switch-3.3.5",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-touchspin-3.1.1",
"Red Hat JBoss Enterprise Application Platform :None.brace-expansion-1.1.11",
"Red Hat JBoss Enterprise Application Platform :None.braces-2.3.2",
"Red Hat JBoss Enterprise Application Platform :None.braces-3.0.2",
"Red Hat JBoss Enterprise Application Platform :None.browserslist-4.6.3",
"Red Hat JBoss Enterprise Application Platform :None.buffer-from-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.bytes-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.c3-0.4.23",
"Red Hat JBoss Enterprise Application Platform :None.c3-0.7.1",
"Red Hat JBoss Enterprise Application Platform :None.cache-base-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.call-me-maybe-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.caller-callsite-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.caller-path-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.callsites-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.camelcase-2.1.1",
"Red Hat JBoss Enterprise Application Platform :None.camelcase-4.1.0",
"Red Hat JBoss Enterprise Application Platform :None.camelcase-keys-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.camelcase-keys-4.2.0",
"Red Hat JBoss Enterprise Application Platform :None.caniuse-lite-1.0.30000978",
"Red Hat JBoss Enterprise Application Platform :None.caseless-0.12.0",
"Red Hat JBoss Enterprise Application Platform :None.ccount-1.0.4",
"Red Hat JBoss Enterprise Application Platform :None.chalk-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.chalk-2.4.2",
"Red Hat JBoss Enterprise Application Platform :None.character-entities-1.2.3",
"Red Hat JBoss Enterprise Application Platform :None.character-entities-html4-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.character-entities-legacy-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.character-reference-invalid-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.cheerio-0.20.0",
"Red Hat JBoss Enterprise Application Platform :None.cheerio-1.0.0-rc.2",
"Red Hat JBoss Enterprise Application Platform :None.chownr-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.class-utils-0.3.6",
"Red Hat JBoss Enterprise Application Platform :None.clean-css-4.2.1",
"Red Hat JBoss Enterprise Application Platform :None.clipboard-2.0.11",
"Red Hat JBoss Enterprise Application Platform :None.clone-2.1.2",
"Red Hat JBoss Enterprise Application Platform :None.clone-buffer-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.clone-regexp-2.2.0",
"Red Hat JBoss Enterprise Application Platform :None.code-point-at-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.coffeescript-1.10.0",
"Red Hat JBoss Enterprise Application Platform :None.collapse-white-space-1.0.5",
"Red Hat JBoss Enterprise Application Platform :None.collection-visit-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.color-convert-1.9.3",
"Red Hat JBoss Enterprise Application Platform :None.color-logger-0.0.3",
"Red Hat JBoss Enterprise Application Platform :None.color-logger-0.0.6",
"Red Hat JBoss Enterprise Application Platform :None.color-name-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.colors-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.combined-stream-1.0.8",
"Red Hat JBoss Enterprise Application Platform :None.commander-2.20.0",
"Red Hat JBoss Enterprise Application Platform :None.component-emitter-1.3.0",
"Red Hat JBoss Enterprise Application Platform :None.concat-map-0.0.1",
"Red Hat JBoss Enterprise Application Platform :None.console-control-strings-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.continuable-cache-0.3.1",
"Red Hat JBoss Enterprise Application Platform :None.convert-source-map-1.6.0",
"Red Hat JBoss Enterprise Application Platform :None.copy-descriptor-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.core-js-0.9.18",
"Red Hat JBoss Enterprise Application Platform :None.core-js-2.6.9",
"Red Hat JBoss Enterprise Application Platform :None.core-util-is-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.cosmiconfig-5.2.1",
"Red Hat JBoss Enterprise Application Platform :None.css-2.2.4",
"Red Hat JBoss Enterprise Application Platform :None.css-parse-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.css-select-1.2.0",
"Red Hat JBoss Enterprise Application Platform :None.css-unit-converter-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.css-what-2.1.3",
"Red Hat JBoss Enterprise Application Platform :None.cssom-0.3.6",
"Red Hat JBoss Enterprise Application Platform :None.cssstyle-0.2.37",
"Red Hat JBoss Enterprise Application Platform :None.currently-unhandled-0.4.1",
"Red Hat JBoss Enterprise Application Platform :None.d3-3.5.17",
"Red Hat JBoss Enterprise Application Platform :None.d3-5.9.2",
"Red Hat JBoss Enterprise Application Platform :None.d3-array-1.2.4",
"Red Hat JBoss Enterprise Application Platform :None.d3-axis-1.0.12",
"Red Hat JBoss Enterprise Application Platform :None.d3-brush-1.0.6",
"Red Hat JBoss Enterprise Application Platform :None.d3-chord-1.0.6",
"Red Hat JBoss Enterprise Application Platform :None.d3-collection-1.0.7",
"Red Hat JBoss Enterprise Application Platform :None.d3-color-1.2.3",
"Red Hat JBoss Enterprise Application Platform :None.d3-contour-1.3.2",
"Red Hat JBoss Enterprise Application Platform :None.d3-dispatch-1.0.5",
"Red Hat JBoss Enterprise Application Platform :None.d3-drag-1.2.3",
"Red Hat JBoss Enterprise Application Platform :None.d3-dsv-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.d3-ease-1.0.5",
"Red Hat JBoss Enterprise Application Platform :None.d3-fetch-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.d3-force-1.2.1",
"Red Hat JBoss Enterprise Application Platform :None.d3-format-1.3.2",
"Red Hat JBoss Enterprise Application Platform :None.d3-geo-1.11.6",
"Red Hat JBoss Enterprise Application Platform :None.d3-hierarchy-1.1.8",
"Red Hat JBoss Enterprise Application Platform :None.d3-interpolate-1.3.2",
"Red Hat JBoss Enterprise Application Platform :None.d3-path-1.0.7",
"Red Hat JBoss Enterprise Application Platform :None.d3-polygon-1.0.5",
"Red Hat JBoss Enterprise Application Platform :None.d3-quadtree-1.0.6",
"Red Hat JBoss Enterprise Application Platform :None.d3-random-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.d3-scale-2.2.2",
"Red Hat JBoss Enterprise Application Platform :None.d3-scale-chromatic-1.3.3",
"Red Hat JBoss Enterprise Application Platform :None.d3-selection-1.4.0",
"Red Hat JBoss Enterprise Application Platform :None.d3-shape-1.3.5",
"Red Hat JBoss Enterprise Application Platform :None.d3-time-1.0.11",
"Red Hat JBoss Enterprise Application Platform :None.d3-time-format-2.1.3",
"Red Hat JBoss Enterprise Application Platform :None.d3-timer-1.0.9",
"Red Hat JBoss Enterprise Application Platform :None.d3-transition-1.2.0",
"Red Hat JBoss Enterprise Application Platform :None.d3-voronoi-1.1.4",
"Red Hat JBoss Enterprise Application Platform :None.d3-zoom-1.7.3",
"Red Hat JBoss Enterprise Application Platform :None.dashdash-1.14.1",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-1.10.16",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-1.10.19",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-bs-1.10.16",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-buttons-1.5.6",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-colreorder-1.4.1",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-colreorder-bs-1.3.3",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-keytable-2.5.0",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-select-1.2.7",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-select-1.3.0",
"Red Hat JBoss Enterprise Application Platform :None.dateformat-1.0.12",
"Red Hat JBoss Enterprise Application Platform :None.debug-2.6.9",
"Red Hat JBoss Enterprise Application Platform :None.debug-3.2.6",
"Red Hat JBoss Enterprise Application Platform :None.debug-4.1.1",
"Red Hat JBoss Enterprise Application Platform :None.decamelize-1.2.0",
"Red Hat JBoss Enterprise Application Platform :None.decamelize-keys-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.decode-uri-component-0.2.0",
"Red Hat JBoss Enterprise Application Platform :None.deep-is-0.1.3",
"Red Hat JBoss Enterprise Application Platform :None.deferred-leveldown-5.0.1",
"Red Hat JBoss Enterprise Application Platform :None.define-property-0.2.5",
"Red Hat JBoss Enterprise Application Platform :None.define-property-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.define-property-2.0.2",
"Red Hat JBoss Enterprise Application Platform :None.delayed-stream-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.delegate-3.2.0",
"Red Hat JBoss Enterprise Application Platform :None.delegates-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.detect-file-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.detect-indent-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.diff-3.5.0",
"Red Hat JBoss Enterprise Application Platform :None.dir-glob-2.2.2",
"Red Hat JBoss Enterprise Application Platform :None.dom-serializer-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.domelementtype-1.3.1",
"Red Hat JBoss Enterprise Application Platform :None.domhandler-2.3.0",
"Red Hat JBoss Enterprise Application Platform :None.domhandler-2.4.2",
"Red Hat JBoss Enterprise Application Platform :None.domutils-1.5.1",
"Red Hat JBoss Enterprise Application Platform :None.dot-prop-4.2.0",
"Red Hat JBoss Enterprise Application Platform :None.double-ended-queue-2.1.0-0",
"Red Hat JBoss Enterprise Application Platform :None.drmonty-datatables-colvis-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.duplexer-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.ecc-jsbn-0.1.2",
"Red Hat JBoss Enterprise Application Platform :None.electron-to-chromium-1.3.174",
"Red Hat JBoss Enterprise Application Platform :None.emoji-regex-7.0.3",
"Red Hat JBoss Enterprise Application Platform :None.emoji-regex-8.0.0",
"Red Hat JBoss Enterprise Application Platform :None.encoding-down-6.1.0",
"Red Hat JBoss Enterprise Application Platform :None.end-stream-0.1.0",
"Red Hat JBoss Enterprise Application Platform :None.entities-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.entities-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.env-paths-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.eonasdan-bootstrap-datetimepicker-4.17.47",
"Red Hat JBoss Enterprise Application Platform :None.errno-0.1.7",
"Red Hat JBoss Enterprise Application Platform :None.error-7.0.2",
"Red Hat JBoss Enterprise Application Platform :None.error-ex-1.3.2",
"Red Hat JBoss Enterprise Application Platform :None.es6-denodeify-0.1.5",
"Red Hat JBoss Enterprise Application Platform :None.escape-html-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.escape-html-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.escape-string-regexp-1.0.5",
"Red Hat JBoss Enterprise Application Platform :None.escodegen-1.11.1",
"Red Hat JBoss Enterprise Application Platform :None.escodegen-1.7.0",
"Red Hat JBoss Enterprise Application Platform :None.esdoc-0.4.8",
"Red Hat JBoss Enterprise Application Platform :None.esdoc-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.espree-2.2.0",
"Red Hat JBoss Enterprise Application Platform :None.esprima-1.2.5",
"Red Hat JBoss Enterprise Application Platform :None.esprima-3.1.3",
"Red Hat JBoss Enterprise Application Platform :None.esprima-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.estraverse-1.9.3",
"Red Hat JBoss Enterprise Application Platform :None.estraverse-4.1.0",
"Red Hat JBoss Enterprise Application Platform :None.estraverse-4.2.0",
"Red Hat JBoss Enterprise Application Platform :None.esutils-2.0.2",
"Red Hat JBoss Enterprise Application Platform :None.eventemitter2-0.4.14",
"Red Hat JBoss Enterprise Application Platform :None.execall-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.exit-0.1.2",
"Red Hat JBoss Enterprise Application Platform :None.expand-brackets-2.1.4",
"Red Hat JBoss Enterprise Application Platform :None.expand-tilde-2.0.2",
"Red Hat JBoss Enterprise Application Platform :None.extend-3.0.2",
"Red Hat JBoss Enterprise Application Platform :None.extend-shallow-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.extend-shallow-3.0.2",
"Red Hat JBoss Enterprise Application Platform :None.extglob-2.0.4",
"Red Hat JBoss Enterprise Application Platform :None.extsprintf-1.3.0",
"Red Hat JBoss Enterprise Application Platform :None.fast-deep-equal-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.fast-future-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.fast-glob-2.2.7",
"Red Hat JBoss Enterprise Application Platform :None.fast-json-stable-stringify-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.fast-levenshtein-1.0.7",
"Red Hat JBoss Enterprise Application Platform :None.fast-levenshtein-2.0.6",
"Red Hat JBoss Enterprise Application Platform :None.faye-websocket-0.10.0",
"Red Hat JBoss Enterprise Application Platform :None.fetch-cookie-0.7.0",
"Red Hat JBoss Enterprise Application Platform :None.figures-1.7.0",
"Red Hat JBoss Enterprise Application Platform :None.file-entry-cache-5.0.1",
"Red Hat JBoss Enterprise Application Platform :None.file-sync-cmp-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.fill-range-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.fill-range-7.0.1",
"Red Hat JBoss Enterprise Application Platform :None.find-up-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.find-up-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.findup-sync-0.3.0",
"Red Hat JBoss Enterprise Application Platform :None.findup-sync-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.fined-1.2.0",
"Red Hat JBoss Enterprise Application Platform :None.flagged-respawn-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.flat-cache-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.flatted-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.font-awesome-4.7.0",
"Red Hat JBoss Enterprise Application Platform :None.font-awesome-sass-4.7.0",
"Red Hat JBoss Enterprise Application Platform :None.for-in-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.for-own-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.forever-agent-0.6.1",
"Red Hat JBoss Enterprise Application Platform :None.form-data-2.3.3",
"Red Hat JBoss Enterprise Application Platform :None.fragment-cache-0.2.1",
"Red Hat JBoss Enterprise Application Platform :None.fs-extra-0.26.5",
"Red Hat JBoss Enterprise Application Platform :None.fs-extra-5.0.0",
"Red Hat JBoss Enterprise Application Platform :None.fs-minipass-1.2.6",
"Red Hat JBoss Enterprise Application Platform :None.fs.realpath-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.gauge-2.7.4",
"Red Hat JBoss Enterprise Application Platform :None.gaze-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.get-stdin-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.get-stdin-7.0.0",
"Red Hat JBoss Enterprise Application Platform :None.get-value-2.0.6",
"Red Hat JBoss Enterprise Application Platform :None.getobject-0.1.0",
"Red Hat JBoss Enterprise Application Platform :None.getpass-0.1.7",
"Red Hat JBoss Enterprise Application Platform :None.glob-5.0.15",
"Red Hat JBoss Enterprise Application Platform :None.glob-7.0.6",
"Red Hat JBoss Enterprise Application Platform :None.glob-7.1.4",
"Red Hat JBoss Enterprise Application Platform :None.glob-parent-3.1.0",
"Red Hat JBoss Enterprise Application Platform :None.glob-to-regexp-0.3.0",
"Red Hat JBoss Enterprise Application Platform :None.global-modules-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.global-modules-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.global-prefix-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.global-prefix-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.globals-11.12.0",
"Red Hat JBoss Enterprise Application Platform :None.globals-9.18.0",
"Red Hat JBoss Enterprise Application Platform :None.globby-9.2.0",
"Red Hat JBoss Enterprise Application Platform :None.globjoin-0.1.4",
"Red Hat JBoss Enterprise Application Platform :None.globule-1.2.1",
"Red Hat JBoss Enterprise Application Platform :None.gonzales-pe-4.2.4",
"Red Hat JBoss Enterprise Application Platform :None.good-listener-1.2.2",
"Red Hat JBoss Enterprise Application Platform :None.google-code-prettify-1.0.5",
"Red Hat JBoss Enterprise Application Platform :None.graceful-fs-4.1.15",
"Red Hat JBoss Enterprise Application Platform :None.grunt-1.0.4",
"Red Hat JBoss Enterprise Application Platform :None.grunt-cli-1.2.0",
"Red Hat JBoss Enterprise Application Platform :None.grunt-cli-1.3.2",
"Red Hat JBoss Enterprise Application Platform :None.grunt-contrib-clean-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.grunt-contrib-concat-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.grunt-contrib-copy-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.grunt-contrib-cssmin-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.grunt-contrib-less-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.grunt-contrib-watch-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.grunt-css-count-0.3.2",
"Red Hat JBoss Enterprise Application Platform :None.grunt-esdoc-0.0.4",
"Red Hat JBoss Enterprise Application Platform :None.grunt-known-options-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.grunt-legacy-log-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.grunt-legacy-log-utils-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.grunt-legacy-util-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.grunt-postcss-0.9.0",
"Red Hat JBoss Enterprise Application Platform :None.grunt-stylelint-0.11.0",
"Red Hat JBoss Enterprise Application Platform :None.gzip-size-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.har-schema-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.har-validator-5.1.3",
"Red Hat JBoss Enterprise Application Platform :None.has-ansi-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.has-flag-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.has-unicode-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.has-value-0.3.1",
"Red Hat JBoss Enterprise Application Platform :None.has-value-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.has-values-0.1.4",
"Red Hat JBoss Enterprise Application Platform :None.has-values-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.homedir-polyfill-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.hooker-0.2.3",
"Red Hat JBoss Enterprise Application Platform :None.hosted-git-info-2.7.1",
"Red Hat JBoss Enterprise Application Platform :None.html-tags-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.htmlparser2-3.10.1",
"Red Hat JBoss Enterprise Application Platform :None.htmlparser2-3.8.3",
"Red Hat JBoss Enterprise Application Platform :None.http-parser-js-0.4.10",
"Red Hat JBoss Enterprise Application Platform :None.http-signature-1.2.0",
"Red Hat JBoss Enterprise Application Platform :None.ice-cap-0.0.4",
"Red Hat JBoss Enterprise Application Platform :None.iconv-lite-0.4.24",
"Red Hat JBoss Enterprise Application Platform :None.ignore-4.0.6",
"Red Hat JBoss Enterprise Application Platform :None.ignore-5.1.2",
"Red Hat JBoss Enterprise Application Platform :None.image-size-0.5.5",
"Red Hat JBoss Enterprise Application Platform :None.immediate-3.0.6",
"Red Hat JBoss Enterprise Application Platform :None.immediate-3.2.3",
"Red Hat JBoss Enterprise Application Platform :None.import-fresh-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.import-lazy-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.imurmurhash-0.1.4",
"Red Hat JBoss Enterprise Application Platform :None.indent-string-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.indent-string-3.2.0",
"Red Hat JBoss Enterprise Application Platform :None.indexes-of-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.inflight-1.0.6",
"Red Hat JBoss Enterprise Application Platform :None.inherits-2.0.3",
"Red Hat JBoss Enterprise Application Platform :None.ini-1.3.5",
"Red Hat JBoss Enterprise Application Platform :None.interpret-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.invariant-2.2.4",
"Red Hat JBoss Enterprise Application Platform :None.is-absolute-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-accessor-descriptor-0.1.6",
"Red Hat JBoss Enterprise Application Platform :None.is-accessor-descriptor-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-alphabetical-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.is-alphanumeric-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-alphanumerical-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.is-arrayish-0.2.1",
"Red Hat JBoss Enterprise Application Platform :None.is-buffer-1.1.6",
"Red Hat JBoss Enterprise Application Platform :None.is-buffer-2.0.3",
"Red Hat JBoss Enterprise Application Platform :None.is-data-descriptor-0.1.4",
"Red Hat JBoss Enterprise Application Platform :None.is-data-descriptor-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-decimal-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.is-descriptor-0.1.6",
"Red Hat JBoss Enterprise Application Platform :None.is-descriptor-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.is-directory-0.3.1",
"Red Hat JBoss Enterprise Application Platform :None.is-extendable-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.is-extendable-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.is-extglob-2.1.1",
"Red Hat JBoss Enterprise Application Platform :None.is-finite-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.is-fullwidth-code-point-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-fullwidth-code-point-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-fullwidth-code-point-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-glob-3.1.0",
"Red Hat JBoss Enterprise Application Platform :None.is-glob-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.is-hexadecimal-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.is-number-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-number-7.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-obj-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.is-plain-obj-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.is-plain-object-2.0.4",
"Red Hat JBoss Enterprise Application Platform :None.is-regexp-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.is-relative-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-typedarray-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-unc-path-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-utf8-0.2.1",
"Red Hat JBoss Enterprise Application Platform :None.is-whitespace-character-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.is-windows-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.is-word-character-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.isarray-0.0.1",
"Red Hat JBoss Enterprise Application Platform :None.isarray-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.isexe-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.isobject-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.isobject-3.0.1",
"Red Hat JBoss Enterprise Application Platform :None.isstream-0.1.2",
"Red Hat JBoss Enterprise Application Platform :None.jansi.dll-None",
"Red Hat JBoss Enterprise Application Platform :None.jboss-eap-7.4.7-runtime-maven-repository.zip-None",
"Red Hat JBoss Enterprise Application Platform :None.jquery-3.2.1",
"Red Hat JBoss Enterprise Application Platform :None.jquery-3.4.1",
"Red Hat JBoss Enterprise Application Platform :None.jquery-match-height-0.7.2",
"Red Hat JBoss Enterprise Application Platform :None.js-cookie-2.2.0",
"Red Hat JBoss Enterprise Application Platform :None.js-tokens-3.0.2",
"Red Hat JBoss Enterprise Application Platform :None.js-tokens-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.js-yaml-3.13.1",
"Red Hat JBoss Enterprise Application Platform :None.jsbn-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.jsdom-7.2.2",
"Red Hat JBoss Enterprise Application Platform :None.jsesc-1.3.0",
"Red Hat JBoss Enterprise Application Platform :None.jsesc-2.5.2",
"Red Hat JBoss Enterprise Application Platform :None.json-parse-better-errors-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.json-schema-0.2.3",
"Red Hat JBoss Enterprise Application Platform :None.json-schema-traverse-0.4.1",
"Red Hat JBoss Enterprise Application Platform :None.json-stringify-safe-5.0.1",
"Red Hat JBoss Enterprise Application Platform :None.json5-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.jsonfile-2.4.0",
"Red Hat JBoss Enterprise Application Platform :None.jsonfile-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.jsprim-1.4.1",
"Red Hat JBoss Enterprise Application Platform :None.jstree-3.3.8",
"Red Hat JBoss Enterprise Application Platform :None.kind-of-3.2.2",
"Red Hat JBoss Enterprise Application Platform :None.kind-of-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.kind-of-5.1.0",
"Red Hat JBoss Enterprise Application Platform :None.kind-of-6.0.2",
"Red Hat JBoss Enterprise Application Platform :None.klaw-1.3.1",
"Red Hat JBoss Enterprise Application Platform :None.known-css-properties-0.14.0",
"Red Hat JBoss Enterprise Application Platform :None.less-3.9.0",
"Red Hat JBoss Enterprise Application Platform :None.level-5.0.1",
"Red Hat JBoss Enterprise Application Platform :None.level-codec-9.0.1",
"Red Hat JBoss Enterprise Application Platform :None.level-concat-iterator-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.level-errors-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.level-iterator-stream-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.level-js-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.level-packager-5.0.2",
"Red Hat JBoss Enterprise Application Platform :None.level-write-stream-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.leveldown-5.0.2",
"Red Hat JBoss Enterprise Application Platform :None.levelup-4.0.2",
"Red Hat JBoss Enterprise Application Platform :None.leven-3.1.0",
"Red Hat JBoss Enterprise Application Platform :None.levn-0.2.5",
"Red Hat JBoss Enterprise Application Platform :None.levn-0.3.0",
"Red Hat JBoss Enterprise Application Platform :None.libjansi.so-None",
"Red Hat JBoss Enterprise Application Platform :None.libnetty_transport_native_epoll_x86_64.so-None",
"Red Hat JBoss Enterprise Application Platform :None.liftoff-2.5.0",
"Red Hat JBoss Enterprise Application Platform :None.livereload-js-2.4.0",
"Red Hat JBoss Enterprise Application Platform :None.load-json-file-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.load-json-file-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.locate-path-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.lodash-4.17.11",
"Red Hat JBoss Enterprise Application Platform :None.log-symbols-2.2.0",
"Red Hat JBoss Enterprise Application Platform :None.log-symbols-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.longest-streak-2.0.3",
"Red Hat JBoss Enterprise Application Platform :None.loose-envify-1.4.0",
"Red Hat JBoss Enterprise Application Platform :None.loud-rejection-1.6.0",
"Red Hat JBoss Enterprise Application Platform :None.ltgt-2.2.1",
"Red Hat JBoss Enterprise Application Platform :None.make-iterator-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.map-cache-0.2.2",
"Red Hat JBoss Enterprise Application Platform :None.map-obj-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.map-obj-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.map-visit-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.markdown-escapes-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.markdown-table-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.marked-0.3.19",
"Red Hat JBoss Enterprise Application Platform :None.marked-0.3.5",
"Red Hat JBoss Enterprise Application Platform :None.marked-0.7.0",
"Red Hat JBoss Enterprise Application Platform :None.matchdep-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.mathml-tag-names-2.1.1",
"Red Hat JBoss Enterprise Application Platform :None.maxmin-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.mdast-util-compact-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.meow-3.7.0",
"Red Hat JBoss Enterprise Application Platform :None.meow-5.0.0",
"Red Hat JBoss Enterprise Application Platform :None.merge2-1.2.3",
"Red Hat JBoss Enterprise Application Platform :None.micromatch-3.1.10",
"Red Hat JBoss Enterprise Application Platform :None.micromatch-4.0.2",
"Red Hat JBoss Enterprise Application Platform :None.mime-1.6.0",
"Red Hat JBoss Enterprise Application Platform :None.mime-db-1.40.0",
"Red Hat JBoss Enterprise Application Platform :None.mime-types-2.1.24",
"Red Hat JBoss Enterprise Application Platform :None.minimatch-3.0.4",
"Red Hat JBoss Enterprise Application Platform :None.minimist-0.0.8",
"Red Hat JBoss Enterprise Application Platform :None.minimist-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.minimist-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.minimist-1.2.6",
"Red Hat JBoss Enterprise Application Platform :None.minimist-options-3.0.2",
"Red Hat JBoss Enterprise Application Platform :None.minipass-2.3.5",
"Red Hat JBoss Enterprise Application Platform :None.minizlib-1.2.1",
"Red Hat JBoss Enterprise Application Platform :None.mixin-deep-1.3.2",
"Red Hat JBoss Enterprise Application Platform :None.mkdirp-0.5.1",
"Red Hat JBoss Enterprise Application Platform :None.moment-2.29.4",
"Red Hat JBoss Enterprise Application Platform :None.moment-timezone-0.4.1",
"Red Hat JBoss Enterprise Application Platform :None.ms-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.ms-2.1.2",
"Red Hat JBoss Enterprise Application Platform :None.nanomatch-1.2.13",
"Red Hat JBoss Enterprise Application Platform :None.napi-macros-1.8.2",
"Red Hat JBoss Enterprise Application Platform :None.node-fetch-2.4.1",
"Red Hat JBoss Enterprise Application Platform :None.node-gyp-5.0.1",
"Red Hat JBoss Enterprise Application Platform :None.node-gyp-build-3.8.0",
"Red Hat JBoss Enterprise Application Platform :None.node-releases-1.1.23",
"Red Hat JBoss Enterprise Application Platform :None.nopt-3.0.6",
"Red Hat JBoss Enterprise Application Platform :None.nopt-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.normalize-package-data-2.5.0",
"Red Hat JBoss Enterprise Application Platform :None.normalize-range-0.1.2",
"Red Hat JBoss Enterprise Application Platform :None.normalize-selector-0.2.0",
"Red Hat JBoss Enterprise Application Platform :None.npmlog-4.1.2",
"Red Hat JBoss Enterprise Application Platform :None.nth-check-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.num2fraction-1.2.2",
"Red Hat JBoss Enterprise Application Platform :None.number-is-nan-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.nwmatcher-1.4.4",
"Red Hat JBoss Enterprise Application Platform :None.oauth-sign-0.9.0",
"Red Hat JBoss Enterprise Application Platform :None.object-assign-4.1.1",
"Red Hat JBoss Enterprise Application Platform :None.object-copy-0.1.0",
"Red Hat JBoss Enterprise Application Platform :None.object-visit-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.object.defaults-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.object.map-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.object.pick-1.3.0",
"Red Hat JBoss Enterprise Application Platform :None.once-1.4.0",
"Red Hat JBoss Enterprise Application Platform :None.opencollective-postinstall-2.0.2",
"Red Hat JBoss Enterprise Application Platform :None.optionator-0.5.0",
"Red Hat JBoss Enterprise Application Platform :None.optionator-0.8.2",
"Red Hat JBoss Enterprise Application Platform :None.os-homedir-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.os-tmpdir-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.osenv-0.1.5",
"Red Hat JBoss Enterprise Application Platform :None.p-limit-1.3.0",
"Red Hat JBoss Enterprise Application Platform :None.p-locate-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.p-try-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.parse-entities-1.2.2",
"Red Hat JBoss Enterprise Application Platform :None.parse-filepath-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.parse-json-2.2.0",
"Red Hat JBoss Enterprise Application Platform :None.parse-json-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.parse-passwd-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.parse5-1.5.1",
"Red Hat JBoss Enterprise Application Platform :None.parse5-3.0.3",
"Red Hat JBoss Enterprise Application Platform :None.pascalcase-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.path-dirname-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.path-exists-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.path-exists-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.path-is-absolute-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.path-parse-1.0.6",
"Red Hat JBoss Enterprise Application Platform :None.path-root-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.path-root-regex-0.1.2",
"Red Hat JBoss Enterprise Application Platform :None.path-type-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.path-type-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.patternfly-3.59.2",
"Red Hat JBoss Enterprise Application Platform :None.patternfly-bootstrap-combobox-1.1.7",
"Red Hat JBoss Enterprise Application Platform :None.patternfly-bootstrap-treeview-2.1.5",
"Red Hat JBoss Enterprise Application Platform :None.performance-now-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.picomatch-2.0.7",
"Red Hat JBoss Enterprise Application Platform :None.pify-2.3.0",
"Red Hat JBoss Enterprise Application Platform :None.pify-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.pify-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.pinkie-2.0.4",
"Red Hat JBoss Enterprise Application Platform :None.pinkie-promise-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.pixrem-5.0.0",
"Red Hat JBoss Enterprise Application Platform :None.pom.xml-None",
"Red Hat JBoss Enterprise Application Platform :None.posix-character-classes-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.postcss-6.0.23",
"Red Hat JBoss Enterprise Application Platform :None.postcss-7.0.17",
"Red Hat JBoss Enterprise Application Platform :None.postcss-html-0.36.0",
"Red Hat JBoss Enterprise Application Platform :None.postcss-jsx-0.36.1",
"Red Hat JBoss Enterprise Application Platform :None.postcss-less-3.1.4",
"Red Hat JBoss Enterprise Application Platform :None.postcss-markdown-0.36.0",
"Red Hat JBoss Enterprise Application Platform :None.postcss-media-query-parser-0.2.3",
"Red Hat JBoss Enterprise Application Platform :None.postcss-reporter-6.0.1",
"Red Hat JBoss Enterprise Application Platform :None.postcss-resolve-nested-selector-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.postcss-safe-parser-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.postcss-sass-0.3.5",
"Red Hat JBoss Enterprise Application Platform :None.postcss-scss-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.postcss-selector-parser-3.1.1",
"Red Hat JBoss Enterprise Application Platform :None.postcss-syntax-0.36.2",
"Red Hat JBoss Enterprise Application Platform :None.postcss-value-parser-3.3.1",
"Red Hat JBoss Enterprise Application Platform :None.pouchdb-7.1.1",
"Red Hat JBoss Enterprise Application Platform :None.prelude-ls-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.pretty-bytes-3.0.1",
"Red Hat JBoss Enterprise Application Platform :None.process-nextick-args-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.promise-7.3.1",
"Red Hat JBoss Enterprise Application Platform :None.promise-polyfill-8.1.3",
"Red Hat JBoss Enterprise Application Platform :None.prr-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.psl-1.1.33",
"Red Hat JBoss Enterprise Application Platform :None.punycode-1.4.1",
"Red Hat JBoss Enterprise Application Platform :None.punycode-2.1.1",
"Red Hat JBoss Enterprise Application Platform :None.qs-6.5.2",
"Red Hat JBoss Enterprise Application Platform :None.quick-lru-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.raw-body-1.1.7",
"Red Hat JBoss Enterprise Application Platform :None.read-pkg-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.read-pkg-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.read-pkg-up-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.read-pkg-up-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.readable-stream-0.0.4",
"Red Hat JBoss Enterprise Application Platform :None.readable-stream-1.0.33",
"Red Hat JBoss Enterprise Application Platform :None.readable-stream-1.1.14",
"Red Hat JBoss Enterprise Application Platform :None.readable-stream-2.3.6",
"Red Hat JBoss Enterprise Application Platform :None.readable-stream-3.4.0",
"Red Hat JBoss Enterprise Application Platform :None.rechoir-0.6.2",
"Red Hat JBoss Enterprise Application Platform :None.redent-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.redent-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.reduce-css-calc-2.1.6",
"Red Hat JBoss Enterprise Application Platform :None.regenerator-runtime-0.11.1",
"Red Hat JBoss Enterprise Application Platform :None.regex-not-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.remark-10.0.1",
"Red Hat JBoss Enterprise Application Platform :None.remark-parse-6.0.3",
"Red Hat JBoss Enterprise Application Platform :None.remark-stringify-6.0.4",
"Red Hat JBoss Enterprise Application Platform :None.repeat-element-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.repeat-string-1.6.1",
"Red Hat JBoss Enterprise Application Platform :None.repeating-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.replace-ext-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.request-2.88.0",
"Red Hat JBoss Enterprise Application Platform :None.resolve-1.1.7",
"Red Hat JBoss Enterprise Application Platform :None.resolve-1.11.1",
"Red Hat JBoss Enterprise Application Platform :None.resolve-dir-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.resolve-from-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.resolve-from-5.0.0",
"Red Hat JBoss Enterprise Application Platform :None.resolve-url-0.2.1",
"Red Hat JBoss Enterprise Application Platform :None.ret-0.1.15",
"Red Hat JBoss Enterprise Application Platform :None.rimraf-2.6.3",
"Red Hat JBoss Enterprise Application Platform :None.rw-1.3.3",
"Red Hat JBoss Enterprise Application Platform :None.safe-buffer-5.1.2",
"Red Hat JBoss Enterprise Application Platform :None.safe-json-parse-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.safe-regex-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.safer-buffer-2.1.2",
"Red Hat JBoss Enterprise Application Platform :None.sax-1.2.4",
"Red Hat JBoss Enterprise Application Platform :None.select-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.semver-5.3.0",
"Red Hat JBoss Enterprise Application Platform :None.semver-5.7.0",
"Red Hat JBoss Enterprise Application Platform :None.set-blocking-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.set-value-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.signal-exit-3.0.2",
"Red Hat JBoss Enterprise Application Platform :None.slash-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.slash-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.slice-ansi-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.snapdragon-0.8.2",
"Red Hat JBoss Enterprise Application Platform :None.snapdragon-node-2.1.1",
"Red Hat JBoss Enterprise Application Platform :None.snapdragon-util-3.0.1",
"Red Hat JBoss Enterprise Application Platform :None.source-map-0.2.0",
"Red Hat JBoss Enterprise Application Platform :None.source-map-0.5.7",
"Red Hat JBoss Enterprise Application Platform :None.source-map-0.6.1",
"Red Hat JBoss Enterprise Application Platform :None.source-map-resolve-0.5.2",
"Red Hat JBoss Enterprise Application Platform :None.source-map-url-0.4.0",
"Red Hat JBoss Enterprise Application Platform :None.spark-md5-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.spdx-correct-3.1.0",
"Red Hat JBoss Enterprise Application Platform :None.spdx-exceptions-2.2.0",
"Red Hat JBoss Enterprise Application Platform :None.spdx-expression-parse-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.spdx-license-ids-3.0.4",
"Red Hat JBoss Enterprise Application Platform :None.specificity-0.4.1",
"Red Hat JBoss Enterprise Application Platform :None.split-string-3.1.0",
"Red Hat JBoss Enterprise Application Platform :None.sprintf-js-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.sprintf-js-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.sshpk-1.16.1",
"Red Hat JBoss Enterprise Application Platform :None.stack-trace-0.0.10",
"Red Hat JBoss Enterprise Application Platform :None.state-toggle-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.static-extend-0.1.2",
"Red Hat JBoss Enterprise Application Platform :None.string-template-0.2.1",
"Red Hat JBoss Enterprise Application Platform :None.string-width-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.string-width-3.1.0",
"Red Hat JBoss Enterprise Application Platform :None.string-width-4.1.0",
"Red Hat JBoss Enterprise Application Platform :None.string_decoder-0.10.31",
"Red Hat JBoss Enterprise Application Platform :None.string_decoder-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.stringify-entities-1.3.2",
"Red Hat JBoss Enterprise Application Platform :None.strip-ansi-3.0.1",
"Red Hat JBoss Enterprise Application Platform :None.strip-ansi-5.2.0",
"Red Hat JBoss Enterprise Application Platform :None.strip-bom-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.strip-bom-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.strip-indent-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.strip-indent-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.style-search-0.1.0",
"Red Hat JBoss Enterprise Application Platform :None.stylelint-10.1.0",
"Red Hat JBoss Enterprise Application Platform :None.sugarss-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.supports-color-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.supports-color-5.5.0",
"Red Hat JBoss Enterprise Application Platform :None.supports-color-6.1.0",
"Red Hat JBoss Enterprise Application Platform :None.svg-tags-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.symbol-tree-3.2.4",
"Red Hat JBoss Enterprise Application Platform :None.table-5.4.1",
"Red Hat JBoss Enterprise Application Platform :None.taffydb-2.7.2",
"Red Hat JBoss Enterprise Application Platform :None.taffydb-2.7.3",
"Red Hat JBoss Enterprise Application Platform :None.tar-4.4.10",
"Red Hat JBoss Enterprise Application Platform :None.through2-3.0.1",
"Red Hat JBoss Enterprise Application Platform :None.tiny-emitter-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.tiny-lr-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.to-fast-properties-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.to-fast-properties-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.to-object-path-0.3.0",
"Red Hat JBoss Enterprise Application Platform :None.to-regex-3.0.2",
"Red Hat JBoss Enterprise Application Platform :None.to-regex-range-2.1.1",
"Red Hat JBoss Enterprise Application Platform :None.to-regex-range-5.0.1",
"Red Hat JBoss Enterprise Application Platform :None.tough-cookie-2.4.3",
"Red Hat JBoss Enterprise Application Platform :None.tough-cookie-2.5.0",
"Red Hat JBoss Enterprise Application Platform :None.tr46-0.0.3",
"Red Hat JBoss Enterprise Application Platform :None.trim-0.0.1",
"Red Hat JBoss Enterprise Application Platform :None.trim-newlines-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.trim-newlines-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.trim-right-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.trim-trailing-lines-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.trough-1.0.4",
"Red Hat JBoss Enterprise Application Platform :None.tunnel-agent-0.6.0",
"Red Hat JBoss Enterprise Application Platform :None.tweetnacl-0.14.5",
"Red Hat JBoss Enterprise Application Platform :None.type-check-0.3.2",
"Red Hat JBoss Enterprise Application Platform :None.typedarray-to-buffer-3.1.5",
"Red Hat JBoss Enterprise Application Platform :None.unc-path-regex-0.1.2",
"Red Hat JBoss Enterprise Application Platform :None.underscore.string-3.3.5",
"Red Hat JBoss Enterprise Application Platform :None.unherit-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.unified-7.1.0",
"Red Hat JBoss Enterprise Application Platform :None.union-value-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.uniq-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.unist-util-find-all-after-1.0.4",
"Red Hat JBoss Enterprise Application Platform :None.unist-util-is-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.unist-util-remove-position-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.unist-util-stringify-position-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.unist-util-visit-1.4.1",
"Red Hat JBoss Enterprise Application Platform :None.unist-util-visit-parents-2.1.2",
"Red Hat JBoss Enterprise Application Platform :None.universalify-0.1.2",
"Red Hat JBoss Enterprise Application Platform :None.unset-value-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.uri-js-4.2.2",
"Red Hat JBoss Enterprise Application Platform :None.urix-0.1.0",
"Red Hat JBoss Enterprise Application Platform :None.use-3.1.1",
"Red Hat JBoss Enterprise Application Platform :None.util-deprecate-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.uuid-3.2.1",
"Red Hat JBoss Enterprise Application Platform :None.uuid-3.3.2",
"Red Hat JBoss Enterprise Application Platform :None.v8flags-3.1.3",
"Red Hat JBoss Enterprise Application Platform :None.validate-npm-package-license-3.0.4",
"Red Hat JBoss Enterprise Application Platform :None.verror-1.10.0",
"Red Hat JBoss Enterprise Application Platform :None.vfile-3.0.1",
"Red Hat JBoss Enterprise Application Platform :None.vfile-location-2.0.5",
"Red Hat JBoss Enterprise Application Platform :None.vfile-message-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.vuvuzela-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.webidl-conversions-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.websocket-driver-0.7.3",
"Red Hat JBoss Enterprise Application Platform :None.websocket-extensions-0.1.3",
"Red Hat JBoss Enterprise Application Platform :None.whatwg-fetch-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.whatwg-url-compat-0.6.5",
"Red Hat JBoss Enterprise Application Platform :None.which-1.3.1",
"Red Hat JBoss Enterprise Application Platform :None.wide-align-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.wordwrap-0.0.3",
"Red Hat JBoss Enterprise Application Platform :None.wordwrap-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.wrappy-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.write-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.write-stream-0.4.3",
"Red Hat JBoss Enterprise Application Platform :None.x-is-string-0.1.0",
"Red Hat JBoss Enterprise Application Platform :None.xml-name-validator-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.xtend-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.yallist-3.0.3",
"Red Hat JBoss Enterprise Application Platform :None.yargs-parser-10.1.0",
"Red Hat JBoss Enterprise Application Platform :antlr.antlr-2.7.7.redhat-7.jar",
"Red Hat JBoss Enterprise Application Platform :antlr.antlr-2.7.7.redhat-7.pom",
"Red Hat JBoss Enterprise Application Platform :ch.qos.cal10n.cal10n-api-0.8.1.redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :ch.qos.cal10n.cal10n-api-0.8.1.redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.classmate-1.5.1.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.classmate-1.5.1.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-annotations-2.11.3.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-annotations-2.12.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-annotations-2.12.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-core-2.11.3.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-core-2.12.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-core-2.12.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-databind-2.11.3.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-databind-2.12.6.1-redhat-00004.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-databind-2.12.6.1-redhat-00004.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.datatype.jackson-datatype-jdk8-2.12.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.datatype.jackson-datatype-jdk8-2.12.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.datatype.jackson-datatype-jsr310-2.12.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.datatype.jackson-datatype-jsr310-2.12.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.jaxrs.jackson-jaxrs-base-2.12.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.jaxrs.jackson-jaxrs-base-2.12.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.jaxrs.jackson-jaxrs-json-provider-2.12.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.jaxrs.jackson-jaxrs-json-provider-2.12.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.module.jackson-module-jaxb-annotations-2.12.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.module.jackson-module-jaxb-annotations-2.12.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.woodstox.woodstox-core-6.0.3.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.github.ben-manes.caffeine.caffeine-2.8.8.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.github.fge.btf-1.2.0.redhat-00007.jar",
"Red Hat JBoss Enterprise Application Platform :com.github.fge.jackson-coreutils-1.8.0.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :com.github.fge.json-patch-1.9.0.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :com.github.fge.msg-simple-1.1.0.redhat-00007.jar",
"Red Hat JBoss Enterprise Application Platform :com.github.spullara.mustache.java.compiler-0.9.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.github.spullara.mustache.java.compiler-0.9.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.google.code.gson.gson-2.8.5.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.google.code.gson.gson-2.8.9.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.google.code.gson.gson-2.8.9.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.google.guava.failureaccess-1.0.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :com.google.guava.failureaccess-1.0.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :com.google.guava.guava-30.1.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.google.guava.guava-30.1.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.google.protobuf.protobuf-java-3.12.2.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :com.googlecode.javaewah.JavaEWAH-1.1.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.googlecode.javaewah.JavaEWAH-1.1.7.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.h2database.h2-1.4.197.redhat-00004.jar",
"Red Hat JBoss Enterprise Application Platform :com.h2database.h2-1.4.197.redhat-00004.pom",
"Red Hat JBoss Enterprise Application Platform :com.h2database.h2-1.4.197.redhat-00004.zip",
"Red Hat JBoss Enterprise Application Platform :com.microsoft.azure.azure-storage-8.6.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.microsoft.azure.azure-storage-8.6.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.squareup.protoparser-4.0.3.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.activation.jakarta.activation-1.2.2.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.activation.jakarta.activation-1.2.2.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.faces.jsf-impl-2.3.14.SP06-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.faces.jsf-impl-2.3.14.SP06-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.istack.istack-commons-runtime-3.0.10.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.istack.istack-commons-runtime-3.0.10.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.istack.istack-commons-tools-3.0.10.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.istack.istack-commons-tools-3.0.10.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.mail.jakarta.mail-1.6.5.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.mail.jakarta.mail-1.6.5.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.bind.external.relaxng-datatype-2.3.3.b02-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.bind.external.relaxng-datatype-2.3.3.b02-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.bind.external.rngom-2.3.3.b02-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.bind.external.rngom-2.3.3.b02-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.bind.jaxb.isorelax-20090621.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.fastinfoset.FastInfoset-1.2.13.redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.fastinfoset.FastInfoset-1.2.13.redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.messaging.saaj.saaj-impl-1.4.1.SP1-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.messaging.saaj.saaj-impl-1.4.1.SP1-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :commons-beanutils.commons-beanutils-1.9.4.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :commons-beanutils.commons-beanutils-1.9.4.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :commons-cli.commons-cli-1.2.0.redhat-10.pom",
"Red Hat JBoss Enterprise Application Platform :commons-cli.commons-cli-1.4.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :commons-cli.commons-cli-1.4.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :commons-codec.commons-codec-1.11.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :commons-codec.commons-codec-1.15.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :commons-codec.commons-codec-1.15.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :commons-collections.commons-collections-3.2.2.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :commons-collections.commons-collections-3.2.2.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :commons-io.commons-io-2.10.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :commons-io.commons-io-2.10.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :commons-io.commons-io-2.8.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :commons-lang.commons-lang-2.6.0.redhat-7.jar",
"Red Hat JBoss Enterprise Application Platform :commons-lang.commons-lang-2.6.0.redhat-7.pom",
"Red Hat JBoss Enterprise Application Platform :commons-logging.commons-logging-1.2.0.redhat-00004.pom",
"Red Hat JBoss Enterprise Application Platform :gnu.getopt.java-getopt-1.0.13.redhat-5.jar",
"Red Hat JBoss Enterprise Application Platform :gnu.getopt.java-getopt-1.0.13.redhat-5.pom",
"Red Hat JBoss Enterprise Application Platform :io.agroal.agroal-api-1.3.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.agroal.agroal-api-1.3.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.agroal.agroal-narayana-1.3.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.agroal.agroal-narayana-1.3.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.agroal.agroal-pool-1.3.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.agroal.agroal-pool-1.3.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-buffer-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-buffer-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-dns-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-dns-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-haproxy-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-haproxy-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-http-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-http-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-http2-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-http2-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-memcache-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-memcache-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-mqtt-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-mqtt-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-redis-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-redis-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-smtp-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-smtp-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-socks-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-socks-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-stomp-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-stomp-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-xml-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-xml-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-common-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-handler-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-handler-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-handler-proxy-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-handler-proxy-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-resolver-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-resolver-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-resolver-dns-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-resolver-dns-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-resolver-dns-classes-macos-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-resolver-dns-classes-macos-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-tcnative-classes-2.0.52.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-tcnative-classes-2.0.52.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-classes-epoll-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-classes-epoll-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-classes-kqueue-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-classes-kqueue-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-native-epoll-4.1.77.Final-redhat-00001-linux-x86_64.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-native-epoll-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-native-unix-common-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-native-unix-common-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-rxtx-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-rxtx-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-sctp-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-sctp-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-udt-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-udt-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.reactivex.rxjava2.rxjava-2.2.20.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.reactivex.rxjava3.rxjava-3.0.9.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.undertow.jastow.jastow-2.0.11.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.undertow.jastow.jastow-2.0.11.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.undertow.js.undertow-js-1.0.2.Final-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :io.undertow.js.undertow-js-1.0.2.Final-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :io.undertow.undertow-core-2.2.19.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.undertow.undertow-core-2.2.19.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.undertow.undertow-servlet-2.2.19.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.undertow.undertow-servlet-2.2.19.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.undertow.undertow-websockets-jsr-2.2.19.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.undertow.undertow-websockets-jsr-2.2.19.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :jakarta.enterprise.jakarta.enterprise.cdi-api-2.0.2.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :jakarta.enterprise.jakarta.enterprise.cdi-api-2.0.2.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :jakarta.inject.jakarta.inject-api-1.0.3.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :jakarta.inject.jakarta.inject-api-1.0.3.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :jakarta.json.bind.jakarta.json.bind-api-1.0.2.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :jakarta.json.bind.jakarta.json.bind-api-1.0.2.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :jakarta.json.jakarta.json-api-1.1.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :jakarta.json.jakarta.json-api-1.1.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :jakarta.persistence.jakarta.persistence-api-2.2.3.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :jakarta.persistence.jakarta.persistence-api-2.2.3.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :jakarta.security.enterprise.jakarta.security.enterprise-api-1.0.2.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :jakarta.security.enterprise.jakarta.security.enterprise-api-1.0.2.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :jakarta.validation.jakarta.validation-api-2.0.2.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :jakarta.validation.jakarta.validation-api-2.0.2.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :javax.jws.jsr181-api-1.0.0.MR1-redhat-8.jar",
"Red Hat JBoss Enterprise Application Platform :javax.jws.jsr181-api-1.0.0.MR1-redhat-8.pom",
"Red Hat JBoss Enterprise Application Platform :jaxen.jaxen-1.1.6.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :jaxen.jaxen-1.1.6.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :jboss.jaxbintros.jboss-jaxb-intros-1.0.3.GA-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :jboss.jaxbintros.jboss-jaxb-intros-1.0.3.GA-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :joda-time.joda-time-2.9.7.redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :joda-time.joda-time-2.9.7.redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :net.bytebuddy.byte-buddy-1.11.12.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :net.bytebuddy.byte-buddy-dep-1.11.12.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :net.java.dev.msv.msv-core-2013.6.1.pom",
"Red Hat JBoss Enterprise Application Platform :net.java.dev.msv.xsdlib-2013.6.1.pom",
"Red Hat JBoss Enterprise Application Platform :net.jcip.jcip-annotations-1.0.0.redhat-8.jar",
"Red Hat JBoss Enterprise Application Platform :net.jcip.jcip-annotations-1.0.0.redhat-8.pom",
"Red Hat JBoss Enterprise Application Platform :net.shibboleth.utilities.java-support-7.3.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :net.shibboleth.utilities.java-support-7.3.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.aesh.aesh-2.4.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.aesh.aesh-2.4.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.aesh.aesh-extensions-1.8.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.aesh.aesh-extensions-1.8.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.aesh.readline-2.2.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.aesh.readline-2.2.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.aesh.terminal-api-2.2.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.activemq-artemis-native-1.0.2.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.activemq-artemis-native-1.0.2.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-cli-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-cli-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-commons-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-commons-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-core-client-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-core-client-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-dto-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-dto-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-hornetq-protocol-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-hornetq-protocol-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-hqclient-protocol-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-hqclient-protocol-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-jdbc-store-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-jdbc-store-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-jms-client-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-jms-client-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-jms-server-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-jms-server-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-journal-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-journal-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-ra-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-ra-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-selector-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-selector-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-server-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-server-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-service-extensions-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-service-extensions-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-tools-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-tools-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.avro.avro-1.7.6.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.avro.avro-1.7.6.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.commons.commons-lang3-3.11.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.commons.commons-lang3-3.11.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-core-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-core-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-bindings-coloc-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-bindings-coloc-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-bindings-soap-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-bindings-soap-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-bindings-xml-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-bindings-xml-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-databinding-aegis-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-databinding-aegis-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-databinding-jaxb-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-databinding-jaxb-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-features-clustering-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-features-clustering-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-features-logging-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-features-logging-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-frontend-jaxws-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-frontend-jaxws-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-frontend-simple-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-frontend-simple-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-management-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-management-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-security-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-security-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-security-saml-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-security-saml-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-http-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-http-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-http-hc-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-http-hc-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-jms-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-jms-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-local-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-local-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-addr-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-addr-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-mex-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-mex-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-policy-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-policy-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-rm-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-rm-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-security-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-security-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-wsdl-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-wsdl-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-common-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-common-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-java2ws-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-java2ws-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-validator-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-validator-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-wsdlto-core-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-wsdlto-core-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-wsdlto-databinding-jaxb-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-wsdlto-databinding-jaxb-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-wsdlto-frontend-jaxws-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-wsdlto-frontend-jaxws-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.services.sts.cxf-services-sts-core-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.services.sts.cxf-services-sts-core-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.services.ws-discovery.cxf-services-ws-discovery-api-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.services.ws-discovery.cxf-services-ws-discovery-api-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjc-utils.cxf-xjc-runtime-3.3.1.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjc-utils.cxf-xjc-runtime-3.3.1.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-boolean-3.3.1.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-boolean-3.3.1.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-bug986-3.3.1.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-bug986-3.3.1.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-dv-3.3.1.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-dv-3.3.1.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-ts-3.3.1.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-ts-3.3.1.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpasyncclient-4.1.4.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpasyncclient-4.1.4.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpclient-4.5.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpclient-4.5.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpcore-4.4.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpcore-4.4.14.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpcore-4.4.14.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpcore-nio-4.4.14.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpcore-nio-4.4.14.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpmime-4.5.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpmime-4.5.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.james.apache-mime4j-0.6.0.redhat-7.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.james.apache-mime4j-0.6.0.redhat-7.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.logging.log4j.log4j-api-2.17.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.logging.log4j.log4j-api-2.17.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-analyzers-common-5.5.5.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-analyzers-common-5.5.5.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-backward-codecs-5.5.5.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-backward-codecs-5.5.5.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-core-5.5.5.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-core-5.5.5.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-facet-5.5.5.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-facet-5.5.5.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-misc-5.5.5.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-misc-5.5.5.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-queries-5.5.5.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-queries-5.5.5.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-queryparser-5.5.5.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-queryparser-5.5.5.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.neethi.neethi-3.1.1.redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.neethi.neethi-3.1.1.redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.santuario.xmlsec-2.1.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.santuario.xmlsec-2.1.7.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.sshd.sshd-common-2.7.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.sshd.sshd-common-2.7.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.sshd.sshd-core-2.7.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.sshd.sshd-core-2.7.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.taglibs.taglibs-standard-compat-1.2.6.RC1-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.taglibs.taglibs-standard-compat-1.2.6.RC1-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.taglibs.taglibs-standard-impl-1.2.6.RC1-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.taglibs.taglibs-standard-impl-1.2.6.RC1-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.taglibs.taglibs-standard-spec-1.2.6.RC1-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.taglibs.taglibs-standard-spec-1.2.6.RC1-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.velocity.velocity-engine-core-2.3.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.ws.xmlschema.xmlschema-core-2.2.5.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.ws.xmlschema.xmlschema-core-2.2.5.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-bindings-2.2.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-bindings-2.2.7.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-policy-2.2.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-policy-2.2.7.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-common-2.2.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-common-2.2.7.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-dom-2.2.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-dom-2.2.7.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-policy-stax-2.2.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-policy-stax-2.2.7.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-stax-2.2.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-stax-2.2.7.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.bitbucket.b_c.jose4j-0.7.5.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcmail-jdk15on-1.68.0.redhat-00005.jar",
"Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcmail-jdk15on-1.68.0.redhat-00005.pom",
"Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcpg-jdk15on-1.68.0.redhat-00005.jar",
"Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcpg-jdk15on-1.68.0.redhat-00005.pom",
"Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcpkix-jdk15on-1.68.0.redhat-00005.jar",
"Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcpkix-jdk15on-1.68.0.redhat-00005.pom",
"Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcprov-jdk15on-1.68.0.redhat-00005.jar",
"Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcprov-jdk15on-1.68.0.redhat-00005.pom",
"Red Hat JBoss Enterprise Application Platform :org.codehaus.jackson.jackson-core-asl-1.9.13.redhat-00007.jar",
"Red Hat JBoss Enterprise Application Platform :org.codehaus.jackson.jackson-jaxrs-1.9.13.redhat-00007.jar",
"Red Hat JBoss Enterprise Application Platform :org.codehaus.jackson.jackson-mapper-asl-1.9.13.redhat-00007.jar",
"Red Hat JBoss Enterprise Application Platform :org.codehaus.jackson.jackson-xc-1.9.13.redhat-00007.jar",
"Red Hat JBoss Enterprise Application Platform :org.codehaus.jettison.jettison-1.4.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.codehaus.jettison.jettison-1.4.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.codehaus.woodstox.stax2-api-4.2.1.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.codehaus.woodstox.stax2-api-4.2.1.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.cryptacular.cryptacular-1.2.4.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.cryptacular.cryptacular-1.2.4.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.dom4j.dom4j-2.1.3.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.dom4j.dom4j-2.1.3.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.eclipse.jdt.ecj-3.26.0.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.eclipse.jdt.ecj-3.26.0.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.eclipse.jgit.org.eclipse.jgit-5.13.0.202109080827-r-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.eclipse.jgit.org.eclipse.jgit-5.13.0.202109080827-r-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.eclipse.jgit.org.eclipse.jgit.ssh.apache-5.13.0.202109080827-r-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.eclipse.jgit.org.eclipse.jgit.ssh.apache-5.13.0.202109080827-r-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.eclipse.yasson-1.0.10.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.eclipse.yasson-1.0.10.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.fusesource.hawtjni.hawtjni-runtime-1.17.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.fusesource.jansi.jansi-1.18.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.fusesource.jansi.jansi-linux32-1.8.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.fusesource.jansi.jansi-linux64-1.8.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.fusesource.jansi.jansi-native-1.8.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jakarta.el-3.0.3.redhat-00007.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jakarta.el-3.0.3.redhat-00007.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jakarta.enterprise.concurrent-1.1.1.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jakarta.enterprise.concurrent-1.1.1.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jakarta.json-1.1.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jakarta.json-1.1.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.codemodel-2.3.3.b02-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.codemodel-2.3.3.b02-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.jaxb-jxc-2.3.3.b02-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.jaxb-jxc-2.3.3.b02-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.jaxb-runtime-2.3.3.b02-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.jaxb-runtime-2.3.3.b02-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.jaxb-xjc-2.3.3.b02-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.jaxb-xjc-2.3.3.b02-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.txw2-2.3.3.b02-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.txw2-2.3.3.b02-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.xsom-2.3.3.b02-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.xsom-2.3.3.b02-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.soteria.jakarta.security.enterprise-1.0.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.soteria.jakarta.security.enterprise-1.0.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.common.hibernate-commons-annotations-5.0.5.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-core-5.3.28.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-envers-5.3.28.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-backend-jms-5.10.7.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-backend-jms-5.10.7.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-engine-5.10.7.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-engine-5.10.7.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-orm-5.10.7.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-orm-5.10.7.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-serialization-avro-5.10.7.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-serialization-avro-5.10.7.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.validator.hibernate-validator-6.0.23.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.validator.hibernate-validator-6.0.23.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.validator.hibernate-validator-cdi-6.0.23.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.validator.hibernate-validator-cdi-6.0.23.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.hornetq.hornetq-commons-2.4.8.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hornetq.hornetq-commons-2.4.8.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.hornetq.hornetq-core-client-2.4.8.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hornetq.hornetq-core-client-2.4.8.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.hornetq.hornetq-jms-client-2.4.8.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hornetq.hornetq-jms-client-2.4.8.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-cachestore-jdbc-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-cachestore-jdbc-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-cachestore-remote-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-cachestore-remote-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-client-hotrod-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-client-hotrod-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-commons-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-commons-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-component-annotations-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-component-annotations-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-core-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-core-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-commons-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-commons-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-spi-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-spi-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-v51-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-v51-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-v53-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-v53-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.protostream.protostream-4.3.5.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.protostream.protostream-4.3.5.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jasypt.jasypt-1.9.3.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.jasypt.jasypt-1.9.3.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.javassist.javassist-3.26.0.GA-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.javassist.javassist-3.27.0.GA-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.javassist.javassist-3.27.0.GA-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jberet.jberet-core-1.3.9.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jberet.jberet-core-1.3.9.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.activemq.artemis.integration.artemis-wildfly-integration-1.0.4.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.activemq.artemis.integration.artemis-wildfly-integration-1.0.4.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.classfilewriter.jboss-classfilewriter-1.2.5.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.classfilewriter.jboss-classfilewriter-1.2.5.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.common.jboss-common-beans-2.0.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.common.jboss-common-beans-2.0.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-eclipselink-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-eclipselink-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate4-1-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate4-1-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate4-3-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate4-3-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate5-3-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate5-3-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate5-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate5-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-openjpa-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-openjpa-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-appclient-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-appclient-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-batch-jberet-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-batch-jberet-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-bean-validation-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-bean-validation-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-client-all-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-client-properties-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-client-properties-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-api-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-api-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-common-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-common-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-cache-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-cache-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-hotrod-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-hotrod-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-infinispan-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-infinispan-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ejb-infinispan-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ejb-infinispan-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ejb-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ejb-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-client-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-client-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-extension-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-extension-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-marshalling-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-marshalling-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-jgroups-api-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-jgroups-api-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-jgroups-extension-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-jgroups-extension-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-jgroups-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-jgroups-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-api-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-api-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-jboss-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-jboss-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-protostream-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-protostream-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-server-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-server-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-service-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-service-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-singleton-api-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-singleton-api-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-singleton-extension-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-singleton-extension-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-api-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-api-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-cache-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-cache-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-container-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-container-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-extension-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-extension-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-hotrod-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-hotrod-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-infinispan-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-infinispan-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-undertow-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-undertow-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-cmp-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-cmp-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-configadmin-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-configadmin-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-connector-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-connector-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-datasources-agroal-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-datasources-agroal-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ee-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ee-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ee-security-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ee-security-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ejb3-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ejb3-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-health-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-health-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-iiop-openjdk-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-iiop-openjdk-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jacorb-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jacorb-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jaxr-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jaxr-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jaxrs-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jaxrs-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jdr-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jdr-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jpa-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jpa-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jsf-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jsf-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jsf-injection-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jsf-injection-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jsr77-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jsr77-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-mail-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-mail-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-messaging-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-messaging-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-messaging-activemq-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-messaging-activemq-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-metrics-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-metrics-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-mod_cluster-extension-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-mod_cluster-extension-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-mod_cluster-undertow-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-mod_cluster-undertow-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-naming-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-naming-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ormtransformer-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ormtransformer-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-picketlink-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-picketlink-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-pojo-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-pojo-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-rts-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-rts-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-sar-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-sar-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-api-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-api-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-integration-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-integration-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-plugins-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-plugins-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-vault-tool-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-vault-tool-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-system-jmx-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-system-jmx-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-transactions-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-transactions-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-undertow-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-undertow-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-web-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-web-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-web-common-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-web-common-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-webservices-server-integration-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-webservices-server-integration-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-bean-validation-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-bean-validation-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-common-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-common-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-ejb-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-ejb-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-jpa-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-jpa-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-transactions-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-transactions-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-webservices-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-webservices-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-xts-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-xts-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ejb3.jboss-ejb3-ext-api-2.3.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ejb3.jboss-ejb3-ext-api-2.3.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.genericjms.generic-jms-ra-jar-2.0.9.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.genericjms.generic-jms-ra-jar-2.0.9.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.hal.hal-console-3.3.14.Final-redhat-00001-resources.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.hal.hal-console-3.3.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.invocation.jboss-invocation-1.6.3.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.invocation.jboss-invocation-1.6.3.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-common-api-1.5.3.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-common-api-1.5.3.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-common-impl-1.5.3.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-common-impl-1.5.3.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-common-spi-1.5.3.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-common-spi-1.5.3.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-core-api-1.5.3.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-core-api-1.5.3.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-core-impl-1.5.3.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-core-impl-1.5.3.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-deployers-common-1.5.3.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-deployers-common-1.5.3.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-jdbc-1.5.3.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-jdbc-1.5.3.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-validator-1.5.3.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-validator-1.5.3.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jandex-2.4.2.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jandex-2.4.2.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-dmr-1.5.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-dmr-1.5.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-ejb-client-4.0.45.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-ejb-client-4.0.45.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-ejb-client-legacy-3.0.3.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-ejb-client-legacy-3.0.3.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-iiop-client-1.0.1.Final-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-iiop-client-1.0.1.Final-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-transaction-spi-7.6.0.Final-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-transaction-spi-7.6.0.Final-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-vfs-3.2.17.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-vfs-3.2.17.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logging.commons-logging-jboss-logging-1.0.0.Final-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logging.commons-logging-jboss-logging-1.0.0.Final-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logging.jboss-logging-3.4.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logging.jboss-logging-3.4.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logging.jul-to-slf4j-stub-1.0.1.Final-redhat-3.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logging.jul-to-slf4j-stub-1.0.1.Final-redhat-3.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logmanager.jboss-logmanager-2.1.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logmanager.jboss-logmanager-2.1.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logmanager.log4j-jboss-logmanager-1.2.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logmanager.log4j2-jboss-logmanager-1.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logmanager.log4j2-jboss-logmanager-1.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.marshalling.jboss-marshalling-2.0.12.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.marshalling.jboss-marshalling-2.0.12.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.marshalling.jboss-marshalling-river-2.0.12.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.marshalling.jboss-marshalling-river-2.0.12.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-appclient-13.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-appclient-13.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-common-13.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-common-13.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-ear-13.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-ear-13.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-ejb-13.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-ejb-13.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-web-13.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-web-13.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-cli-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-cli-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-core-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-core-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap6.4-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap6.4-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap6.4-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap6.4-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.0-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.0-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.0-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.0-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.1-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.1-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.1-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.1-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.2-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.2-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.2-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.2-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.3-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.3-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.3-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.3-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.4-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.4-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.4-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.4-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly10.0-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly10.0-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly10.1-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly10.1-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly11.0-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly11.0-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly12.0-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly12.0-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly13.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly13.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly14.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly14.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly15.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly15.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly16.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly16.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly17.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly17.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly18.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly18.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly19.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly19.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly20.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly20.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly21.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly21.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly22.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly22.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly8.2-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly8.2-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly9.0-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly9.0-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.mod_cluster.mod_cluster-container-spi-1.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.mod_cluster.mod_cluster-container-spi-1.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.mod_cluster.mod_cluster-core-1.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.mod_cluster.mod_cluster-core-1.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.mod_cluster.mod_cluster-load-spi-1.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.mod_cluster.mod_cluster-load-spi-1.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.modules.jboss-modules-1.12.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.modules.jboss-modules-1.12.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.msc.jboss-msc-1.4.12.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.msc.jboss-msc-1.4.12.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.arjunacore.arjuna-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.arjunacore.txoj-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.common-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.compensations.compensations-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.compensations.compensations-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jbosstxbridge-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jbosstxbridge-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jta.cdi-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jta.jdbc-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jta.jms-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jta.jta-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jts.idlj-idl-jdk8-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jts.jtax-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jts.jts-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jts.narayana-jts-idlj-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jts.narayana-jts-integration-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jts.narayana-jts-integration-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jts.orbportability-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-api-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-api-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-bridge-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-bridge-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-integration-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-integration-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-util-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-util-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.txframework.txframework-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.txframework.txframework-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.bridge-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.jbossxts-5.11.4.Final-redhat-00001-api.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.jbossxts-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.recovery-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.service-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.ws-c11-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.ws-t11-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.wsas-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.wscf11-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.wstx11-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.openjdk-orb.openjdk-orb-8.1.4.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.openjdk-orb.openjdk-orb-8.1.4.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.remoting.jboss-remoting-5.0.25.SP1-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.remoting.jboss-remoting-5.0.25.SP1-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.remotingjmx.remoting-jmx-3.0.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.remotingjmx.remoting-jmx-3.0.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.jose-jwt-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.jose-jwt-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-atom-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-atom-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-cdi-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-cdi-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-client-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-client-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-crypto-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-crypto-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jackson-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jackson-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jackson2-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jackson2-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jaxb-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jaxb-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jaxrs-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jaxrs-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jettison-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jettison-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jsapi-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jsapi-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-json-binding-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-json-binding-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-json-p-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-json-p-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-multipart-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-multipart-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-rxjava2-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-rxjava2-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-spring-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-spring-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-validator-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-validator-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-yaml-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-yaml-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.seam.integration.jboss-seam-int-jbossas-7.0.0.GA-redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.seam.integration.jboss-seam-int-jbossas-7.0.0.GA-redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-common-3.0.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-common-3.0.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-extras-3.0.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-extras-3.0.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-ntlm-3.0.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-ntlm-3.0.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-spnego-3.0.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-spnego-3.0.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jbossxacml-2.0.8.Final-redhat-8.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.slf4j.slf4j-jboss-logmanager-1.1.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.slf4j.slf4j-jboss-logmanager-1.1.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.annotation.jboss-annotations-api_1.3_spec-2.0.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.annotation.jboss-annotations-api_1.3_spec-2.0.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.batch.jboss-batch-api_1.0_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.batch.jboss-batch-api_1.0_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.ejb.jboss-ejb-api_3.2_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.ejb.jboss-ejb-api_3.2_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.el.jboss-el-api_3.0_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.el.jboss-el-api_3.0_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.enterprise.concurrent.jboss-concurrency-api_1.0_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.enterprise.concurrent.jboss-concurrency-api_1.0_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.faces.jboss-jsf-api_2.3_spec-3.0.0.SP06-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.faces.jboss-jsf-api_2.3_spec-3.0.0.SP06-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.interceptor.jboss-interceptors-api_1.2_spec-2.0.0.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.interceptor.jboss-interceptors-api_1.2_spec-2.0.0.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.jms.jboss-jms-api_2.0_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.jms.jboss-jms-api_2.0_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.management.j2ee.jboss-j2eemgmt-api_1.1_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.management.j2ee.jboss-j2eemgmt-api_1.1_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.resource.jboss-connector-api_1.7_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.resource.jboss-connector-api_1.7_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.security.auth.message.jboss-jaspi-api_1.1_spec-2.0.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.security.auth.message.jboss-jaspi-api_1.1_spec-2.0.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.security.jacc.jboss-jacc-api_1.5_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.security.jacc.jboss-jacc-api_1.5_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.servlet.jboss-servlet-api_4.0_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.servlet.jboss-servlet-api_4.0_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.servlet.jsp.jboss-jsp-api_2.3_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.servlet.jsp.jboss-jsp-api_2.3_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.transaction.jboss-transaction-api_1.3_spec-2.0.0.Final-redhat-00005.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.transaction.jboss-transaction-api_1.3_spec-2.0.0.Final-redhat-00005.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.websocket.jboss-websocket-api_1.1_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.websocket.jboss-websocket-api_1.1_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.ws.rs.jboss-jaxrs-api_2.1_spec-2.0.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.ws.rs.jboss-jaxrs-api_2.1_spec-2.0.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.bind.jboss-jaxb-api_2.3_spec-2.0.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.bind.jboss-jaxb-api_2.3_spec-2.0.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.rpc.jboss-jaxrpc-api_1.1_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.rpc.jboss-jaxrpc-api_1.1_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.soap.jboss-saaj-api_1.3_spec-1.0.6.Final-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.soap.jboss-saaj-api_1.3_spec-1.0.6.Final-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.soap.jboss-saaj-api_1.4_spec-1.0.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.soap.jboss-saaj-api_1.4_spec-1.0.2.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.ws.jboss-jaxws-api_2.3_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.ws.jboss-jaxws-api_2.3_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.staxmapper-1.3.0.Final-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.staxmapper-1.3.0.Final-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.stdio.jboss-stdio-1.1.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.stdio.jboss-stdio-1.1.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.threads.jboss-threads-2.4.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.threads.jboss-threads-2.4.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-ejb-3.1.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-ejb-3.1.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-jsf-3.1.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-jsf-3.1.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-jta-3.1.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-jta-3.1.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-web-3.1.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-web-3.1.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.probe.weld-probe-core-3.1.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.probe.weld-probe-core-3.1.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.weld-api-3.1.0.SP3-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.weld-api-3.1.0.SP3-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.weld-core-impl-3.1.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.weld-core-impl-3.1.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.weld-spi-3.1.0.SP3-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.weld-spi-3.1.0.SP3-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-client-5.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-client-5.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-factories-5.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-factories-5.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-jaspi-5.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-jaspi-5.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-resources-5.4.4.Final-redhat-00001-wildfly2000.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-resources-5.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-server-5.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-server-5.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-transports-udp-5.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-transports-udp-5.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-transports-undertow-5.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-transports-undertow-5.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-api-1.1.2.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-api-1.1.2.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-common-3.3.3.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-common-3.3.3.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-common-tools-1.3.2.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-common-tools-1.3.2.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-spi-3.3.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-spi-3.3.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.projects.jaxws-undertow-httpspi-1.0.1.Final-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.projects.jaxws-undertow-httpspi-1.0.1.Final-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.xnio.netty.netty-xnio-transport-0.1.9.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.xnio.netty.netty-xnio-transport-0.1.9.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.xnio.xnio-api-3.8.7.SP1-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.xnio.xnio-api-3.8.7.SP1-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.xnio.xnio-nio-3.8.7.SP1-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.xnio.xnio-nio-3.8.7.SP1-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jctools.jctools-core-2.1.2.redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jctools.jctools-core-2.1.2.redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jctools.jctools-core-3.1.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jgroups.azure.jgroups-azure-1.3.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jgroups.azure.jgroups-azure-1.3.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jgroups.jgroups-4.2.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jgroups.jgroups-4.2.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jgroups.kubernetes.jgroups-kubernetes-1.0.16.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jgroups.kubernetes.jgroups-kubernetes-1.0.16.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jsoup.jsoup-1.14.2.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.jsoup.jsoup-1.14.2.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.jvnet.staxex.stax-ex-1.8.3.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.jvnet.staxex.stax-ex-1.8.3.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-core-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-core-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-profile-api-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-profile-api-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-saml-api-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-saml-api-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-saml-impl-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-saml-impl-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-security-api-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-security-api-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-security-impl-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-security-impl-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-soap-api-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-soap-api-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-api-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-api-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-impl-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-impl-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-saml-api-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-saml-api-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-saml-impl-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-saml-impl-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xmlsec-api-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xmlsec-api-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xmlsec-impl-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xmlsec-impl-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.ow2.asm.asm-9.1.0.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.ow2.asm.asm-util-9.1.0.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.acl-spi-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.authorization-spi-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.common-spi-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.identity-spi-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.jboss-security-spi-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.jbosssx-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.jbosssx-bare-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-5.0.3.Final-redhat-00009.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-acl-impl-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-bare-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-commons-1.0.0.final-redhat-5.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-commons-1.0.0.final-redhat-5.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-identity-impl-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-infinispan-5.0.3.Final-redhat-00009.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-infinispan-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-spi-bare-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.distribution.picketlink-wildfly8-2.5.5.SP12-redhat-00014.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-api-2.5.5.SP12-redhat-00011.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-api-2.5.5.SP12-redhat-00011.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-common-2.5.5.SP12-redhat-00011.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-common-2.5.5.SP12-redhat-00011.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-config-2.5.5.SP12-redhat-00011.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-config-2.5.5.SP12-redhat-00011.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-federation-2.5.5.SP12-redhat-00011.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-federation-2.5.5.SP12-redhat-00011.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-idm-api-2.5.5.SP12-redhat-00011.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-idm-api-2.5.5.SP12-redhat-00011.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-idm-impl-2.5.5.SP12-redhat-00011.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-idm-impl-2.5.5.SP12-redhat-00011.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-idm-simple-schema-2.5.5.SP12-redhat-00011.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-idm-simple-schema-2.5.5.SP12-redhat-00011.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-impl-2.5.5.SP12-redhat-00011.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-impl-2.5.5.SP12-redhat-00011.pom",
"Red Hat JBoss Enterprise Application Platform :org.projectodd.vdx.vdx-core-1.1.6.redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.projectodd.vdx.vdx-core-1.1.6.redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.projectodd.vdx.vdx-wildfly-1.1.6.redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.projectodd.vdx.vdx-wildfly-1.1.6.redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.reactivestreams.reactive-streams-1.0.3.redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.slf4j.jcl-over-slf4j-1.7.30.redhat-00004.pom",
"Red Hat JBoss Enterprise Application Platform :org.slf4j.slf4j-api-1.7.22.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.slf4j.slf4j-api-1.7.22.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.slf4j.slf4j-api-1.7.30.redhat-00004.pom",
"Red Hat JBoss Enterprise Application Platform :org.slf4j.slf4j-ext-1.7.22.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.slf4j.slf4j-ext-1.7.22.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.client.wildfly-client-config-1.0.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.client.wildfly-client-config-1.0.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.common.wildfly-common-1.5.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.common.wildfly-common-1.5.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-cli-15.0.18.Final-redhat-00001-client.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-cli-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-cli-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-controller-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-controller-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-controller-client-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-controller-client-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-management-client-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-management-client-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-management-subsystem-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-management-subsystem-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-security-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-security-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-security-api-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-security-api-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-deployment-repository-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-deployment-repository-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-deployment-scanner-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-deployment-scanner-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-discovery-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-discovery-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-domain-http-error-context-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-domain-http-error-context-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-domain-http-interface-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-domain-http-interface-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-domain-management-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-domain-management-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-elytron-integration-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-elytron-integration-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-elytron-tool-wrapper-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-elytron-tool-wrapper-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-embedded-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-embedded-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-event-logger-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-event-logger-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-host-controller-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-host-controller-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-io-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-io-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-jmx-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-jmx-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-launcher-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-launcher-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-logging-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-logging-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-management-client-content-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-management-client-content-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-network-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-network-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-patching-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-patching-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-platform-mbean-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-platform-mbean-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-process-controller-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-process-controller-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-protocol-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-protocol-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-remoting-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-remoting-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-request-controller-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-request-controller-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-security-manager-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-security-manager-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-server-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-server-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-threads-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-threads-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-version-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-version-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.discovery.wildfly-discovery-client-1.2.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.discovery.wildfly-discovery-client-1.2.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-java-2.2.3.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-java-2.2.3.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-ppc64le-2.2.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-ppc64le-2.2.2.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel6-x86_64-2.2.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel6-x86_64-2.2.2.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel7-x86_64-2.2.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel7-x86_64-2.2.2.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel8-x86_64-2.2.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel8-x86_64-2.2.2.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel9-x86_64-2.2.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel9-x86_64-2.2.2.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-s390x-2.2.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-s390x-2.2.2.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-windows-x86_64-2.2.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.elytron-web.undertow-server-1.9.2.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.elytron-web.undertow-server-1.9.2.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.elytron-web.undertow-server-servlet-1.9.2.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.elytron-web.undertow-server-servlet-1.9.2.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-asn1-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-asn1-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-audit-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-audit-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-deprecated-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-deprecated-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-http-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-http-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-sasl-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-sasl-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-util-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-util-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-base-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-base-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-client-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-client-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-source-deprecated-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-source-deprecated-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-source-impl-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-source-impl-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-store-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-store-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-digest-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-digest-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-encryption-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-encryption-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-basic-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-basic-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-bearer-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-bearer-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-cert-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-cert-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-deprecated-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-deprecated-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-digest-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-digest-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-external-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-external-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-form-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-form-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-oidc-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-spnego-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-spnego-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-sso-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-sso-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-stateful-basic-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-stateful-basic-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-util-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-util-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-jacc-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-jacc-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-jaspi-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-jaspi-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-jose-jwk-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-jose-util-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-json-util-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-json-util-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-keystore-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-keystore-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-digest-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-digest-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-gssapi-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-gssapi-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-http-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-http-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-oauth2-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-oauth2-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-scram-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-scram-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-password-impl-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-password-impl-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-permission-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-permission-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-provider-util-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-provider-util-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-jdbc-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-jdbc-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-ldap-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-ldap-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-token-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-token-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-anonymous-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-anonymous-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-auth-util-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-auth-util-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-deprecated-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-deprecated-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-digest-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-digest-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-entity-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-entity-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-external-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-external-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-gs2-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-gs2-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-gssapi-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-gssapi-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-localuser-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-localuser-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-oauth2-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-oauth2-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-otp-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-otp-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-plain-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-plain-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-scram-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-scram-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-security-manager-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-security-manager-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-security-manager-action-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-security-manager-action-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-ssl-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-ssl-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-tool-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-tool-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-util-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-util-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-cert-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-cert-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-cert-acme-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-cert-acme-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-cert-util-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-cert-util-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-deprecated-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-deprecated-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-principal-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-principal-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.transaction.wildfly-transaction-client-1.1.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.transaction.wildfly-transaction-client-1.1.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-client-common-1.1.13.SP1-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-client-common-1.1.13.SP1-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-ejb-client-1.1.13.SP1-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-ejb-client-1.1.13.SP1-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-naming-client-1.1.13.SP1-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-naming-client-1.1.13.SP1-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-transaction-client-1.1.13.SP1-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-transaction-client-1.1.13.SP1-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-naming-client-1.0.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-naming-client-1.0.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.yaml.snakeyaml-1.31.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.yaml.snakeyaml-1.31.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :wsdl4j.wsdl4j-1.6.3.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :wsdl4j.wsdl4j-1.6.3.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :xalan.serializer-2.7.1.redhat-00013.jar",
"Red Hat JBoss Enterprise Application Platform :xalan.serializer-2.7.1.redhat-00013.pom",
"Red Hat JBoss Enterprise Application Platform :xalan.xalan-2.7.1.redhat-00013.jar",
"Red Hat JBoss Enterprise Application Platform :xalan.xalan-2.7.1.redhat-00013.pom",
"Red Hat JBoss Enterprise Application Platform :xerces.xercesImpl-2.12.0.SP04-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :xerces.xercesImpl-2.12.0.SP04-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :xml-resolver.xml-resolver-1.2.0.redhat-12.jar",
"Red Hat JBoss Enterprise Application Platform :xml-resolver.xml-resolver-1.2.0.redhat-12.pom",
"Red Hat JBoss Enterprise Application Platform :xom.xom-1.3.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :xom.xom-1.3.7.redhat-00001.pom"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undertow: potential security issue in flow control over HTTP/2 may lead to DOS(incomplete fix for CVE-2021-3629)"
},
{
"cve": "CVE-2022-2053",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2022-06-10T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform :@babel.code-frame-7.0.0",
"Red Hat JBoss Enterprise Application Platform :@babel.core-7.4.5",
"Red Hat JBoss Enterprise Application Platform :@babel.generator-7.4.4",
"Red Hat JBoss Enterprise Application Platform :@babel.helper-function-name-7.1.0",
"Red Hat JBoss Enterprise Application Platform :@babel.helper-get-function-arity-7.0.0",
"Red Hat JBoss Enterprise Application Platform :@babel.helper-split-export-declaration-7.4.4",
"Red Hat JBoss Enterprise Application Platform :@babel.helpers-7.4.4",
"Red Hat JBoss Enterprise Application Platform :@babel.highlight-7.0.0",
"Red Hat JBoss Enterprise Application Platform :@babel.parser-7.4.5",
"Red Hat JBoss Enterprise Application Platform :@babel.template-7.4.4",
"Red Hat JBoss Enterprise Application Platform :@babel.traverse-7.4.5",
"Red Hat JBoss Enterprise Application Platform :@babel.types-7.4.4",
"Red Hat JBoss Enterprise Application Platform :@mrmlnc.readdir-enhanced-2.2.1",
"Red Hat JBoss Enterprise Application Platform :@nodelib.fs.stat-1.1.3",
"Red Hat JBoss Enterprise Application Platform :@types.c3-0.6.0",
"Red Hat JBoss Enterprise Application Platform :@types.d3-4.13.0",
"Red Hat JBoss Enterprise Application Platform :@types.d3-array-1.2.1",
"Red Hat JBoss Enterprise Application Platform :@types.d3-axis-1.0.10",
"Red Hat JBoss Enterprise Application Platform :@types.d3-brush-1.0.8",
"Red Hat JBoss Enterprise Application Platform :@types.d3-chord-1.0.7",
"Red Hat JBoss Enterprise Application Platform :@types.d3-collection-1.0.7",
"Red Hat JBoss Enterprise Application Platform :@types.d3-color-1.2.1",
"Red Hat JBoss Enterprise Application Platform :@types.d3-dispatch-1.0.6",
"Red Hat JBoss Enterprise Application Platform :@types.d3-drag-1.2.1",
"Red Hat JBoss Enterprise Application Platform :@types.d3-dsv-1.0.33",
"Red Hat JBoss Enterprise Application Platform :@types.d3-ease-1.0.7",
"Red Hat JBoss Enterprise Application Platform :@types.d3-force-1.1.1",
"Red Hat JBoss Enterprise Application Platform :@types.d3-format-1.3.0",
"Red Hat JBoss Enterprise Application Platform :@types.d3-geo-1.10.3",
"Red Hat JBoss Enterprise Application Platform :@types.d3-hierarchy-1.1.2",
"Red Hat JBoss Enterprise Application Platform :@types.d3-interpolate-1.2.0",
"Red Hat JBoss Enterprise Application Platform :@types.d3-path-1.0.7",
"Red Hat JBoss Enterprise Application Platform :@types.d3-polygon-1.0.6",
"Red Hat JBoss Enterprise Application Platform :@types.d3-quadtree-1.0.5",
"Red Hat JBoss Enterprise Application Platform :@types.d3-queue-3.0.6",
"Red Hat JBoss Enterprise Application Platform :@types.d3-random-1.1.1",
"Red Hat JBoss Enterprise Application Platform :@types.d3-request-1.0.2",
"Red Hat JBoss Enterprise Application Platform :@types.d3-scale-1.0.13",
"Red Hat JBoss Enterprise Application Platform :@types.d3-selection-1.3.1",
"Red Hat JBoss Enterprise Application Platform :@types.d3-shape-1.2.3",
"Red Hat JBoss Enterprise Application Platform :@types.d3-time-1.0.8",
"Red Hat JBoss Enterprise Application Platform :@types.d3-time-format-2.1.0",
"Red Hat JBoss Enterprise Application Platform :@types.d3-timer-1.0.7",
"Red Hat JBoss Enterprise Application Platform :@types.d3-transition-1.1.1",
"Red Hat JBoss Enterprise Application Platform :@types.d3-voronoi-1.1.7",
"Red Hat JBoss Enterprise Application Platform :@types.d3-zoom-1.7.1",
"Red Hat JBoss Enterprise Application Platform :@types.events-3.0.0",
"Red Hat JBoss Enterprise Application Platform :@types.geojson-7946.0.3",
"Red Hat JBoss Enterprise Application Platform :@types.glob-7.1.1",
"Red Hat JBoss Enterprise Application Platform :@types.minimatch-3.0.3",
"Red Hat JBoss Enterprise Application Platform :@types.node-12.0.10",
"Red Hat JBoss Enterprise Application Platform :@types.unist-2.0.3",
"Red Hat JBoss Enterprise Application Platform :@types.vfile-3.0.2",
"Red Hat JBoss Enterprise Application Platform :@types.vfile-message-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.abab-1.0.4",
"Red Hat JBoss Enterprise Application Platform :None.abbrev-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.abstract-leveldown-6.0.3",
"Red Hat JBoss Enterprise Application Platform :None.ace-builds-1.4.5",
"Red Hat JBoss Enterprise Application Platform :None.acorn-2.7.0",
"Red Hat JBoss Enterprise Application Platform :None.acorn-globals-1.0.9",
"Red Hat JBoss Enterprise Application Platform :None.ajv-6.10.0",
"Red Hat JBoss Enterprise Application Platform :None.amdefine-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.ansi-regex-2.1.1",
"Red Hat JBoss Enterprise Application Platform :None.ansi-regex-4.1.0",
"Red Hat JBoss Enterprise Application Platform :None.ansi-styles-2.2.1",
"Red Hat JBoss Enterprise Application Platform :None.ansi-styles-3.2.1",
"Red Hat JBoss Enterprise Application Platform :None.aproba-1.2.0",
"Red Hat JBoss Enterprise Application Platform :None.are-we-there-yet-1.1.5",
"Red Hat JBoss Enterprise Application Platform :None.argparse-1.0.10",
"Red Hat JBoss Enterprise Application Platform :None.argsarray-0.0.1",
"Red Hat JBoss Enterprise Application Platform :None.arr-diff-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.arr-flatten-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.arr-union-3.1.0",
"Red Hat JBoss Enterprise Application Platform :None.array-each-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.array-find-index-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.array-slice-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.array-union-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.array-uniq-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.array-unique-0.3.2",
"Red Hat JBoss Enterprise Application Platform :None.arrify-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.artemis-service.exe-None",
"Red Hat JBoss Enterprise Application Platform :None.asap-2.0.6",
"Red Hat JBoss Enterprise Application Platform :None.asn1-0.2.4",
"Red Hat JBoss Enterprise Application Platform :None.assert-plus-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.assign-symbols-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.astral-regex-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.async-1.5.2",
"Red Hat JBoss Enterprise Application Platform :None.async-2.6.2",
"Red Hat JBoss Enterprise Application Platform :None.asynckit-0.4.0",
"Red Hat JBoss Enterprise Application Platform :None.atob-2.1.2",
"Red Hat JBoss Enterprise Application Platform :None.autocompleter-4.0.2",
"Red Hat JBoss Enterprise Application Platform :None.autoprefixer-9.6.0",
"Red Hat JBoss Enterprise Application Platform :None.aws-sign2-0.7.0",
"Red Hat JBoss Enterprise Application Platform :None.aws4-1.8.0",
"Red Hat JBoss Enterprise Application Platform :None.babel-code-frame-6.26.0",
"Red Hat JBoss Enterprise Application Platform :None.babel-generator-6.26.1",
"Red Hat JBoss Enterprise Application Platform :None.babel-messages-6.23.0",
"Red Hat JBoss Enterprise Application Platform :None.babel-runtime-6.26.0",
"Red Hat JBoss Enterprise Application Platform :None.babel-traverse-6.26.0",
"Red Hat JBoss Enterprise Application Platform :None.babel-types-6.26.0",
"Red Hat JBoss Enterprise Application Platform :None.babylon-6.18.0",
"Red Hat JBoss Enterprise Application Platform :None.bail-1.0.4",
"Red Hat JBoss Enterprise Application Platform :None.balanced-match-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.base-0.11.2",
"Red Hat JBoss Enterprise Application Platform :None.bcrypt-pbkdf-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.body-5.1.0",
"Red Hat JBoss Enterprise Application Platform :None.boolbase-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-3.3.7",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-3.4.1",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-datepicker-1.8.0",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-datepicker-1.9.0",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-sass-3.4.1",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-select-1.12.2",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-select-1.13.10",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-slider-10.6.1",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-slider-9.10.0",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-switch-3.3.4",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-switch-3.3.5",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-touchspin-3.1.1",
"Red Hat JBoss Enterprise Application Platform :None.brace-expansion-1.1.11",
"Red Hat JBoss Enterprise Application Platform :None.braces-2.3.2",
"Red Hat JBoss Enterprise Application Platform :None.braces-3.0.2",
"Red Hat JBoss Enterprise Application Platform :None.browserslist-4.6.3",
"Red Hat JBoss Enterprise Application Platform :None.buffer-from-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.bytes-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.c3-0.4.23",
"Red Hat JBoss Enterprise Application Platform :None.c3-0.7.1",
"Red Hat JBoss Enterprise Application Platform :None.cache-base-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.call-me-maybe-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.caller-callsite-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.caller-path-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.callsites-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.camelcase-2.1.1",
"Red Hat JBoss Enterprise Application Platform :None.camelcase-4.1.0",
"Red Hat JBoss Enterprise Application Platform :None.camelcase-keys-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.camelcase-keys-4.2.0",
"Red Hat JBoss Enterprise Application Platform :None.caniuse-lite-1.0.30000978",
"Red Hat JBoss Enterprise Application Platform :None.caseless-0.12.0",
"Red Hat JBoss Enterprise Application Platform :None.ccount-1.0.4",
"Red Hat JBoss Enterprise Application Platform :None.chalk-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.chalk-2.4.2",
"Red Hat JBoss Enterprise Application Platform :None.character-entities-1.2.3",
"Red Hat JBoss Enterprise Application Platform :None.character-entities-html4-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.character-entities-legacy-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.character-reference-invalid-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.cheerio-0.20.0",
"Red Hat JBoss Enterprise Application Platform :None.cheerio-1.0.0-rc.2",
"Red Hat JBoss Enterprise Application Platform :None.chownr-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.class-utils-0.3.6",
"Red Hat JBoss Enterprise Application Platform :None.clean-css-4.2.1",
"Red Hat JBoss Enterprise Application Platform :None.clipboard-2.0.11",
"Red Hat JBoss Enterprise Application Platform :None.clone-2.1.2",
"Red Hat JBoss Enterprise Application Platform :None.clone-buffer-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.clone-regexp-2.2.0",
"Red Hat JBoss Enterprise Application Platform :None.code-point-at-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.coffeescript-1.10.0",
"Red Hat JBoss Enterprise Application Platform :None.collapse-white-space-1.0.5",
"Red Hat JBoss Enterprise Application Platform :None.collection-visit-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.color-convert-1.9.3",
"Red Hat JBoss Enterprise Application Platform :None.color-logger-0.0.3",
"Red Hat JBoss Enterprise Application Platform :None.color-logger-0.0.6",
"Red Hat JBoss Enterprise Application Platform :None.color-name-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.colors-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.combined-stream-1.0.8",
"Red Hat JBoss Enterprise Application Platform :None.commander-2.20.0",
"Red Hat JBoss Enterprise Application Platform :None.component-emitter-1.3.0",
"Red Hat JBoss Enterprise Application Platform :None.concat-map-0.0.1",
"Red Hat JBoss Enterprise Application Platform :None.console-control-strings-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.continuable-cache-0.3.1",
"Red Hat JBoss Enterprise Application Platform :None.convert-source-map-1.6.0",
"Red Hat JBoss Enterprise Application Platform :None.copy-descriptor-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.core-js-0.9.18",
"Red Hat JBoss Enterprise Application Platform :None.core-js-2.6.9",
"Red Hat JBoss Enterprise Application Platform :None.core-util-is-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.cosmiconfig-5.2.1",
"Red Hat JBoss Enterprise Application Platform :None.css-2.2.4",
"Red Hat JBoss Enterprise Application Platform :None.css-parse-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.css-select-1.2.0",
"Red Hat JBoss Enterprise Application Platform :None.css-unit-converter-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.css-what-2.1.3",
"Red Hat JBoss Enterprise Application Platform :None.cssom-0.3.6",
"Red Hat JBoss Enterprise Application Platform :None.cssstyle-0.2.37",
"Red Hat JBoss Enterprise Application Platform :None.currently-unhandled-0.4.1",
"Red Hat JBoss Enterprise Application Platform :None.d3-3.5.17",
"Red Hat JBoss Enterprise Application Platform :None.d3-5.9.2",
"Red Hat JBoss Enterprise Application Platform :None.d3-array-1.2.4",
"Red Hat JBoss Enterprise Application Platform :None.d3-axis-1.0.12",
"Red Hat JBoss Enterprise Application Platform :None.d3-brush-1.0.6",
"Red Hat JBoss Enterprise Application Platform :None.d3-chord-1.0.6",
"Red Hat JBoss Enterprise Application Platform :None.d3-collection-1.0.7",
"Red Hat JBoss Enterprise Application Platform :None.d3-color-1.2.3",
"Red Hat JBoss Enterprise Application Platform :None.d3-contour-1.3.2",
"Red Hat JBoss Enterprise Application Platform :None.d3-dispatch-1.0.5",
"Red Hat JBoss Enterprise Application Platform :None.d3-drag-1.2.3",
"Red Hat JBoss Enterprise Application Platform :None.d3-dsv-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.d3-ease-1.0.5",
"Red Hat JBoss Enterprise Application Platform :None.d3-fetch-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.d3-force-1.2.1",
"Red Hat JBoss Enterprise Application Platform :None.d3-format-1.3.2",
"Red Hat JBoss Enterprise Application Platform :None.d3-geo-1.11.6",
"Red Hat JBoss Enterprise Application Platform :None.d3-hierarchy-1.1.8",
"Red Hat JBoss Enterprise Application Platform :None.d3-interpolate-1.3.2",
"Red Hat JBoss Enterprise Application Platform :None.d3-path-1.0.7",
"Red Hat JBoss Enterprise Application Platform :None.d3-polygon-1.0.5",
"Red Hat JBoss Enterprise Application Platform :None.d3-quadtree-1.0.6",
"Red Hat JBoss Enterprise Application Platform :None.d3-random-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.d3-scale-2.2.2",
"Red Hat JBoss Enterprise Application Platform :None.d3-scale-chromatic-1.3.3",
"Red Hat JBoss Enterprise Application Platform :None.d3-selection-1.4.0",
"Red Hat JBoss Enterprise Application Platform :None.d3-shape-1.3.5",
"Red Hat JBoss Enterprise Application Platform :None.d3-time-1.0.11",
"Red Hat JBoss Enterprise Application Platform :None.d3-time-format-2.1.3",
"Red Hat JBoss Enterprise Application Platform :None.d3-timer-1.0.9",
"Red Hat JBoss Enterprise Application Platform :None.d3-transition-1.2.0",
"Red Hat JBoss Enterprise Application Platform :None.d3-voronoi-1.1.4",
"Red Hat JBoss Enterprise Application Platform :None.d3-zoom-1.7.3",
"Red Hat JBoss Enterprise Application Platform :None.dashdash-1.14.1",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-1.10.16",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-1.10.19",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-bs-1.10.16",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-buttons-1.5.6",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-colreorder-1.4.1",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-colreorder-bs-1.3.3",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-keytable-2.5.0",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-select-1.2.7",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-select-1.3.0",
"Red Hat JBoss Enterprise Application Platform :None.dateformat-1.0.12",
"Red Hat JBoss Enterprise Application Platform :None.debug-2.6.9",
"Red Hat JBoss Enterprise Application Platform :None.debug-3.2.6",
"Red Hat JBoss Enterprise Application Platform :None.debug-4.1.1",
"Red Hat JBoss Enterprise Application Platform :None.decamelize-1.2.0",
"Red Hat JBoss Enterprise Application Platform :None.decamelize-keys-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.decode-uri-component-0.2.0",
"Red Hat JBoss Enterprise Application Platform :None.deep-is-0.1.3",
"Red Hat JBoss Enterprise Application Platform :None.deferred-leveldown-5.0.1",
"Red Hat JBoss Enterprise Application Platform :None.define-property-0.2.5",
"Red Hat JBoss Enterprise Application Platform :None.define-property-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.define-property-2.0.2",
"Red Hat JBoss Enterprise Application Platform :None.delayed-stream-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.delegate-3.2.0",
"Red Hat JBoss Enterprise Application Platform :None.delegates-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.detect-file-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.detect-indent-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.diff-3.5.0",
"Red Hat JBoss Enterprise Application Platform :None.dir-glob-2.2.2",
"Red Hat JBoss Enterprise Application Platform :None.dom-serializer-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.domelementtype-1.3.1",
"Red Hat JBoss Enterprise Application Platform :None.domhandler-2.3.0",
"Red Hat JBoss Enterprise Application Platform :None.domhandler-2.4.2",
"Red Hat JBoss Enterprise Application Platform :None.domutils-1.5.1",
"Red Hat JBoss Enterprise Application Platform :None.dot-prop-4.2.0",
"Red Hat JBoss Enterprise Application Platform :None.double-ended-queue-2.1.0-0",
"Red Hat JBoss Enterprise Application Platform :None.drmonty-datatables-colvis-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.duplexer-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.ecc-jsbn-0.1.2",
"Red Hat JBoss Enterprise Application Platform :None.electron-to-chromium-1.3.174",
"Red Hat JBoss Enterprise Application Platform :None.emoji-regex-7.0.3",
"Red Hat JBoss Enterprise Application Platform :None.emoji-regex-8.0.0",
"Red Hat JBoss Enterprise Application Platform :None.encoding-down-6.1.0",
"Red Hat JBoss Enterprise Application Platform :None.end-stream-0.1.0",
"Red Hat JBoss Enterprise Application Platform :None.entities-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.entities-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.env-paths-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.eonasdan-bootstrap-datetimepicker-4.17.47",
"Red Hat JBoss Enterprise Application Platform :None.errno-0.1.7",
"Red Hat JBoss Enterprise Application Platform :None.error-7.0.2",
"Red Hat JBoss Enterprise Application Platform :None.error-ex-1.3.2",
"Red Hat JBoss Enterprise Application Platform :None.es6-denodeify-0.1.5",
"Red Hat JBoss Enterprise Application Platform :None.escape-html-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.escape-html-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.escape-string-regexp-1.0.5",
"Red Hat JBoss Enterprise Application Platform :None.escodegen-1.11.1",
"Red Hat JBoss Enterprise Application Platform :None.escodegen-1.7.0",
"Red Hat JBoss Enterprise Application Platform :None.esdoc-0.4.8",
"Red Hat JBoss Enterprise Application Platform :None.esdoc-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.espree-2.2.0",
"Red Hat JBoss Enterprise Application Platform :None.esprima-1.2.5",
"Red Hat JBoss Enterprise Application Platform :None.esprima-3.1.3",
"Red Hat JBoss Enterprise Application Platform :None.esprima-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.estraverse-1.9.3",
"Red Hat JBoss Enterprise Application Platform :None.estraverse-4.1.0",
"Red Hat JBoss Enterprise Application Platform :None.estraverse-4.2.0",
"Red Hat JBoss Enterprise Application Platform :None.esutils-2.0.2",
"Red Hat JBoss Enterprise Application Platform :None.eventemitter2-0.4.14",
"Red Hat JBoss Enterprise Application Platform :None.execall-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.exit-0.1.2",
"Red Hat JBoss Enterprise Application Platform :None.expand-brackets-2.1.4",
"Red Hat JBoss Enterprise Application Platform :None.expand-tilde-2.0.2",
"Red Hat JBoss Enterprise Application Platform :None.extend-3.0.2",
"Red Hat JBoss Enterprise Application Platform :None.extend-shallow-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.extend-shallow-3.0.2",
"Red Hat JBoss Enterprise Application Platform :None.extglob-2.0.4",
"Red Hat JBoss Enterprise Application Platform :None.extsprintf-1.3.0",
"Red Hat JBoss Enterprise Application Platform :None.fast-deep-equal-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.fast-future-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.fast-glob-2.2.7",
"Red Hat JBoss Enterprise Application Platform :None.fast-json-stable-stringify-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.fast-levenshtein-1.0.7",
"Red Hat JBoss Enterprise Application Platform :None.fast-levenshtein-2.0.6",
"Red Hat JBoss Enterprise Application Platform :None.faye-websocket-0.10.0",
"Red Hat JBoss Enterprise Application Platform :None.fetch-cookie-0.7.0",
"Red Hat JBoss Enterprise Application Platform :None.figures-1.7.0",
"Red Hat JBoss Enterprise Application Platform :None.file-entry-cache-5.0.1",
"Red Hat JBoss Enterprise Application Platform :None.file-sync-cmp-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.fill-range-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.fill-range-7.0.1",
"Red Hat JBoss Enterprise Application Platform :None.find-up-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.find-up-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.findup-sync-0.3.0",
"Red Hat JBoss Enterprise Application Platform :None.findup-sync-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.fined-1.2.0",
"Red Hat JBoss Enterprise Application Platform :None.flagged-respawn-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.flat-cache-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.flatted-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.font-awesome-4.7.0",
"Red Hat JBoss Enterprise Application Platform :None.font-awesome-sass-4.7.0",
"Red Hat JBoss Enterprise Application Platform :None.for-in-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.for-own-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.forever-agent-0.6.1",
"Red Hat JBoss Enterprise Application Platform :None.form-data-2.3.3",
"Red Hat JBoss Enterprise Application Platform :None.fragment-cache-0.2.1",
"Red Hat JBoss Enterprise Application Platform :None.fs-extra-0.26.5",
"Red Hat JBoss Enterprise Application Platform :None.fs-extra-5.0.0",
"Red Hat JBoss Enterprise Application Platform :None.fs-minipass-1.2.6",
"Red Hat JBoss Enterprise Application Platform :None.fs.realpath-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.gauge-2.7.4",
"Red Hat JBoss Enterprise Application Platform :None.gaze-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.get-stdin-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.get-stdin-7.0.0",
"Red Hat JBoss Enterprise Application Platform :None.get-value-2.0.6",
"Red Hat JBoss Enterprise Application Platform :None.getobject-0.1.0",
"Red Hat JBoss Enterprise Application Platform :None.getpass-0.1.7",
"Red Hat JBoss Enterprise Application Platform :None.glob-5.0.15",
"Red Hat JBoss Enterprise Application Platform :None.glob-7.0.6",
"Red Hat JBoss Enterprise Application Platform :None.glob-7.1.4",
"Red Hat JBoss Enterprise Application Platform :None.glob-parent-3.1.0",
"Red Hat JBoss Enterprise Application Platform :None.glob-to-regexp-0.3.0",
"Red Hat JBoss Enterprise Application Platform :None.global-modules-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.global-modules-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.global-prefix-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.global-prefix-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.globals-11.12.0",
"Red Hat JBoss Enterprise Application Platform :None.globals-9.18.0",
"Red Hat JBoss Enterprise Application Platform :None.globby-9.2.0",
"Red Hat JBoss Enterprise Application Platform :None.globjoin-0.1.4",
"Red Hat JBoss Enterprise Application Platform :None.globule-1.2.1",
"Red Hat JBoss Enterprise Application Platform :None.gonzales-pe-4.2.4",
"Red Hat JBoss Enterprise Application Platform :None.good-listener-1.2.2",
"Red Hat JBoss Enterprise Application Platform :None.google-code-prettify-1.0.5",
"Red Hat JBoss Enterprise Application Platform :None.graceful-fs-4.1.15",
"Red Hat JBoss Enterprise Application Platform :None.grunt-1.0.4",
"Red Hat JBoss Enterprise Application Platform :None.grunt-cli-1.2.0",
"Red Hat JBoss Enterprise Application Platform :None.grunt-cli-1.3.2",
"Red Hat JBoss Enterprise Application Platform :None.grunt-contrib-clean-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.grunt-contrib-concat-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.grunt-contrib-copy-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.grunt-contrib-cssmin-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.grunt-contrib-less-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.grunt-contrib-watch-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.grunt-css-count-0.3.2",
"Red Hat JBoss Enterprise Application Platform :None.grunt-esdoc-0.0.4",
"Red Hat JBoss Enterprise Application Platform :None.grunt-known-options-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.grunt-legacy-log-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.grunt-legacy-log-utils-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.grunt-legacy-util-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.grunt-postcss-0.9.0",
"Red Hat JBoss Enterprise Application Platform :None.grunt-stylelint-0.11.0",
"Red Hat JBoss Enterprise Application Platform :None.gzip-size-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.har-schema-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.har-validator-5.1.3",
"Red Hat JBoss Enterprise Application Platform :None.has-ansi-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.has-flag-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.has-unicode-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.has-value-0.3.1",
"Red Hat JBoss Enterprise Application Platform :None.has-value-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.has-values-0.1.4",
"Red Hat JBoss Enterprise Application Platform :None.has-values-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.homedir-polyfill-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.hooker-0.2.3",
"Red Hat JBoss Enterprise Application Platform :None.hosted-git-info-2.7.1",
"Red Hat JBoss Enterprise Application Platform :None.html-tags-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.htmlparser2-3.10.1",
"Red Hat JBoss Enterprise Application Platform :None.htmlparser2-3.8.3",
"Red Hat JBoss Enterprise Application Platform :None.http-parser-js-0.4.10",
"Red Hat JBoss Enterprise Application Platform :None.http-signature-1.2.0",
"Red Hat JBoss Enterprise Application Platform :None.ice-cap-0.0.4",
"Red Hat JBoss Enterprise Application Platform :None.iconv-lite-0.4.24",
"Red Hat JBoss Enterprise Application Platform :None.ignore-4.0.6",
"Red Hat JBoss Enterprise Application Platform :None.ignore-5.1.2",
"Red Hat JBoss Enterprise Application Platform :None.image-size-0.5.5",
"Red Hat JBoss Enterprise Application Platform :None.immediate-3.0.6",
"Red Hat JBoss Enterprise Application Platform :None.immediate-3.2.3",
"Red Hat JBoss Enterprise Application Platform :None.import-fresh-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.import-lazy-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.imurmurhash-0.1.4",
"Red Hat JBoss Enterprise Application Platform :None.indent-string-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.indent-string-3.2.0",
"Red Hat JBoss Enterprise Application Platform :None.indexes-of-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.inflight-1.0.6",
"Red Hat JBoss Enterprise Application Platform :None.inherits-2.0.3",
"Red Hat JBoss Enterprise Application Platform :None.ini-1.3.5",
"Red Hat JBoss Enterprise Application Platform :None.interpret-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.invariant-2.2.4",
"Red Hat JBoss Enterprise Application Platform :None.is-absolute-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-accessor-descriptor-0.1.6",
"Red Hat JBoss Enterprise Application Platform :None.is-accessor-descriptor-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-alphabetical-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.is-alphanumeric-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-alphanumerical-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.is-arrayish-0.2.1",
"Red Hat JBoss Enterprise Application Platform :None.is-buffer-1.1.6",
"Red Hat JBoss Enterprise Application Platform :None.is-buffer-2.0.3",
"Red Hat JBoss Enterprise Application Platform :None.is-data-descriptor-0.1.4",
"Red Hat JBoss Enterprise Application Platform :None.is-data-descriptor-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-decimal-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.is-descriptor-0.1.6",
"Red Hat JBoss Enterprise Application Platform :None.is-descriptor-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.is-directory-0.3.1",
"Red Hat JBoss Enterprise Application Platform :None.is-extendable-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.is-extendable-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.is-extglob-2.1.1",
"Red Hat JBoss Enterprise Application Platform :None.is-finite-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.is-fullwidth-code-point-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-fullwidth-code-point-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-fullwidth-code-point-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-glob-3.1.0",
"Red Hat JBoss Enterprise Application Platform :None.is-glob-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.is-hexadecimal-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.is-number-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-number-7.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-obj-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.is-plain-obj-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.is-plain-object-2.0.4",
"Red Hat JBoss Enterprise Application Platform :None.is-regexp-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.is-relative-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-typedarray-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-unc-path-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-utf8-0.2.1",
"Red Hat JBoss Enterprise Application Platform :None.is-whitespace-character-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.is-windows-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.is-word-character-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.isarray-0.0.1",
"Red Hat JBoss Enterprise Application Platform :None.isarray-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.isexe-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.isobject-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.isobject-3.0.1",
"Red Hat JBoss Enterprise Application Platform :None.isstream-0.1.2",
"Red Hat JBoss Enterprise Application Platform :None.jansi.dll-None",
"Red Hat JBoss Enterprise Application Platform :None.jboss-eap-7.4.7-runtime-maven-repository.zip-None",
"Red Hat JBoss Enterprise Application Platform :None.jquery-3.2.1",
"Red Hat JBoss Enterprise Application Platform :None.jquery-3.4.1",
"Red Hat JBoss Enterprise Application Platform :None.jquery-match-height-0.7.2",
"Red Hat JBoss Enterprise Application Platform :None.js-cookie-2.2.0",
"Red Hat JBoss Enterprise Application Platform :None.js-tokens-3.0.2",
"Red Hat JBoss Enterprise Application Platform :None.js-tokens-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.js-yaml-3.13.1",
"Red Hat JBoss Enterprise Application Platform :None.jsbn-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.jsdom-7.2.2",
"Red Hat JBoss Enterprise Application Platform :None.jsesc-1.3.0",
"Red Hat JBoss Enterprise Application Platform :None.jsesc-2.5.2",
"Red Hat JBoss Enterprise Application Platform :None.json-parse-better-errors-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.json-schema-0.2.3",
"Red Hat JBoss Enterprise Application Platform :None.json-schema-traverse-0.4.1",
"Red Hat JBoss Enterprise Application Platform :None.json-stringify-safe-5.0.1",
"Red Hat JBoss Enterprise Application Platform :None.json5-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.jsonfile-2.4.0",
"Red Hat JBoss Enterprise Application Platform :None.jsonfile-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.jsprim-1.4.1",
"Red Hat JBoss Enterprise Application Platform :None.jstree-3.3.8",
"Red Hat JBoss Enterprise Application Platform :None.kind-of-3.2.2",
"Red Hat JBoss Enterprise Application Platform :None.kind-of-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.kind-of-5.1.0",
"Red Hat JBoss Enterprise Application Platform :None.kind-of-6.0.2",
"Red Hat JBoss Enterprise Application Platform :None.klaw-1.3.1",
"Red Hat JBoss Enterprise Application Platform :None.known-css-properties-0.14.0",
"Red Hat JBoss Enterprise Application Platform :None.less-3.9.0",
"Red Hat JBoss Enterprise Application Platform :None.level-5.0.1",
"Red Hat JBoss Enterprise Application Platform :None.level-codec-9.0.1",
"Red Hat JBoss Enterprise Application Platform :None.level-concat-iterator-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.level-errors-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.level-iterator-stream-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.level-js-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.level-packager-5.0.2",
"Red Hat JBoss Enterprise Application Platform :None.level-write-stream-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.leveldown-5.0.2",
"Red Hat JBoss Enterprise Application Platform :None.levelup-4.0.2",
"Red Hat JBoss Enterprise Application Platform :None.leven-3.1.0",
"Red Hat JBoss Enterprise Application Platform :None.levn-0.2.5",
"Red Hat JBoss Enterprise Application Platform :None.levn-0.3.0",
"Red Hat JBoss Enterprise Application Platform :None.libjansi.so-None",
"Red Hat JBoss Enterprise Application Platform :None.libnetty_transport_native_epoll_x86_64.so-None",
"Red Hat JBoss Enterprise Application Platform :None.liftoff-2.5.0",
"Red Hat JBoss Enterprise Application Platform :None.livereload-js-2.4.0",
"Red Hat JBoss Enterprise Application Platform :None.load-json-file-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.load-json-file-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.locate-path-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.lodash-4.17.11",
"Red Hat JBoss Enterprise Application Platform :None.log-symbols-2.2.0",
"Red Hat JBoss Enterprise Application Platform :None.log-symbols-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.longest-streak-2.0.3",
"Red Hat JBoss Enterprise Application Platform :None.loose-envify-1.4.0",
"Red Hat JBoss Enterprise Application Platform :None.loud-rejection-1.6.0",
"Red Hat JBoss Enterprise Application Platform :None.ltgt-2.2.1",
"Red Hat JBoss Enterprise Application Platform :None.make-iterator-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.map-cache-0.2.2",
"Red Hat JBoss Enterprise Application Platform :None.map-obj-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.map-obj-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.map-visit-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.markdown-escapes-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.markdown-table-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.marked-0.3.19",
"Red Hat JBoss Enterprise Application Platform :None.marked-0.3.5",
"Red Hat JBoss Enterprise Application Platform :None.marked-0.7.0",
"Red Hat JBoss Enterprise Application Platform :None.matchdep-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.mathml-tag-names-2.1.1",
"Red Hat JBoss Enterprise Application Platform :None.maxmin-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.mdast-util-compact-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.meow-3.7.0",
"Red Hat JBoss Enterprise Application Platform :None.meow-5.0.0",
"Red Hat JBoss Enterprise Application Platform :None.merge2-1.2.3",
"Red Hat JBoss Enterprise Application Platform :None.micromatch-3.1.10",
"Red Hat JBoss Enterprise Application Platform :None.micromatch-4.0.2",
"Red Hat JBoss Enterprise Application Platform :None.mime-1.6.0",
"Red Hat JBoss Enterprise Application Platform :None.mime-db-1.40.0",
"Red Hat JBoss Enterprise Application Platform :None.mime-types-2.1.24",
"Red Hat JBoss Enterprise Application Platform :None.minimatch-3.0.4",
"Red Hat JBoss Enterprise Application Platform :None.minimist-0.0.8",
"Red Hat JBoss Enterprise Application Platform :None.minimist-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.minimist-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.minimist-1.2.6",
"Red Hat JBoss Enterprise Application Platform :None.minimist-options-3.0.2",
"Red Hat JBoss Enterprise Application Platform :None.minipass-2.3.5",
"Red Hat JBoss Enterprise Application Platform :None.minizlib-1.2.1",
"Red Hat JBoss Enterprise Application Platform :None.mixin-deep-1.3.2",
"Red Hat JBoss Enterprise Application Platform :None.mkdirp-0.5.1",
"Red Hat JBoss Enterprise Application Platform :None.moment-2.29.4",
"Red Hat JBoss Enterprise Application Platform :None.moment-timezone-0.4.1",
"Red Hat JBoss Enterprise Application Platform :None.ms-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.ms-2.1.2",
"Red Hat JBoss Enterprise Application Platform :None.nanomatch-1.2.13",
"Red Hat JBoss Enterprise Application Platform :None.napi-macros-1.8.2",
"Red Hat JBoss Enterprise Application Platform :None.node-fetch-2.4.1",
"Red Hat JBoss Enterprise Application Platform :None.node-gyp-5.0.1",
"Red Hat JBoss Enterprise Application Platform :None.node-gyp-build-3.8.0",
"Red Hat JBoss Enterprise Application Platform :None.node-releases-1.1.23",
"Red Hat JBoss Enterprise Application Platform :None.nopt-3.0.6",
"Red Hat JBoss Enterprise Application Platform :None.nopt-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.normalize-package-data-2.5.0",
"Red Hat JBoss Enterprise Application Platform :None.normalize-range-0.1.2",
"Red Hat JBoss Enterprise Application Platform :None.normalize-selector-0.2.0",
"Red Hat JBoss Enterprise Application Platform :None.npmlog-4.1.2",
"Red Hat JBoss Enterprise Application Platform :None.nth-check-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.num2fraction-1.2.2",
"Red Hat JBoss Enterprise Application Platform :None.number-is-nan-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.nwmatcher-1.4.4",
"Red Hat JBoss Enterprise Application Platform :None.oauth-sign-0.9.0",
"Red Hat JBoss Enterprise Application Platform :None.object-assign-4.1.1",
"Red Hat JBoss Enterprise Application Platform :None.object-copy-0.1.0",
"Red Hat JBoss Enterprise Application Platform :None.object-visit-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.object.defaults-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.object.map-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.object.pick-1.3.0",
"Red Hat JBoss Enterprise Application Platform :None.once-1.4.0",
"Red Hat JBoss Enterprise Application Platform :None.opencollective-postinstall-2.0.2",
"Red Hat JBoss Enterprise Application Platform :None.optionator-0.5.0",
"Red Hat JBoss Enterprise Application Platform :None.optionator-0.8.2",
"Red Hat JBoss Enterprise Application Platform :None.os-homedir-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.os-tmpdir-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.osenv-0.1.5",
"Red Hat JBoss Enterprise Application Platform :None.p-limit-1.3.0",
"Red Hat JBoss Enterprise Application Platform :None.p-locate-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.p-try-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.parse-entities-1.2.2",
"Red Hat JBoss Enterprise Application Platform :None.parse-filepath-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.parse-json-2.2.0",
"Red Hat JBoss Enterprise Application Platform :None.parse-json-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.parse-passwd-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.parse5-1.5.1",
"Red Hat JBoss Enterprise Application Platform :None.parse5-3.0.3",
"Red Hat JBoss Enterprise Application Platform :None.pascalcase-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.path-dirname-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.path-exists-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.path-exists-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.path-is-absolute-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.path-parse-1.0.6",
"Red Hat JBoss Enterprise Application Platform :None.path-root-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.path-root-regex-0.1.2",
"Red Hat JBoss Enterprise Application Platform :None.path-type-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.path-type-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.patternfly-3.59.2",
"Red Hat JBoss Enterprise Application Platform :None.patternfly-bootstrap-combobox-1.1.7",
"Red Hat JBoss Enterprise Application Platform :None.patternfly-bootstrap-treeview-2.1.5",
"Red Hat JBoss Enterprise Application Platform :None.performance-now-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.picomatch-2.0.7",
"Red Hat JBoss Enterprise Application Platform :None.pify-2.3.0",
"Red Hat JBoss Enterprise Application Platform :None.pify-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.pify-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.pinkie-2.0.4",
"Red Hat JBoss Enterprise Application Platform :None.pinkie-promise-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.pixrem-5.0.0",
"Red Hat JBoss Enterprise Application Platform :None.pom.xml-None",
"Red Hat JBoss Enterprise Application Platform :None.posix-character-classes-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.postcss-6.0.23",
"Red Hat JBoss Enterprise Application Platform :None.postcss-7.0.17",
"Red Hat JBoss Enterprise Application Platform :None.postcss-html-0.36.0",
"Red Hat JBoss Enterprise Application Platform :None.postcss-jsx-0.36.1",
"Red Hat JBoss Enterprise Application Platform :None.postcss-less-3.1.4",
"Red Hat JBoss Enterprise Application Platform :None.postcss-markdown-0.36.0",
"Red Hat JBoss Enterprise Application Platform :None.postcss-media-query-parser-0.2.3",
"Red Hat JBoss Enterprise Application Platform :None.postcss-reporter-6.0.1",
"Red Hat JBoss Enterprise Application Platform :None.postcss-resolve-nested-selector-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.postcss-safe-parser-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.postcss-sass-0.3.5",
"Red Hat JBoss Enterprise Application Platform :None.postcss-scss-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.postcss-selector-parser-3.1.1",
"Red Hat JBoss Enterprise Application Platform :None.postcss-syntax-0.36.2",
"Red Hat JBoss Enterprise Application Platform :None.postcss-value-parser-3.3.1",
"Red Hat JBoss Enterprise Application Platform :None.pouchdb-7.1.1",
"Red Hat JBoss Enterprise Application Platform :None.prelude-ls-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.pretty-bytes-3.0.1",
"Red Hat JBoss Enterprise Application Platform :None.process-nextick-args-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.promise-7.3.1",
"Red Hat JBoss Enterprise Application Platform :None.promise-polyfill-8.1.3",
"Red Hat JBoss Enterprise Application Platform :None.prr-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.psl-1.1.33",
"Red Hat JBoss Enterprise Application Platform :None.punycode-1.4.1",
"Red Hat JBoss Enterprise Application Platform :None.punycode-2.1.1",
"Red Hat JBoss Enterprise Application Platform :None.qs-6.5.2",
"Red Hat JBoss Enterprise Application Platform :None.quick-lru-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.raw-body-1.1.7",
"Red Hat JBoss Enterprise Application Platform :None.read-pkg-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.read-pkg-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.read-pkg-up-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.read-pkg-up-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.readable-stream-0.0.4",
"Red Hat JBoss Enterprise Application Platform :None.readable-stream-1.0.33",
"Red Hat JBoss Enterprise Application Platform :None.readable-stream-1.1.14",
"Red Hat JBoss Enterprise Application Platform :None.readable-stream-2.3.6",
"Red Hat JBoss Enterprise Application Platform :None.readable-stream-3.4.0",
"Red Hat JBoss Enterprise Application Platform :None.rechoir-0.6.2",
"Red Hat JBoss Enterprise Application Platform :None.redent-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.redent-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.reduce-css-calc-2.1.6",
"Red Hat JBoss Enterprise Application Platform :None.regenerator-runtime-0.11.1",
"Red Hat JBoss Enterprise Application Platform :None.regex-not-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.remark-10.0.1",
"Red Hat JBoss Enterprise Application Platform :None.remark-parse-6.0.3",
"Red Hat JBoss Enterprise Application Platform :None.remark-stringify-6.0.4",
"Red Hat JBoss Enterprise Application Platform :None.repeat-element-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.repeat-string-1.6.1",
"Red Hat JBoss Enterprise Application Platform :None.repeating-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.replace-ext-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.request-2.88.0",
"Red Hat JBoss Enterprise Application Platform :None.resolve-1.1.7",
"Red Hat JBoss Enterprise Application Platform :None.resolve-1.11.1",
"Red Hat JBoss Enterprise Application Platform :None.resolve-dir-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.resolve-from-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.resolve-from-5.0.0",
"Red Hat JBoss Enterprise Application Platform :None.resolve-url-0.2.1",
"Red Hat JBoss Enterprise Application Platform :None.ret-0.1.15",
"Red Hat JBoss Enterprise Application Platform :None.rimraf-2.6.3",
"Red Hat JBoss Enterprise Application Platform :None.rw-1.3.3",
"Red Hat JBoss Enterprise Application Platform :None.safe-buffer-5.1.2",
"Red Hat JBoss Enterprise Application Platform :None.safe-json-parse-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.safe-regex-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.safer-buffer-2.1.2",
"Red Hat JBoss Enterprise Application Platform :None.sax-1.2.4",
"Red Hat JBoss Enterprise Application Platform :None.select-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.semver-5.3.0",
"Red Hat JBoss Enterprise Application Platform :None.semver-5.7.0",
"Red Hat JBoss Enterprise Application Platform :None.set-blocking-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.set-value-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.signal-exit-3.0.2",
"Red Hat JBoss Enterprise Application Platform :None.slash-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.slash-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.slice-ansi-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.snapdragon-0.8.2",
"Red Hat JBoss Enterprise Application Platform :None.snapdragon-node-2.1.1",
"Red Hat JBoss Enterprise Application Platform :None.snapdragon-util-3.0.1",
"Red Hat JBoss Enterprise Application Platform :None.source-map-0.2.0",
"Red Hat JBoss Enterprise Application Platform :None.source-map-0.5.7",
"Red Hat JBoss Enterprise Application Platform :None.source-map-0.6.1",
"Red Hat JBoss Enterprise Application Platform :None.source-map-resolve-0.5.2",
"Red Hat JBoss Enterprise Application Platform :None.source-map-url-0.4.0",
"Red Hat JBoss Enterprise Application Platform :None.spark-md5-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.spdx-correct-3.1.0",
"Red Hat JBoss Enterprise Application Platform :None.spdx-exceptions-2.2.0",
"Red Hat JBoss Enterprise Application Platform :None.spdx-expression-parse-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.spdx-license-ids-3.0.4",
"Red Hat JBoss Enterprise Application Platform :None.specificity-0.4.1",
"Red Hat JBoss Enterprise Application Platform :None.split-string-3.1.0",
"Red Hat JBoss Enterprise Application Platform :None.sprintf-js-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.sprintf-js-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.sshpk-1.16.1",
"Red Hat JBoss Enterprise Application Platform :None.stack-trace-0.0.10",
"Red Hat JBoss Enterprise Application Platform :None.state-toggle-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.static-extend-0.1.2",
"Red Hat JBoss Enterprise Application Platform :None.string-template-0.2.1",
"Red Hat JBoss Enterprise Application Platform :None.string-width-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.string-width-3.1.0",
"Red Hat JBoss Enterprise Application Platform :None.string-width-4.1.0",
"Red Hat JBoss Enterprise Application Platform :None.string_decoder-0.10.31",
"Red Hat JBoss Enterprise Application Platform :None.string_decoder-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.stringify-entities-1.3.2",
"Red Hat JBoss Enterprise Application Platform :None.strip-ansi-3.0.1",
"Red Hat JBoss Enterprise Application Platform :None.strip-ansi-5.2.0",
"Red Hat JBoss Enterprise Application Platform :None.strip-bom-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.strip-bom-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.strip-indent-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.strip-indent-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.style-search-0.1.0",
"Red Hat JBoss Enterprise Application Platform :None.stylelint-10.1.0",
"Red Hat JBoss Enterprise Application Platform :None.sugarss-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.supports-color-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.supports-color-5.5.0",
"Red Hat JBoss Enterprise Application Platform :None.supports-color-6.1.0",
"Red Hat JBoss Enterprise Application Platform :None.svg-tags-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.symbol-tree-3.2.4",
"Red Hat JBoss Enterprise Application Platform :None.table-5.4.1",
"Red Hat JBoss Enterprise Application Platform :None.taffydb-2.7.2",
"Red Hat JBoss Enterprise Application Platform :None.taffydb-2.7.3",
"Red Hat JBoss Enterprise Application Platform :None.tar-4.4.10",
"Red Hat JBoss Enterprise Application Platform :None.through2-3.0.1",
"Red Hat JBoss Enterprise Application Platform :None.tiny-emitter-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.tiny-lr-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.to-fast-properties-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.to-fast-properties-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.to-object-path-0.3.0",
"Red Hat JBoss Enterprise Application Platform :None.to-regex-3.0.2",
"Red Hat JBoss Enterprise Application Platform :None.to-regex-range-2.1.1",
"Red Hat JBoss Enterprise Application Platform :None.to-regex-range-5.0.1",
"Red Hat JBoss Enterprise Application Platform :None.tough-cookie-2.4.3",
"Red Hat JBoss Enterprise Application Platform :None.tough-cookie-2.5.0",
"Red Hat JBoss Enterprise Application Platform :None.tr46-0.0.3",
"Red Hat JBoss Enterprise Application Platform :None.trim-0.0.1",
"Red Hat JBoss Enterprise Application Platform :None.trim-newlines-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.trim-newlines-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.trim-right-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.trim-trailing-lines-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.trough-1.0.4",
"Red Hat JBoss Enterprise Application Platform :None.tunnel-agent-0.6.0",
"Red Hat JBoss Enterprise Application Platform :None.tweetnacl-0.14.5",
"Red Hat JBoss Enterprise Application Platform :None.type-check-0.3.2",
"Red Hat JBoss Enterprise Application Platform :None.typedarray-to-buffer-3.1.5",
"Red Hat JBoss Enterprise Application Platform :None.unc-path-regex-0.1.2",
"Red Hat JBoss Enterprise Application Platform :None.underscore.string-3.3.5",
"Red Hat JBoss Enterprise Application Platform :None.unherit-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.unified-7.1.0",
"Red Hat JBoss Enterprise Application Platform :None.union-value-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.uniq-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.unist-util-find-all-after-1.0.4",
"Red Hat JBoss Enterprise Application Platform :None.unist-util-is-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.unist-util-remove-position-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.unist-util-stringify-position-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.unist-util-visit-1.4.1",
"Red Hat JBoss Enterprise Application Platform :None.unist-util-visit-parents-2.1.2",
"Red Hat JBoss Enterprise Application Platform :None.universalify-0.1.2",
"Red Hat JBoss Enterprise Application Platform :None.unset-value-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.uri-js-4.2.2",
"Red Hat JBoss Enterprise Application Platform :None.urix-0.1.0",
"Red Hat JBoss Enterprise Application Platform :None.use-3.1.1",
"Red Hat JBoss Enterprise Application Platform :None.util-deprecate-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.uuid-3.2.1",
"Red Hat JBoss Enterprise Application Platform :None.uuid-3.3.2",
"Red Hat JBoss Enterprise Application Platform :None.v8flags-3.1.3",
"Red Hat JBoss Enterprise Application Platform :None.validate-npm-package-license-3.0.4",
"Red Hat JBoss Enterprise Application Platform :None.verror-1.10.0",
"Red Hat JBoss Enterprise Application Platform :None.vfile-3.0.1",
"Red Hat JBoss Enterprise Application Platform :None.vfile-location-2.0.5",
"Red Hat JBoss Enterprise Application Platform :None.vfile-message-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.vuvuzela-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.webidl-conversions-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.websocket-driver-0.7.3",
"Red Hat JBoss Enterprise Application Platform :None.websocket-extensions-0.1.3",
"Red Hat JBoss Enterprise Application Platform :None.whatwg-fetch-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.whatwg-url-compat-0.6.5",
"Red Hat JBoss Enterprise Application Platform :None.which-1.3.1",
"Red Hat JBoss Enterprise Application Platform :None.wide-align-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.wordwrap-0.0.3",
"Red Hat JBoss Enterprise Application Platform :None.wordwrap-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.wrappy-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.write-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.write-stream-0.4.3",
"Red Hat JBoss Enterprise Application Platform :None.x-is-string-0.1.0",
"Red Hat JBoss Enterprise Application Platform :None.xml-name-validator-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.xtend-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.yallist-3.0.3",
"Red Hat JBoss Enterprise Application Platform :None.yargs-parser-10.1.0",
"Red Hat JBoss Enterprise Application Platform :antlr.antlr-2.7.7.redhat-7.jar",
"Red Hat JBoss Enterprise Application Platform :antlr.antlr-2.7.7.redhat-7.pom",
"Red Hat JBoss Enterprise Application Platform :ch.qos.cal10n.cal10n-api-0.8.1.redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :ch.qos.cal10n.cal10n-api-0.8.1.redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.classmate-1.5.1.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.classmate-1.5.1.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-annotations-2.11.3.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-annotations-2.12.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-annotations-2.12.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-core-2.11.3.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-core-2.12.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-core-2.12.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-databind-2.11.3.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-databind-2.12.6.1-redhat-00004.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-databind-2.12.6.1-redhat-00004.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.datatype.jackson-datatype-jdk8-2.12.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.datatype.jackson-datatype-jdk8-2.12.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.datatype.jackson-datatype-jsr310-2.12.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.datatype.jackson-datatype-jsr310-2.12.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.jaxrs.jackson-jaxrs-base-2.12.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.jaxrs.jackson-jaxrs-base-2.12.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.jaxrs.jackson-jaxrs-json-provider-2.12.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.jaxrs.jackson-jaxrs-json-provider-2.12.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.module.jackson-module-jaxb-annotations-2.12.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.module.jackson-module-jaxb-annotations-2.12.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.woodstox.woodstox-core-6.0.3.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.github.ben-manes.caffeine.caffeine-2.8.8.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.github.fge.btf-1.2.0.redhat-00007.jar",
"Red Hat JBoss Enterprise Application Platform :com.github.fge.jackson-coreutils-1.8.0.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :com.github.fge.json-patch-1.9.0.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :com.github.fge.msg-simple-1.1.0.redhat-00007.jar",
"Red Hat JBoss Enterprise Application Platform :com.github.spullara.mustache.java.compiler-0.9.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.github.spullara.mustache.java.compiler-0.9.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.google.code.gson.gson-2.8.5.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.google.code.gson.gson-2.8.9.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.google.code.gson.gson-2.8.9.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.google.guava.failureaccess-1.0.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :com.google.guava.failureaccess-1.0.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :com.google.guava.guava-30.1.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.google.guava.guava-30.1.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.google.protobuf.protobuf-java-3.12.2.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :com.googlecode.javaewah.JavaEWAH-1.1.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.googlecode.javaewah.JavaEWAH-1.1.7.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.h2database.h2-1.4.197.redhat-00004.jar",
"Red Hat JBoss Enterprise Application Platform :com.h2database.h2-1.4.197.redhat-00004.pom",
"Red Hat JBoss Enterprise Application Platform :com.h2database.h2-1.4.197.redhat-00004.zip",
"Red Hat JBoss Enterprise Application Platform :com.microsoft.azure.azure-storage-8.6.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.microsoft.azure.azure-storage-8.6.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.squareup.protoparser-4.0.3.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.activation.jakarta.activation-1.2.2.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.activation.jakarta.activation-1.2.2.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.faces.jsf-impl-2.3.14.SP06-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.faces.jsf-impl-2.3.14.SP06-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.istack.istack-commons-runtime-3.0.10.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.istack.istack-commons-runtime-3.0.10.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.istack.istack-commons-tools-3.0.10.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.istack.istack-commons-tools-3.0.10.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.mail.jakarta.mail-1.6.5.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.mail.jakarta.mail-1.6.5.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.bind.external.relaxng-datatype-2.3.3.b02-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.bind.external.relaxng-datatype-2.3.3.b02-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.bind.external.rngom-2.3.3.b02-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.bind.external.rngom-2.3.3.b02-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.bind.jaxb.isorelax-20090621.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.fastinfoset.FastInfoset-1.2.13.redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.fastinfoset.FastInfoset-1.2.13.redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.messaging.saaj.saaj-impl-1.4.1.SP1-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.messaging.saaj.saaj-impl-1.4.1.SP1-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :commons-beanutils.commons-beanutils-1.9.4.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :commons-beanutils.commons-beanutils-1.9.4.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :commons-cli.commons-cli-1.2.0.redhat-10.pom",
"Red Hat JBoss Enterprise Application Platform :commons-cli.commons-cli-1.4.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :commons-cli.commons-cli-1.4.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :commons-codec.commons-codec-1.11.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :commons-codec.commons-codec-1.15.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :commons-codec.commons-codec-1.15.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :commons-collections.commons-collections-3.2.2.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :commons-collections.commons-collections-3.2.2.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :commons-io.commons-io-2.10.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :commons-io.commons-io-2.10.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :commons-io.commons-io-2.8.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :commons-lang.commons-lang-2.6.0.redhat-7.jar",
"Red Hat JBoss Enterprise Application Platform :commons-lang.commons-lang-2.6.0.redhat-7.pom",
"Red Hat JBoss Enterprise Application Platform :commons-logging.commons-logging-1.2.0.redhat-00004.pom",
"Red Hat JBoss Enterprise Application Platform :gnu.getopt.java-getopt-1.0.13.redhat-5.jar",
"Red Hat JBoss Enterprise Application Platform :gnu.getopt.java-getopt-1.0.13.redhat-5.pom",
"Red Hat JBoss Enterprise Application Platform :io.agroal.agroal-api-1.3.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.agroal.agroal-api-1.3.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.agroal.agroal-narayana-1.3.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.agroal.agroal-narayana-1.3.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.agroal.agroal-pool-1.3.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.agroal.agroal-pool-1.3.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-buffer-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-buffer-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-dns-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-dns-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-haproxy-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-haproxy-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-http-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-http-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-http2-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-http2-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-memcache-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-memcache-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-mqtt-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-mqtt-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-redis-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-redis-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-smtp-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-smtp-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-socks-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-socks-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-stomp-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-stomp-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-xml-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-xml-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-common-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-handler-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-handler-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-handler-proxy-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-handler-proxy-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-resolver-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-resolver-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-resolver-dns-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-resolver-dns-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-resolver-dns-classes-macos-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-resolver-dns-classes-macos-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-tcnative-classes-2.0.52.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-tcnative-classes-2.0.52.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-classes-epoll-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-classes-epoll-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-classes-kqueue-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-classes-kqueue-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-native-epoll-4.1.77.Final-redhat-00001-linux-x86_64.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-native-epoll-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-native-unix-common-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-native-unix-common-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-rxtx-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-rxtx-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-sctp-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-sctp-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-udt-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-udt-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.reactivex.rxjava2.rxjava-2.2.20.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.reactivex.rxjava3.rxjava-3.0.9.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.undertow.jastow.jastow-2.0.11.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.undertow.jastow.jastow-2.0.11.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.undertow.js.undertow-js-1.0.2.Final-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :io.undertow.js.undertow-js-1.0.2.Final-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :io.undertow.undertow-core-2.2.19.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.undertow.undertow-servlet-2.2.19.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.undertow.undertow-servlet-2.2.19.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.undertow.undertow-websockets-jsr-2.2.19.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.undertow.undertow-websockets-jsr-2.2.19.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :jakarta.enterprise.jakarta.enterprise.cdi-api-2.0.2.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :jakarta.enterprise.jakarta.enterprise.cdi-api-2.0.2.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :jakarta.inject.jakarta.inject-api-1.0.3.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :jakarta.inject.jakarta.inject-api-1.0.3.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :jakarta.json.bind.jakarta.json.bind-api-1.0.2.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :jakarta.json.bind.jakarta.json.bind-api-1.0.2.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :jakarta.json.jakarta.json-api-1.1.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :jakarta.json.jakarta.json-api-1.1.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :jakarta.persistence.jakarta.persistence-api-2.2.3.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :jakarta.persistence.jakarta.persistence-api-2.2.3.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :jakarta.security.enterprise.jakarta.security.enterprise-api-1.0.2.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :jakarta.security.enterprise.jakarta.security.enterprise-api-1.0.2.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :jakarta.validation.jakarta.validation-api-2.0.2.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :jakarta.validation.jakarta.validation-api-2.0.2.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :javax.jws.jsr181-api-1.0.0.MR1-redhat-8.jar",
"Red Hat JBoss Enterprise Application Platform :javax.jws.jsr181-api-1.0.0.MR1-redhat-8.pom",
"Red Hat JBoss Enterprise Application Platform :jaxen.jaxen-1.1.6.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :jaxen.jaxen-1.1.6.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :jboss.jaxbintros.jboss-jaxb-intros-1.0.3.GA-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :jboss.jaxbintros.jboss-jaxb-intros-1.0.3.GA-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :joda-time.joda-time-2.9.7.redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :joda-time.joda-time-2.9.7.redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :net.bytebuddy.byte-buddy-1.11.12.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :net.bytebuddy.byte-buddy-dep-1.11.12.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :net.java.dev.msv.msv-core-2013.6.1.pom",
"Red Hat JBoss Enterprise Application Platform :net.java.dev.msv.xsdlib-2013.6.1.pom",
"Red Hat JBoss Enterprise Application Platform :net.jcip.jcip-annotations-1.0.0.redhat-8.jar",
"Red Hat JBoss Enterprise Application Platform :net.jcip.jcip-annotations-1.0.0.redhat-8.pom",
"Red Hat JBoss Enterprise Application Platform :net.shibboleth.utilities.java-support-7.3.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :net.shibboleth.utilities.java-support-7.3.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.aesh.aesh-2.4.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.aesh.aesh-2.4.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.aesh.aesh-extensions-1.8.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.aesh.aesh-extensions-1.8.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.aesh.readline-2.2.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.aesh.readline-2.2.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.aesh.terminal-api-2.2.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.activemq-artemis-native-1.0.2.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.activemq-artemis-native-1.0.2.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-cli-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-cli-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-commons-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-commons-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-core-client-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-core-client-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-dto-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-dto-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-hornetq-protocol-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-hornetq-protocol-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-hqclient-protocol-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-hqclient-protocol-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-jdbc-store-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-jdbc-store-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-jms-client-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-jms-client-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-jms-server-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-jms-server-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-journal-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-journal-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-ra-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-ra-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-selector-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-selector-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-server-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-server-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-service-extensions-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-service-extensions-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-tools-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-tools-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.avro.avro-1.7.6.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.avro.avro-1.7.6.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.commons.commons-lang3-3.11.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.commons.commons-lang3-3.11.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-core-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-core-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-bindings-coloc-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-bindings-coloc-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-bindings-soap-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-bindings-soap-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-bindings-xml-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-bindings-xml-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-databinding-aegis-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-databinding-aegis-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-databinding-jaxb-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-databinding-jaxb-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-features-clustering-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-features-clustering-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-features-logging-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-features-logging-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-frontend-jaxws-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-frontend-jaxws-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-frontend-simple-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-frontend-simple-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-management-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-management-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-security-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-security-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-security-saml-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-security-saml-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-http-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-http-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-http-hc-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-http-hc-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-jms-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-jms-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-local-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-local-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-addr-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-addr-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-mex-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-mex-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-policy-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-policy-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-rm-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-rm-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-security-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-security-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-wsdl-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-wsdl-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-common-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-common-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-java2ws-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-java2ws-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-validator-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-validator-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-wsdlto-core-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-wsdlto-core-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-wsdlto-databinding-jaxb-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-wsdlto-databinding-jaxb-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-wsdlto-frontend-jaxws-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-wsdlto-frontend-jaxws-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.services.sts.cxf-services-sts-core-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.services.sts.cxf-services-sts-core-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.services.ws-discovery.cxf-services-ws-discovery-api-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.services.ws-discovery.cxf-services-ws-discovery-api-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjc-utils.cxf-xjc-runtime-3.3.1.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjc-utils.cxf-xjc-runtime-3.3.1.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-boolean-3.3.1.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-boolean-3.3.1.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-bug986-3.3.1.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-bug986-3.3.1.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-dv-3.3.1.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-dv-3.3.1.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-ts-3.3.1.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-ts-3.3.1.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpasyncclient-4.1.4.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpasyncclient-4.1.4.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpclient-4.5.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpclient-4.5.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpcore-4.4.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpcore-4.4.14.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpcore-4.4.14.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpcore-nio-4.4.14.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpcore-nio-4.4.14.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpmime-4.5.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpmime-4.5.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.james.apache-mime4j-0.6.0.redhat-7.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.james.apache-mime4j-0.6.0.redhat-7.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.logging.log4j.log4j-api-2.17.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.logging.log4j.log4j-api-2.17.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-analyzers-common-5.5.5.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-analyzers-common-5.5.5.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-backward-codecs-5.5.5.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-backward-codecs-5.5.5.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-core-5.5.5.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-core-5.5.5.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-facet-5.5.5.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-facet-5.5.5.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-misc-5.5.5.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-misc-5.5.5.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-queries-5.5.5.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-queries-5.5.5.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-queryparser-5.5.5.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-queryparser-5.5.5.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.neethi.neethi-3.1.1.redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.neethi.neethi-3.1.1.redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.santuario.xmlsec-2.1.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.santuario.xmlsec-2.1.7.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.sshd.sshd-common-2.7.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.sshd.sshd-common-2.7.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.sshd.sshd-core-2.7.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.sshd.sshd-core-2.7.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.taglibs.taglibs-standard-compat-1.2.6.RC1-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.taglibs.taglibs-standard-compat-1.2.6.RC1-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.taglibs.taglibs-standard-impl-1.2.6.RC1-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.taglibs.taglibs-standard-impl-1.2.6.RC1-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.taglibs.taglibs-standard-spec-1.2.6.RC1-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.taglibs.taglibs-standard-spec-1.2.6.RC1-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.velocity.velocity-engine-core-2.3.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.ws.xmlschema.xmlschema-core-2.2.5.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.ws.xmlschema.xmlschema-core-2.2.5.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-bindings-2.2.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-bindings-2.2.7.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-policy-2.2.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-policy-2.2.7.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-common-2.2.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-common-2.2.7.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-dom-2.2.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-dom-2.2.7.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-policy-stax-2.2.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-policy-stax-2.2.7.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-stax-2.2.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-stax-2.2.7.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.bitbucket.b_c.jose4j-0.7.5.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcmail-jdk15on-1.68.0.redhat-00005.jar",
"Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcmail-jdk15on-1.68.0.redhat-00005.pom",
"Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcpg-jdk15on-1.68.0.redhat-00005.jar",
"Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcpg-jdk15on-1.68.0.redhat-00005.pom",
"Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcpkix-jdk15on-1.68.0.redhat-00005.jar",
"Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcpkix-jdk15on-1.68.0.redhat-00005.pom",
"Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcprov-jdk15on-1.68.0.redhat-00005.jar",
"Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcprov-jdk15on-1.68.0.redhat-00005.pom",
"Red Hat JBoss Enterprise Application Platform :org.codehaus.jackson.jackson-core-asl-1.9.13.redhat-00007.jar",
"Red Hat JBoss Enterprise Application Platform :org.codehaus.jackson.jackson-jaxrs-1.9.13.redhat-00007.jar",
"Red Hat JBoss Enterprise Application Platform :org.codehaus.jackson.jackson-mapper-asl-1.9.13.redhat-00007.jar",
"Red Hat JBoss Enterprise Application Platform :org.codehaus.jackson.jackson-xc-1.9.13.redhat-00007.jar",
"Red Hat JBoss Enterprise Application Platform :org.codehaus.jettison.jettison-1.4.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.codehaus.jettison.jettison-1.4.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.codehaus.woodstox.stax2-api-4.2.1.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.codehaus.woodstox.stax2-api-4.2.1.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.cryptacular.cryptacular-1.2.4.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.cryptacular.cryptacular-1.2.4.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.dom4j.dom4j-2.1.3.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.dom4j.dom4j-2.1.3.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.eclipse.jdt.ecj-3.26.0.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.eclipse.jdt.ecj-3.26.0.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.eclipse.jgit.org.eclipse.jgit-5.13.0.202109080827-r-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.eclipse.jgit.org.eclipse.jgit-5.13.0.202109080827-r-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.eclipse.jgit.org.eclipse.jgit.ssh.apache-5.13.0.202109080827-r-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.eclipse.jgit.org.eclipse.jgit.ssh.apache-5.13.0.202109080827-r-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.eclipse.yasson-1.0.10.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.eclipse.yasson-1.0.10.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.fusesource.hawtjni.hawtjni-runtime-1.17.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.fusesource.jansi.jansi-1.18.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.fusesource.jansi.jansi-linux32-1.8.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.fusesource.jansi.jansi-linux64-1.8.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.fusesource.jansi.jansi-native-1.8.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jakarta.el-3.0.3.redhat-00007.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jakarta.el-3.0.3.redhat-00007.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jakarta.enterprise.concurrent-1.1.1.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jakarta.enterprise.concurrent-1.1.1.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jakarta.json-1.1.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jakarta.json-1.1.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.codemodel-2.3.3.b02-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.codemodel-2.3.3.b02-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.jaxb-jxc-2.3.3.b02-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.jaxb-jxc-2.3.3.b02-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.jaxb-runtime-2.3.3.b02-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.jaxb-runtime-2.3.3.b02-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.jaxb-xjc-2.3.3.b02-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.jaxb-xjc-2.3.3.b02-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.txw2-2.3.3.b02-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.txw2-2.3.3.b02-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.xsom-2.3.3.b02-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.xsom-2.3.3.b02-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.soteria.jakarta.security.enterprise-1.0.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.soteria.jakarta.security.enterprise-1.0.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.common.hibernate-commons-annotations-5.0.5.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-core-5.3.28.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-envers-5.3.28.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-backend-jms-5.10.7.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-backend-jms-5.10.7.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-engine-5.10.7.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-engine-5.10.7.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-orm-5.10.7.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-orm-5.10.7.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-serialization-avro-5.10.7.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-serialization-avro-5.10.7.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.validator.hibernate-validator-6.0.23.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.validator.hibernate-validator-6.0.23.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.validator.hibernate-validator-cdi-6.0.23.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.validator.hibernate-validator-cdi-6.0.23.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.hornetq.hornetq-commons-2.4.8.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hornetq.hornetq-commons-2.4.8.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.hornetq.hornetq-core-client-2.4.8.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hornetq.hornetq-core-client-2.4.8.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.hornetq.hornetq-jms-client-2.4.8.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hornetq.hornetq-jms-client-2.4.8.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-cachestore-jdbc-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-cachestore-jdbc-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-cachestore-remote-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-cachestore-remote-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-client-hotrod-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-client-hotrod-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-commons-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-commons-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-component-annotations-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-component-annotations-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-core-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-core-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-commons-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-commons-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-spi-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-spi-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-v51-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-v51-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-v53-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-v53-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.protostream.protostream-4.3.5.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.protostream.protostream-4.3.5.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jasypt.jasypt-1.9.3.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.jasypt.jasypt-1.9.3.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.javassist.javassist-3.26.0.GA-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.javassist.javassist-3.27.0.GA-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.javassist.javassist-3.27.0.GA-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jberet.jberet-core-1.3.9.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jberet.jberet-core-1.3.9.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.activemq.artemis.integration.artemis-wildfly-integration-1.0.4.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.activemq.artemis.integration.artemis-wildfly-integration-1.0.4.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.classfilewriter.jboss-classfilewriter-1.2.5.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.classfilewriter.jboss-classfilewriter-1.2.5.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.common.jboss-common-beans-2.0.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.common.jboss-common-beans-2.0.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-eclipselink-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-eclipselink-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate4-1-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate4-1-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate4-3-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate4-3-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate5-3-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate5-3-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate5-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate5-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-openjpa-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-openjpa-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-appclient-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-appclient-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-batch-jberet-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-batch-jberet-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-bean-validation-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-bean-validation-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-client-all-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-client-properties-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-client-properties-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-api-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-api-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-common-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-common-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-cache-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-cache-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-hotrod-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-hotrod-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-infinispan-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-infinispan-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ejb-infinispan-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ejb-infinispan-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ejb-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ejb-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-client-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-client-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-extension-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-extension-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-marshalling-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-marshalling-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-jgroups-api-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-jgroups-api-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-jgroups-extension-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-jgroups-extension-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-jgroups-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-jgroups-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-api-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-api-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-jboss-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-jboss-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-protostream-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-protostream-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-server-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-server-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-service-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-service-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-singleton-api-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-singleton-api-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-singleton-extension-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-singleton-extension-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-api-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-api-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-cache-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-cache-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-container-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-container-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-extension-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-extension-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-hotrod-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-hotrod-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-infinispan-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-infinispan-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-undertow-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-undertow-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-cmp-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-cmp-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-configadmin-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-configadmin-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-connector-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-connector-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-datasources-agroal-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-datasources-agroal-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ee-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ee-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ee-security-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ee-security-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ejb3-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ejb3-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-health-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-health-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-iiop-openjdk-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-iiop-openjdk-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jacorb-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jacorb-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jaxr-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jaxr-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jaxrs-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jaxrs-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jdr-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jdr-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jpa-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jpa-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jsf-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jsf-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jsf-injection-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jsf-injection-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jsr77-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jsr77-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-mail-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-mail-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-messaging-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-messaging-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-messaging-activemq-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-messaging-activemq-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-metrics-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-metrics-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-mod_cluster-extension-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-mod_cluster-extension-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-mod_cluster-undertow-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-mod_cluster-undertow-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-naming-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-naming-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ormtransformer-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ormtransformer-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-picketlink-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-picketlink-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-pojo-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-pojo-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-rts-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-rts-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-sar-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-sar-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-api-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-api-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-integration-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-integration-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-plugins-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-plugins-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-vault-tool-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-vault-tool-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-system-jmx-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-system-jmx-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-transactions-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-transactions-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-undertow-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-undertow-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-web-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-web-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-web-common-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-web-common-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-webservices-server-integration-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-webservices-server-integration-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-bean-validation-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-bean-validation-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-common-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-common-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-ejb-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-ejb-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-jpa-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-jpa-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-transactions-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-transactions-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-webservices-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-webservices-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-xts-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-xts-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ejb3.jboss-ejb3-ext-api-2.3.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ejb3.jboss-ejb3-ext-api-2.3.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.genericjms.generic-jms-ra-jar-2.0.9.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.genericjms.generic-jms-ra-jar-2.0.9.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.hal.hal-console-3.3.14.Final-redhat-00001-resources.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.hal.hal-console-3.3.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.invocation.jboss-invocation-1.6.3.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.invocation.jboss-invocation-1.6.3.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-common-api-1.5.3.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-common-api-1.5.3.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-common-impl-1.5.3.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-common-impl-1.5.3.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-common-spi-1.5.3.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-common-spi-1.5.3.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-core-api-1.5.3.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-core-api-1.5.3.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-core-impl-1.5.3.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-core-impl-1.5.3.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-deployers-common-1.5.3.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-deployers-common-1.5.3.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-jdbc-1.5.3.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-jdbc-1.5.3.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-validator-1.5.3.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-validator-1.5.3.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jandex-2.4.2.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jandex-2.4.2.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-dmr-1.5.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-dmr-1.5.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-ejb-client-4.0.45.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-ejb-client-4.0.45.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-ejb-client-legacy-3.0.3.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-ejb-client-legacy-3.0.3.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-iiop-client-1.0.1.Final-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-iiop-client-1.0.1.Final-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-transaction-spi-7.6.0.Final-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-transaction-spi-7.6.0.Final-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-vfs-3.2.17.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-vfs-3.2.17.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logging.commons-logging-jboss-logging-1.0.0.Final-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logging.commons-logging-jboss-logging-1.0.0.Final-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logging.jboss-logging-3.4.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logging.jboss-logging-3.4.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logging.jul-to-slf4j-stub-1.0.1.Final-redhat-3.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logging.jul-to-slf4j-stub-1.0.1.Final-redhat-3.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logmanager.jboss-logmanager-2.1.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logmanager.jboss-logmanager-2.1.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logmanager.log4j-jboss-logmanager-1.2.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logmanager.log4j2-jboss-logmanager-1.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logmanager.log4j2-jboss-logmanager-1.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.marshalling.jboss-marshalling-2.0.12.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.marshalling.jboss-marshalling-2.0.12.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.marshalling.jboss-marshalling-river-2.0.12.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.marshalling.jboss-marshalling-river-2.0.12.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-appclient-13.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-appclient-13.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-common-13.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-common-13.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-ear-13.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-ear-13.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-ejb-13.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-ejb-13.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-web-13.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-web-13.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-cli-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-cli-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-core-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-core-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap6.4-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap6.4-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap6.4-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap6.4-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.0-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.0-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.0-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.0-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.1-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.1-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.1-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.1-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.2-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.2-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.2-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.2-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.3-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.3-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.3-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.3-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.4-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.4-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.4-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.4-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly10.0-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly10.0-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly10.1-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly10.1-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly11.0-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly11.0-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly12.0-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly12.0-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly13.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly13.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly14.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly14.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly15.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly15.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly16.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly16.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly17.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly17.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly18.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly18.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly19.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly19.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly20.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly20.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly21.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly21.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly22.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly22.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly8.2-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly8.2-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly9.0-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly9.0-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.mod_cluster.mod_cluster-container-spi-1.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.mod_cluster.mod_cluster-container-spi-1.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.mod_cluster.mod_cluster-core-1.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.mod_cluster.mod_cluster-core-1.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.mod_cluster.mod_cluster-load-spi-1.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.mod_cluster.mod_cluster-load-spi-1.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.modules.jboss-modules-1.12.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.modules.jboss-modules-1.12.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.msc.jboss-msc-1.4.12.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.msc.jboss-msc-1.4.12.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.arjunacore.arjuna-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.arjunacore.txoj-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.common-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.compensations.compensations-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.compensations.compensations-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jbosstxbridge-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jbosstxbridge-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jta.cdi-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jta.jdbc-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jta.jms-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jta.jta-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jts.idlj-idl-jdk8-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jts.jtax-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jts.jts-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jts.narayana-jts-idlj-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jts.narayana-jts-integration-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jts.narayana-jts-integration-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jts.orbportability-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-api-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-api-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-bridge-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-bridge-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-integration-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-integration-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-util-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-util-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.txframework.txframework-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.txframework.txframework-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.bridge-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.jbossxts-5.11.4.Final-redhat-00001-api.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.jbossxts-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.recovery-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.service-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.ws-c11-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.ws-t11-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.wsas-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.wscf11-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.wstx11-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.openjdk-orb.openjdk-orb-8.1.4.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.openjdk-orb.openjdk-orb-8.1.4.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.remoting.jboss-remoting-5.0.25.SP1-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.remoting.jboss-remoting-5.0.25.SP1-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.remotingjmx.remoting-jmx-3.0.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.remotingjmx.remoting-jmx-3.0.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.jose-jwt-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.jose-jwt-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-atom-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-atom-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-cdi-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-cdi-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-client-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-client-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-crypto-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-crypto-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jackson-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jackson-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jackson2-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jackson2-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jaxb-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jaxb-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jaxrs-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jaxrs-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jettison-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jettison-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jsapi-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jsapi-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-json-binding-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-json-binding-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-json-p-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-json-p-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-multipart-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-multipart-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-rxjava2-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-rxjava2-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-spring-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-spring-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-validator-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-validator-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-yaml-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-yaml-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.seam.integration.jboss-seam-int-jbossas-7.0.0.GA-redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.seam.integration.jboss-seam-int-jbossas-7.0.0.GA-redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-common-3.0.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-common-3.0.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-extras-3.0.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-extras-3.0.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-ntlm-3.0.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-ntlm-3.0.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-spnego-3.0.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-spnego-3.0.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jbossxacml-2.0.8.Final-redhat-8.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.slf4j.slf4j-jboss-logmanager-1.1.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.slf4j.slf4j-jboss-logmanager-1.1.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.annotation.jboss-annotations-api_1.3_spec-2.0.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.annotation.jboss-annotations-api_1.3_spec-2.0.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.batch.jboss-batch-api_1.0_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.batch.jboss-batch-api_1.0_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.ejb.jboss-ejb-api_3.2_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.ejb.jboss-ejb-api_3.2_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.el.jboss-el-api_3.0_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.el.jboss-el-api_3.0_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.enterprise.concurrent.jboss-concurrency-api_1.0_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.enterprise.concurrent.jboss-concurrency-api_1.0_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.faces.jboss-jsf-api_2.3_spec-3.0.0.SP06-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.faces.jboss-jsf-api_2.3_spec-3.0.0.SP06-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.interceptor.jboss-interceptors-api_1.2_spec-2.0.0.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.interceptor.jboss-interceptors-api_1.2_spec-2.0.0.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.jms.jboss-jms-api_2.0_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.jms.jboss-jms-api_2.0_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.management.j2ee.jboss-j2eemgmt-api_1.1_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.management.j2ee.jboss-j2eemgmt-api_1.1_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.resource.jboss-connector-api_1.7_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.resource.jboss-connector-api_1.7_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.security.auth.message.jboss-jaspi-api_1.1_spec-2.0.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.security.auth.message.jboss-jaspi-api_1.1_spec-2.0.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.security.jacc.jboss-jacc-api_1.5_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.security.jacc.jboss-jacc-api_1.5_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.servlet.jboss-servlet-api_4.0_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.servlet.jboss-servlet-api_4.0_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.servlet.jsp.jboss-jsp-api_2.3_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.servlet.jsp.jboss-jsp-api_2.3_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.transaction.jboss-transaction-api_1.3_spec-2.0.0.Final-redhat-00005.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.transaction.jboss-transaction-api_1.3_spec-2.0.0.Final-redhat-00005.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.websocket.jboss-websocket-api_1.1_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.websocket.jboss-websocket-api_1.1_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.ws.rs.jboss-jaxrs-api_2.1_spec-2.0.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.ws.rs.jboss-jaxrs-api_2.1_spec-2.0.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.bind.jboss-jaxb-api_2.3_spec-2.0.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.bind.jboss-jaxb-api_2.3_spec-2.0.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.rpc.jboss-jaxrpc-api_1.1_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.rpc.jboss-jaxrpc-api_1.1_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.soap.jboss-saaj-api_1.3_spec-1.0.6.Final-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.soap.jboss-saaj-api_1.3_spec-1.0.6.Final-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.soap.jboss-saaj-api_1.4_spec-1.0.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.soap.jboss-saaj-api_1.4_spec-1.0.2.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.ws.jboss-jaxws-api_2.3_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.ws.jboss-jaxws-api_2.3_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.staxmapper-1.3.0.Final-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.staxmapper-1.3.0.Final-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.stdio.jboss-stdio-1.1.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.stdio.jboss-stdio-1.1.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.threads.jboss-threads-2.4.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.threads.jboss-threads-2.4.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-ejb-3.1.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-ejb-3.1.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-jsf-3.1.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-jsf-3.1.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-jta-3.1.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-jta-3.1.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-web-3.1.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-web-3.1.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.probe.weld-probe-core-3.1.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.probe.weld-probe-core-3.1.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.weld-api-3.1.0.SP3-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.weld-api-3.1.0.SP3-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.weld-core-impl-3.1.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.weld-core-impl-3.1.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.weld-spi-3.1.0.SP3-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.weld-spi-3.1.0.SP3-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-client-5.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-client-5.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-factories-5.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-factories-5.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-jaspi-5.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-jaspi-5.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-resources-5.4.4.Final-redhat-00001-wildfly2000.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-resources-5.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-server-5.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-server-5.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-transports-udp-5.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-transports-udp-5.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-transports-undertow-5.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-transports-undertow-5.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-api-1.1.2.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-api-1.1.2.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-common-3.3.3.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-common-3.3.3.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-common-tools-1.3.2.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-common-tools-1.3.2.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-spi-3.3.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-spi-3.3.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.projects.jaxws-undertow-httpspi-1.0.1.Final-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.projects.jaxws-undertow-httpspi-1.0.1.Final-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.xnio.netty.netty-xnio-transport-0.1.9.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.xnio.netty.netty-xnio-transport-0.1.9.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.xnio.xnio-api-3.8.7.SP1-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.xnio.xnio-api-3.8.7.SP1-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.xnio.xnio-nio-3.8.7.SP1-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.xnio.xnio-nio-3.8.7.SP1-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jctools.jctools-core-2.1.2.redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jctools.jctools-core-2.1.2.redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jctools.jctools-core-3.1.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jgroups.azure.jgroups-azure-1.3.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jgroups.azure.jgroups-azure-1.3.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jgroups.jgroups-4.2.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jgroups.jgroups-4.2.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jgroups.kubernetes.jgroups-kubernetes-1.0.16.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jgroups.kubernetes.jgroups-kubernetes-1.0.16.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jsoup.jsoup-1.14.2.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.jsoup.jsoup-1.14.2.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.jvnet.staxex.stax-ex-1.8.3.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.jvnet.staxex.stax-ex-1.8.3.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-core-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-core-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-profile-api-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-profile-api-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-saml-api-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-saml-api-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-saml-impl-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-saml-impl-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-security-api-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-security-api-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-security-impl-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-security-impl-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-soap-api-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-soap-api-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-api-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-api-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-impl-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-impl-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-saml-api-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-saml-api-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-saml-impl-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-saml-impl-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xmlsec-api-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xmlsec-api-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xmlsec-impl-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xmlsec-impl-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.ow2.asm.asm-9.1.0.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.ow2.asm.asm-util-9.1.0.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.acl-spi-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.authorization-spi-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.common-spi-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.identity-spi-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.jboss-security-spi-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.jbosssx-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.jbosssx-bare-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-5.0.3.Final-redhat-00009.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-acl-impl-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-bare-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-commons-1.0.0.final-redhat-5.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-commons-1.0.0.final-redhat-5.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-identity-impl-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-infinispan-5.0.3.Final-redhat-00009.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-infinispan-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-spi-bare-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.distribution.picketlink-wildfly8-2.5.5.SP12-redhat-00014.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-api-2.5.5.SP12-redhat-00011.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-api-2.5.5.SP12-redhat-00011.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-common-2.5.5.SP12-redhat-00011.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-common-2.5.5.SP12-redhat-00011.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-config-2.5.5.SP12-redhat-00011.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-config-2.5.5.SP12-redhat-00011.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-federation-2.5.5.SP12-redhat-00011.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-federation-2.5.5.SP12-redhat-00011.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-idm-api-2.5.5.SP12-redhat-00011.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-idm-api-2.5.5.SP12-redhat-00011.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-idm-impl-2.5.5.SP12-redhat-00011.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-idm-impl-2.5.5.SP12-redhat-00011.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-idm-simple-schema-2.5.5.SP12-redhat-00011.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-idm-simple-schema-2.5.5.SP12-redhat-00011.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-impl-2.5.5.SP12-redhat-00011.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-impl-2.5.5.SP12-redhat-00011.pom",
"Red Hat JBoss Enterprise Application Platform :org.projectodd.vdx.vdx-core-1.1.6.redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.projectodd.vdx.vdx-core-1.1.6.redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.projectodd.vdx.vdx-wildfly-1.1.6.redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.projectodd.vdx.vdx-wildfly-1.1.6.redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.reactivestreams.reactive-streams-1.0.3.redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.slf4j.jcl-over-slf4j-1.7.30.redhat-00004.pom",
"Red Hat JBoss Enterprise Application Platform :org.slf4j.slf4j-api-1.7.22.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.slf4j.slf4j-api-1.7.22.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.slf4j.slf4j-api-1.7.30.redhat-00004.pom",
"Red Hat JBoss Enterprise Application Platform :org.slf4j.slf4j-ext-1.7.22.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.slf4j.slf4j-ext-1.7.22.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.client.wildfly-client-config-1.0.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.client.wildfly-client-config-1.0.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.common.wildfly-common-1.5.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.common.wildfly-common-1.5.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-cli-15.0.18.Final-redhat-00001-client.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-cli-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-cli-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-controller-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-controller-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-controller-client-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-controller-client-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-management-client-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-management-client-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-management-subsystem-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-management-subsystem-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-security-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-security-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-security-api-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-security-api-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-deployment-repository-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-deployment-repository-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-deployment-scanner-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-deployment-scanner-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-discovery-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-discovery-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-domain-http-error-context-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-domain-http-error-context-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-domain-http-interface-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-domain-http-interface-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-domain-management-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-domain-management-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-elytron-integration-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-elytron-integration-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-elytron-tool-wrapper-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-elytron-tool-wrapper-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-embedded-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-embedded-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-event-logger-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-event-logger-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-host-controller-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-host-controller-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-io-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-io-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-jmx-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-jmx-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-launcher-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-launcher-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-logging-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-logging-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-management-client-content-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-management-client-content-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-network-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-network-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-patching-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-patching-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-platform-mbean-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-platform-mbean-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-process-controller-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-process-controller-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-protocol-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-protocol-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-remoting-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-remoting-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-request-controller-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-request-controller-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-security-manager-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-security-manager-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-server-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-server-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-threads-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-threads-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-version-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-version-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.discovery.wildfly-discovery-client-1.2.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.discovery.wildfly-discovery-client-1.2.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-java-2.2.3.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-java-2.2.3.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-ppc64le-2.2.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-ppc64le-2.2.2.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel6-x86_64-2.2.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel6-x86_64-2.2.2.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel7-x86_64-2.2.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel7-x86_64-2.2.2.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel8-x86_64-2.2.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel8-x86_64-2.2.2.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel9-x86_64-2.2.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel9-x86_64-2.2.2.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-s390x-2.2.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-s390x-2.2.2.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-windows-x86_64-2.2.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.elytron-web.undertow-server-1.9.2.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.elytron-web.undertow-server-1.9.2.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.elytron-web.undertow-server-servlet-1.9.2.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.elytron-web.undertow-server-servlet-1.9.2.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-asn1-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-asn1-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-audit-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-audit-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-deprecated-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-deprecated-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-http-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-http-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-sasl-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-sasl-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-util-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-util-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-base-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-base-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-client-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-client-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-source-deprecated-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-source-deprecated-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-source-impl-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-source-impl-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-store-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-store-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-digest-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-digest-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-encryption-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-encryption-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-basic-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-basic-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-bearer-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-bearer-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-cert-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-cert-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-deprecated-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-deprecated-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-digest-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-digest-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-external-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-external-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-form-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-form-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-oidc-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-spnego-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-spnego-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-sso-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-sso-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-stateful-basic-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-stateful-basic-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-util-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-util-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-jacc-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-jacc-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-jaspi-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-jaspi-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-jose-jwk-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-jose-util-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-json-util-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-json-util-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-keystore-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-keystore-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-digest-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-digest-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-gssapi-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-gssapi-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-http-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-http-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-oauth2-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-oauth2-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-scram-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-scram-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-password-impl-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-password-impl-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-permission-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-permission-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-provider-util-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-provider-util-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-jdbc-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-jdbc-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-ldap-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-ldap-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-token-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-token-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-anonymous-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-anonymous-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-auth-util-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-auth-util-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-deprecated-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-deprecated-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-digest-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-digest-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-entity-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-entity-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-external-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-external-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-gs2-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-gs2-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-gssapi-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-gssapi-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-localuser-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-localuser-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-oauth2-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-oauth2-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-otp-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-otp-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-plain-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-plain-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-scram-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-scram-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-security-manager-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-security-manager-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-security-manager-action-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-security-manager-action-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-ssl-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-ssl-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-tool-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-tool-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-util-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-util-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-cert-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-cert-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-cert-acme-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-cert-acme-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-cert-util-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-cert-util-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-deprecated-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-deprecated-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-principal-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-principal-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.transaction.wildfly-transaction-client-1.1.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.transaction.wildfly-transaction-client-1.1.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-client-common-1.1.13.SP1-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-client-common-1.1.13.SP1-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-ejb-client-1.1.13.SP1-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-ejb-client-1.1.13.SP1-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-naming-client-1.1.13.SP1-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-naming-client-1.1.13.SP1-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-transaction-client-1.1.13.SP1-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-transaction-client-1.1.13.SP1-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-naming-client-1.0.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-naming-client-1.0.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.yaml.snakeyaml-1.31.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.yaml.snakeyaml-1.31.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :wsdl4j.wsdl4j-1.6.3.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :wsdl4j.wsdl4j-1.6.3.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :xalan.serializer-2.7.1.redhat-00013.jar",
"Red Hat JBoss Enterprise Application Platform :xalan.serializer-2.7.1.redhat-00013.pom",
"Red Hat JBoss Enterprise Application Platform :xalan.xalan-2.7.1.redhat-00013.jar",
"Red Hat JBoss Enterprise Application Platform :xalan.xalan-2.7.1.redhat-00013.pom",
"Red Hat JBoss Enterprise Application Platform :xerces.xercesImpl-2.12.0.SP04-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :xerces.xercesImpl-2.12.0.SP04-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :xml-resolver.xml-resolver-1.2.0.redhat-12.jar",
"Red Hat JBoss Enterprise Application Platform :xml-resolver.xml-resolver-1.2.0.redhat-12.pom",
"Red Hat JBoss Enterprise Application Platform :xom.xom-1.3.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :xom.xom-1.3.7.redhat-00001.pom"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2095862"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Undertow. AJP requests to the server may allow an attacker to send a malicious request and trigger server errors, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: Large AJP request may cause DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Fuse 7 is now in Maintenance Support Phase and is marked Fixed. However, Red Hat Fuse Online does not contain the fix for this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform :io.undertow.undertow-core-2.2.19.SP2-redhat-00001.jar"
],
"known_not_affected": [
"Red Hat JBoss Enterprise Application Platform :@babel.code-frame-7.0.0",
"Red Hat JBoss Enterprise Application Platform :@babel.core-7.4.5",
"Red Hat JBoss Enterprise Application Platform :@babel.generator-7.4.4",
"Red Hat JBoss Enterprise Application Platform :@babel.helper-function-name-7.1.0",
"Red Hat JBoss Enterprise Application Platform :@babel.helper-get-function-arity-7.0.0",
"Red Hat JBoss Enterprise Application Platform :@babel.helper-split-export-declaration-7.4.4",
"Red Hat JBoss Enterprise Application Platform :@babel.helpers-7.4.4",
"Red Hat JBoss Enterprise Application Platform :@babel.highlight-7.0.0",
"Red Hat JBoss Enterprise Application Platform :@babel.parser-7.4.5",
"Red Hat JBoss Enterprise Application Platform :@babel.template-7.4.4",
"Red Hat JBoss Enterprise Application Platform :@babel.traverse-7.4.5",
"Red Hat JBoss Enterprise Application Platform :@babel.types-7.4.4",
"Red Hat JBoss Enterprise Application Platform :@mrmlnc.readdir-enhanced-2.2.1",
"Red Hat JBoss Enterprise Application Platform :@nodelib.fs.stat-1.1.3",
"Red Hat JBoss Enterprise Application Platform :@types.c3-0.6.0",
"Red Hat JBoss Enterprise Application Platform :@types.d3-4.13.0",
"Red Hat JBoss Enterprise Application Platform :@types.d3-array-1.2.1",
"Red Hat JBoss Enterprise Application Platform :@types.d3-axis-1.0.10",
"Red Hat JBoss Enterprise Application Platform :@types.d3-brush-1.0.8",
"Red Hat JBoss Enterprise Application Platform :@types.d3-chord-1.0.7",
"Red Hat JBoss Enterprise Application Platform :@types.d3-collection-1.0.7",
"Red Hat JBoss Enterprise Application Platform :@types.d3-color-1.2.1",
"Red Hat JBoss Enterprise Application Platform :@types.d3-dispatch-1.0.6",
"Red Hat JBoss Enterprise Application Platform :@types.d3-drag-1.2.1",
"Red Hat JBoss Enterprise Application Platform :@types.d3-dsv-1.0.33",
"Red Hat JBoss Enterprise Application Platform :@types.d3-ease-1.0.7",
"Red Hat JBoss Enterprise Application Platform :@types.d3-force-1.1.1",
"Red Hat JBoss Enterprise Application Platform :@types.d3-format-1.3.0",
"Red Hat JBoss Enterprise Application Platform :@types.d3-geo-1.10.3",
"Red Hat JBoss Enterprise Application Platform :@types.d3-hierarchy-1.1.2",
"Red Hat JBoss Enterprise Application Platform :@types.d3-interpolate-1.2.0",
"Red Hat JBoss Enterprise Application Platform :@types.d3-path-1.0.7",
"Red Hat JBoss Enterprise Application Platform :@types.d3-polygon-1.0.6",
"Red Hat JBoss Enterprise Application Platform :@types.d3-quadtree-1.0.5",
"Red Hat JBoss Enterprise Application Platform :@types.d3-queue-3.0.6",
"Red Hat JBoss Enterprise Application Platform :@types.d3-random-1.1.1",
"Red Hat JBoss Enterprise Application Platform :@types.d3-request-1.0.2",
"Red Hat JBoss Enterprise Application Platform :@types.d3-scale-1.0.13",
"Red Hat JBoss Enterprise Application Platform :@types.d3-selection-1.3.1",
"Red Hat JBoss Enterprise Application Platform :@types.d3-shape-1.2.3",
"Red Hat JBoss Enterprise Application Platform :@types.d3-time-1.0.8",
"Red Hat JBoss Enterprise Application Platform :@types.d3-time-format-2.1.0",
"Red Hat JBoss Enterprise Application Platform :@types.d3-timer-1.0.7",
"Red Hat JBoss Enterprise Application Platform :@types.d3-transition-1.1.1",
"Red Hat JBoss Enterprise Application Platform :@types.d3-voronoi-1.1.7",
"Red Hat JBoss Enterprise Application Platform :@types.d3-zoom-1.7.1",
"Red Hat JBoss Enterprise Application Platform :@types.events-3.0.0",
"Red Hat JBoss Enterprise Application Platform :@types.geojson-7946.0.3",
"Red Hat JBoss Enterprise Application Platform :@types.glob-7.1.1",
"Red Hat JBoss Enterprise Application Platform :@types.minimatch-3.0.3",
"Red Hat JBoss Enterprise Application Platform :@types.node-12.0.10",
"Red Hat JBoss Enterprise Application Platform :@types.unist-2.0.3",
"Red Hat JBoss Enterprise Application Platform :@types.vfile-3.0.2",
"Red Hat JBoss Enterprise Application Platform :@types.vfile-message-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.abab-1.0.4",
"Red Hat JBoss Enterprise Application Platform :None.abbrev-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.abstract-leveldown-6.0.3",
"Red Hat JBoss Enterprise Application Platform :None.ace-builds-1.4.5",
"Red Hat JBoss Enterprise Application Platform :None.acorn-2.7.0",
"Red Hat JBoss Enterprise Application Platform :None.acorn-globals-1.0.9",
"Red Hat JBoss Enterprise Application Platform :None.ajv-6.10.0",
"Red Hat JBoss Enterprise Application Platform :None.amdefine-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.ansi-regex-2.1.1",
"Red Hat JBoss Enterprise Application Platform :None.ansi-regex-4.1.0",
"Red Hat JBoss Enterprise Application Platform :None.ansi-styles-2.2.1",
"Red Hat JBoss Enterprise Application Platform :None.ansi-styles-3.2.1",
"Red Hat JBoss Enterprise Application Platform :None.aproba-1.2.0",
"Red Hat JBoss Enterprise Application Platform :None.are-we-there-yet-1.1.5",
"Red Hat JBoss Enterprise Application Platform :None.argparse-1.0.10",
"Red Hat JBoss Enterprise Application Platform :None.argsarray-0.0.1",
"Red Hat JBoss Enterprise Application Platform :None.arr-diff-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.arr-flatten-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.arr-union-3.1.0",
"Red Hat JBoss Enterprise Application Platform :None.array-each-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.array-find-index-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.array-slice-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.array-union-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.array-uniq-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.array-unique-0.3.2",
"Red Hat JBoss Enterprise Application Platform :None.arrify-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.artemis-service.exe-None",
"Red Hat JBoss Enterprise Application Platform :None.asap-2.0.6",
"Red Hat JBoss Enterprise Application Platform :None.asn1-0.2.4",
"Red Hat JBoss Enterprise Application Platform :None.assert-plus-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.assign-symbols-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.astral-regex-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.async-1.5.2",
"Red Hat JBoss Enterprise Application Platform :None.async-2.6.2",
"Red Hat JBoss Enterprise Application Platform :None.asynckit-0.4.0",
"Red Hat JBoss Enterprise Application Platform :None.atob-2.1.2",
"Red Hat JBoss Enterprise Application Platform :None.autocompleter-4.0.2",
"Red Hat JBoss Enterprise Application Platform :None.autoprefixer-9.6.0",
"Red Hat JBoss Enterprise Application Platform :None.aws-sign2-0.7.0",
"Red Hat JBoss Enterprise Application Platform :None.aws4-1.8.0",
"Red Hat JBoss Enterprise Application Platform :None.babel-code-frame-6.26.0",
"Red Hat JBoss Enterprise Application Platform :None.babel-generator-6.26.1",
"Red Hat JBoss Enterprise Application Platform :None.babel-messages-6.23.0",
"Red Hat JBoss Enterprise Application Platform :None.babel-runtime-6.26.0",
"Red Hat JBoss Enterprise Application Platform :None.babel-traverse-6.26.0",
"Red Hat JBoss Enterprise Application Platform :None.babel-types-6.26.0",
"Red Hat JBoss Enterprise Application Platform :None.babylon-6.18.0",
"Red Hat JBoss Enterprise Application Platform :None.bail-1.0.4",
"Red Hat JBoss Enterprise Application Platform :None.balanced-match-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.base-0.11.2",
"Red Hat JBoss Enterprise Application Platform :None.bcrypt-pbkdf-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.body-5.1.0",
"Red Hat JBoss Enterprise Application Platform :None.boolbase-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-3.3.7",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-3.4.1",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-datepicker-1.8.0",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-datepicker-1.9.0",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-sass-3.4.1",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-select-1.12.2",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-select-1.13.10",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-slider-10.6.1",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-slider-9.10.0",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-switch-3.3.4",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-switch-3.3.5",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-touchspin-3.1.1",
"Red Hat JBoss Enterprise Application Platform :None.brace-expansion-1.1.11",
"Red Hat JBoss Enterprise Application Platform :None.braces-2.3.2",
"Red Hat JBoss Enterprise Application Platform :None.braces-3.0.2",
"Red Hat JBoss Enterprise Application Platform :None.browserslist-4.6.3",
"Red Hat JBoss Enterprise Application Platform :None.buffer-from-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.bytes-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.c3-0.4.23",
"Red Hat JBoss Enterprise Application Platform :None.c3-0.7.1",
"Red Hat JBoss Enterprise Application Platform :None.cache-base-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.call-me-maybe-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.caller-callsite-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.caller-path-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.callsites-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.camelcase-2.1.1",
"Red Hat JBoss Enterprise Application Platform :None.camelcase-4.1.0",
"Red Hat JBoss Enterprise Application Platform :None.camelcase-keys-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.camelcase-keys-4.2.0",
"Red Hat JBoss Enterprise Application Platform :None.caniuse-lite-1.0.30000978",
"Red Hat JBoss Enterprise Application Platform :None.caseless-0.12.0",
"Red Hat JBoss Enterprise Application Platform :None.ccount-1.0.4",
"Red Hat JBoss Enterprise Application Platform :None.chalk-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.chalk-2.4.2",
"Red Hat JBoss Enterprise Application Platform :None.character-entities-1.2.3",
"Red Hat JBoss Enterprise Application Platform :None.character-entities-html4-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.character-entities-legacy-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.character-reference-invalid-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.cheerio-0.20.0",
"Red Hat JBoss Enterprise Application Platform :None.cheerio-1.0.0-rc.2",
"Red Hat JBoss Enterprise Application Platform :None.chownr-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.class-utils-0.3.6",
"Red Hat JBoss Enterprise Application Platform :None.clean-css-4.2.1",
"Red Hat JBoss Enterprise Application Platform :None.clipboard-2.0.11",
"Red Hat JBoss Enterprise Application Platform :None.clone-2.1.2",
"Red Hat JBoss Enterprise Application Platform :None.clone-buffer-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.clone-regexp-2.2.0",
"Red Hat JBoss Enterprise Application Platform :None.code-point-at-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.coffeescript-1.10.0",
"Red Hat JBoss Enterprise Application Platform :None.collapse-white-space-1.0.5",
"Red Hat JBoss Enterprise Application Platform :None.collection-visit-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.color-convert-1.9.3",
"Red Hat JBoss Enterprise Application Platform :None.color-logger-0.0.3",
"Red Hat JBoss Enterprise Application Platform :None.color-logger-0.0.6",
"Red Hat JBoss Enterprise Application Platform :None.color-name-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.colors-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.combined-stream-1.0.8",
"Red Hat JBoss Enterprise Application Platform :None.commander-2.20.0",
"Red Hat JBoss Enterprise Application Platform :None.component-emitter-1.3.0",
"Red Hat JBoss Enterprise Application Platform :None.concat-map-0.0.1",
"Red Hat JBoss Enterprise Application Platform :None.console-control-strings-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.continuable-cache-0.3.1",
"Red Hat JBoss Enterprise Application Platform :None.convert-source-map-1.6.0",
"Red Hat JBoss Enterprise Application Platform :None.copy-descriptor-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.core-js-0.9.18",
"Red Hat JBoss Enterprise Application Platform :None.core-js-2.6.9",
"Red Hat JBoss Enterprise Application Platform :None.core-util-is-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.cosmiconfig-5.2.1",
"Red Hat JBoss Enterprise Application Platform :None.css-2.2.4",
"Red Hat JBoss Enterprise Application Platform :None.css-parse-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.css-select-1.2.0",
"Red Hat JBoss Enterprise Application Platform :None.css-unit-converter-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.css-what-2.1.3",
"Red Hat JBoss Enterprise Application Platform :None.cssom-0.3.6",
"Red Hat JBoss Enterprise Application Platform :None.cssstyle-0.2.37",
"Red Hat JBoss Enterprise Application Platform :None.currently-unhandled-0.4.1",
"Red Hat JBoss Enterprise Application Platform :None.d3-3.5.17",
"Red Hat JBoss Enterprise Application Platform :None.d3-5.9.2",
"Red Hat JBoss Enterprise Application Platform :None.d3-array-1.2.4",
"Red Hat JBoss Enterprise Application Platform :None.d3-axis-1.0.12",
"Red Hat JBoss Enterprise Application Platform :None.d3-brush-1.0.6",
"Red Hat JBoss Enterprise Application Platform :None.d3-chord-1.0.6",
"Red Hat JBoss Enterprise Application Platform :None.d3-collection-1.0.7",
"Red Hat JBoss Enterprise Application Platform :None.d3-color-1.2.3",
"Red Hat JBoss Enterprise Application Platform :None.d3-contour-1.3.2",
"Red Hat JBoss Enterprise Application Platform :None.d3-dispatch-1.0.5",
"Red Hat JBoss Enterprise Application Platform :None.d3-drag-1.2.3",
"Red Hat JBoss Enterprise Application Platform :None.d3-dsv-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.d3-ease-1.0.5",
"Red Hat JBoss Enterprise Application Platform :None.d3-fetch-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.d3-force-1.2.1",
"Red Hat JBoss Enterprise Application Platform :None.d3-format-1.3.2",
"Red Hat JBoss Enterprise Application Platform :None.d3-geo-1.11.6",
"Red Hat JBoss Enterprise Application Platform :None.d3-hierarchy-1.1.8",
"Red Hat JBoss Enterprise Application Platform :None.d3-interpolate-1.3.2",
"Red Hat JBoss Enterprise Application Platform :None.d3-path-1.0.7",
"Red Hat JBoss Enterprise Application Platform :None.d3-polygon-1.0.5",
"Red Hat JBoss Enterprise Application Platform :None.d3-quadtree-1.0.6",
"Red Hat JBoss Enterprise Application Platform :None.d3-random-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.d3-scale-2.2.2",
"Red Hat JBoss Enterprise Application Platform :None.d3-scale-chromatic-1.3.3",
"Red Hat JBoss Enterprise Application Platform :None.d3-selection-1.4.0",
"Red Hat JBoss Enterprise Application Platform :None.d3-shape-1.3.5",
"Red Hat JBoss Enterprise Application Platform :None.d3-time-1.0.11",
"Red Hat JBoss Enterprise Application Platform :None.d3-time-format-2.1.3",
"Red Hat JBoss Enterprise Application Platform :None.d3-timer-1.0.9",
"Red Hat JBoss Enterprise Application Platform :None.d3-transition-1.2.0",
"Red Hat JBoss Enterprise Application Platform :None.d3-voronoi-1.1.4",
"Red Hat JBoss Enterprise Application Platform :None.d3-zoom-1.7.3",
"Red Hat JBoss Enterprise Application Platform :None.dashdash-1.14.1",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-1.10.16",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-1.10.19",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-bs-1.10.16",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-buttons-1.5.6",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-colreorder-1.4.1",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-colreorder-bs-1.3.3",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-keytable-2.5.0",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-select-1.2.7",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-select-1.3.0",
"Red Hat JBoss Enterprise Application Platform :None.dateformat-1.0.12",
"Red Hat JBoss Enterprise Application Platform :None.debug-2.6.9",
"Red Hat JBoss Enterprise Application Platform :None.debug-3.2.6",
"Red Hat JBoss Enterprise Application Platform :None.debug-4.1.1",
"Red Hat JBoss Enterprise Application Platform :None.decamelize-1.2.0",
"Red Hat JBoss Enterprise Application Platform :None.decamelize-keys-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.decode-uri-component-0.2.0",
"Red Hat JBoss Enterprise Application Platform :None.deep-is-0.1.3",
"Red Hat JBoss Enterprise Application Platform :None.deferred-leveldown-5.0.1",
"Red Hat JBoss Enterprise Application Platform :None.define-property-0.2.5",
"Red Hat JBoss Enterprise Application Platform :None.define-property-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.define-property-2.0.2",
"Red Hat JBoss Enterprise Application Platform :None.delayed-stream-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.delegate-3.2.0",
"Red Hat JBoss Enterprise Application Platform :None.delegates-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.detect-file-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.detect-indent-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.diff-3.5.0",
"Red Hat JBoss Enterprise Application Platform :None.dir-glob-2.2.2",
"Red Hat JBoss Enterprise Application Platform :None.dom-serializer-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.domelementtype-1.3.1",
"Red Hat JBoss Enterprise Application Platform :None.domhandler-2.3.0",
"Red Hat JBoss Enterprise Application Platform :None.domhandler-2.4.2",
"Red Hat JBoss Enterprise Application Platform :None.domutils-1.5.1",
"Red Hat JBoss Enterprise Application Platform :None.dot-prop-4.2.0",
"Red Hat JBoss Enterprise Application Platform :None.double-ended-queue-2.1.0-0",
"Red Hat JBoss Enterprise Application Platform :None.drmonty-datatables-colvis-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.duplexer-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.ecc-jsbn-0.1.2",
"Red Hat JBoss Enterprise Application Platform :None.electron-to-chromium-1.3.174",
"Red Hat JBoss Enterprise Application Platform :None.emoji-regex-7.0.3",
"Red Hat JBoss Enterprise Application Platform :None.emoji-regex-8.0.0",
"Red Hat JBoss Enterprise Application Platform :None.encoding-down-6.1.0",
"Red Hat JBoss Enterprise Application Platform :None.end-stream-0.1.0",
"Red Hat JBoss Enterprise Application Platform :None.entities-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.entities-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.env-paths-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.eonasdan-bootstrap-datetimepicker-4.17.47",
"Red Hat JBoss Enterprise Application Platform :None.errno-0.1.7",
"Red Hat JBoss Enterprise Application Platform :None.error-7.0.2",
"Red Hat JBoss Enterprise Application Platform :None.error-ex-1.3.2",
"Red Hat JBoss Enterprise Application Platform :None.es6-denodeify-0.1.5",
"Red Hat JBoss Enterprise Application Platform :None.escape-html-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.escape-html-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.escape-string-regexp-1.0.5",
"Red Hat JBoss Enterprise Application Platform :None.escodegen-1.11.1",
"Red Hat JBoss Enterprise Application Platform :None.escodegen-1.7.0",
"Red Hat JBoss Enterprise Application Platform :None.esdoc-0.4.8",
"Red Hat JBoss Enterprise Application Platform :None.esdoc-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.espree-2.2.0",
"Red Hat JBoss Enterprise Application Platform :None.esprima-1.2.5",
"Red Hat JBoss Enterprise Application Platform :None.esprima-3.1.3",
"Red Hat JBoss Enterprise Application Platform :None.esprima-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.estraverse-1.9.3",
"Red Hat JBoss Enterprise Application Platform :None.estraverse-4.1.0",
"Red Hat JBoss Enterprise Application Platform :None.estraverse-4.2.0",
"Red Hat JBoss Enterprise Application Platform :None.esutils-2.0.2",
"Red Hat JBoss Enterprise Application Platform :None.eventemitter2-0.4.14",
"Red Hat JBoss Enterprise Application Platform :None.execall-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.exit-0.1.2",
"Red Hat JBoss Enterprise Application Platform :None.expand-brackets-2.1.4",
"Red Hat JBoss Enterprise Application Platform :None.expand-tilde-2.0.2",
"Red Hat JBoss Enterprise Application Platform :None.extend-3.0.2",
"Red Hat JBoss Enterprise Application Platform :None.extend-shallow-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.extend-shallow-3.0.2",
"Red Hat JBoss Enterprise Application Platform :None.extglob-2.0.4",
"Red Hat JBoss Enterprise Application Platform :None.extsprintf-1.3.0",
"Red Hat JBoss Enterprise Application Platform :None.fast-deep-equal-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.fast-future-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.fast-glob-2.2.7",
"Red Hat JBoss Enterprise Application Platform :None.fast-json-stable-stringify-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.fast-levenshtein-1.0.7",
"Red Hat JBoss Enterprise Application Platform :None.fast-levenshtein-2.0.6",
"Red Hat JBoss Enterprise Application Platform :None.faye-websocket-0.10.0",
"Red Hat JBoss Enterprise Application Platform :None.fetch-cookie-0.7.0",
"Red Hat JBoss Enterprise Application Platform :None.figures-1.7.0",
"Red Hat JBoss Enterprise Application Platform :None.file-entry-cache-5.0.1",
"Red Hat JBoss Enterprise Application Platform :None.file-sync-cmp-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.fill-range-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.fill-range-7.0.1",
"Red Hat JBoss Enterprise Application Platform :None.find-up-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.find-up-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.findup-sync-0.3.0",
"Red Hat JBoss Enterprise Application Platform :None.findup-sync-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.fined-1.2.0",
"Red Hat JBoss Enterprise Application Platform :None.flagged-respawn-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.flat-cache-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.flatted-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.font-awesome-4.7.0",
"Red Hat JBoss Enterprise Application Platform :None.font-awesome-sass-4.7.0",
"Red Hat JBoss Enterprise Application Platform :None.for-in-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.for-own-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.forever-agent-0.6.1",
"Red Hat JBoss Enterprise Application Platform :None.form-data-2.3.3",
"Red Hat JBoss Enterprise Application Platform :None.fragment-cache-0.2.1",
"Red Hat JBoss Enterprise Application Platform :None.fs-extra-0.26.5",
"Red Hat JBoss Enterprise Application Platform :None.fs-extra-5.0.0",
"Red Hat JBoss Enterprise Application Platform :None.fs-minipass-1.2.6",
"Red Hat JBoss Enterprise Application Platform :None.fs.realpath-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.gauge-2.7.4",
"Red Hat JBoss Enterprise Application Platform :None.gaze-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.get-stdin-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.get-stdin-7.0.0",
"Red Hat JBoss Enterprise Application Platform :None.get-value-2.0.6",
"Red Hat JBoss Enterprise Application Platform :None.getobject-0.1.0",
"Red Hat JBoss Enterprise Application Platform :None.getpass-0.1.7",
"Red Hat JBoss Enterprise Application Platform :None.glob-5.0.15",
"Red Hat JBoss Enterprise Application Platform :None.glob-7.0.6",
"Red Hat JBoss Enterprise Application Platform :None.glob-7.1.4",
"Red Hat JBoss Enterprise Application Platform :None.glob-parent-3.1.0",
"Red Hat JBoss Enterprise Application Platform :None.glob-to-regexp-0.3.0",
"Red Hat JBoss Enterprise Application Platform :None.global-modules-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.global-modules-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.global-prefix-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.global-prefix-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.globals-11.12.0",
"Red Hat JBoss Enterprise Application Platform :None.globals-9.18.0",
"Red Hat JBoss Enterprise Application Platform :None.globby-9.2.0",
"Red Hat JBoss Enterprise Application Platform :None.globjoin-0.1.4",
"Red Hat JBoss Enterprise Application Platform :None.globule-1.2.1",
"Red Hat JBoss Enterprise Application Platform :None.gonzales-pe-4.2.4",
"Red Hat JBoss Enterprise Application Platform :None.good-listener-1.2.2",
"Red Hat JBoss Enterprise Application Platform :None.google-code-prettify-1.0.5",
"Red Hat JBoss Enterprise Application Platform :None.graceful-fs-4.1.15",
"Red Hat JBoss Enterprise Application Platform :None.grunt-1.0.4",
"Red Hat JBoss Enterprise Application Platform :None.grunt-cli-1.2.0",
"Red Hat JBoss Enterprise Application Platform :None.grunt-cli-1.3.2",
"Red Hat JBoss Enterprise Application Platform :None.grunt-contrib-clean-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.grunt-contrib-concat-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.grunt-contrib-copy-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.grunt-contrib-cssmin-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.grunt-contrib-less-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.grunt-contrib-watch-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.grunt-css-count-0.3.2",
"Red Hat JBoss Enterprise Application Platform :None.grunt-esdoc-0.0.4",
"Red Hat JBoss Enterprise Application Platform :None.grunt-known-options-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.grunt-legacy-log-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.grunt-legacy-log-utils-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.grunt-legacy-util-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.grunt-postcss-0.9.0",
"Red Hat JBoss Enterprise Application Platform :None.grunt-stylelint-0.11.0",
"Red Hat JBoss Enterprise Application Platform :None.gzip-size-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.har-schema-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.har-validator-5.1.3",
"Red Hat JBoss Enterprise Application Platform :None.has-ansi-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.has-flag-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.has-unicode-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.has-value-0.3.1",
"Red Hat JBoss Enterprise Application Platform :None.has-value-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.has-values-0.1.4",
"Red Hat JBoss Enterprise Application Platform :None.has-values-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.homedir-polyfill-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.hooker-0.2.3",
"Red Hat JBoss Enterprise Application Platform :None.hosted-git-info-2.7.1",
"Red Hat JBoss Enterprise Application Platform :None.html-tags-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.htmlparser2-3.10.1",
"Red Hat JBoss Enterprise Application Platform :None.htmlparser2-3.8.3",
"Red Hat JBoss Enterprise Application Platform :None.http-parser-js-0.4.10",
"Red Hat JBoss Enterprise Application Platform :None.http-signature-1.2.0",
"Red Hat JBoss Enterprise Application Platform :None.ice-cap-0.0.4",
"Red Hat JBoss Enterprise Application Platform :None.iconv-lite-0.4.24",
"Red Hat JBoss Enterprise Application Platform :None.ignore-4.0.6",
"Red Hat JBoss Enterprise Application Platform :None.ignore-5.1.2",
"Red Hat JBoss Enterprise Application Platform :None.image-size-0.5.5",
"Red Hat JBoss Enterprise Application Platform :None.immediate-3.0.6",
"Red Hat JBoss Enterprise Application Platform :None.immediate-3.2.3",
"Red Hat JBoss Enterprise Application Platform :None.import-fresh-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.import-lazy-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.imurmurhash-0.1.4",
"Red Hat JBoss Enterprise Application Platform :None.indent-string-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.indent-string-3.2.0",
"Red Hat JBoss Enterprise Application Platform :None.indexes-of-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.inflight-1.0.6",
"Red Hat JBoss Enterprise Application Platform :None.inherits-2.0.3",
"Red Hat JBoss Enterprise Application Platform :None.ini-1.3.5",
"Red Hat JBoss Enterprise Application Platform :None.interpret-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.invariant-2.2.4",
"Red Hat JBoss Enterprise Application Platform :None.is-absolute-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-accessor-descriptor-0.1.6",
"Red Hat JBoss Enterprise Application Platform :None.is-accessor-descriptor-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-alphabetical-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.is-alphanumeric-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-alphanumerical-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.is-arrayish-0.2.1",
"Red Hat JBoss Enterprise Application Platform :None.is-buffer-1.1.6",
"Red Hat JBoss Enterprise Application Platform :None.is-buffer-2.0.3",
"Red Hat JBoss Enterprise Application Platform :None.is-data-descriptor-0.1.4",
"Red Hat JBoss Enterprise Application Platform :None.is-data-descriptor-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-decimal-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.is-descriptor-0.1.6",
"Red Hat JBoss Enterprise Application Platform :None.is-descriptor-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.is-directory-0.3.1",
"Red Hat JBoss Enterprise Application Platform :None.is-extendable-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.is-extendable-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.is-extglob-2.1.1",
"Red Hat JBoss Enterprise Application Platform :None.is-finite-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.is-fullwidth-code-point-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-fullwidth-code-point-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-fullwidth-code-point-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-glob-3.1.0",
"Red Hat JBoss Enterprise Application Platform :None.is-glob-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.is-hexadecimal-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.is-number-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-number-7.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-obj-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.is-plain-obj-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.is-plain-object-2.0.4",
"Red Hat JBoss Enterprise Application Platform :None.is-regexp-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.is-relative-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-typedarray-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-unc-path-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-utf8-0.2.1",
"Red Hat JBoss Enterprise Application Platform :None.is-whitespace-character-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.is-windows-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.is-word-character-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.isarray-0.0.1",
"Red Hat JBoss Enterprise Application Platform :None.isarray-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.isexe-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.isobject-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.isobject-3.0.1",
"Red Hat JBoss Enterprise Application Platform :None.isstream-0.1.2",
"Red Hat JBoss Enterprise Application Platform :None.jansi.dll-None",
"Red Hat JBoss Enterprise Application Platform :None.jboss-eap-7.4.7-runtime-maven-repository.zip-None",
"Red Hat JBoss Enterprise Application Platform :None.jquery-3.2.1",
"Red Hat JBoss Enterprise Application Platform :None.jquery-3.4.1",
"Red Hat JBoss Enterprise Application Platform :None.jquery-match-height-0.7.2",
"Red Hat JBoss Enterprise Application Platform :None.js-cookie-2.2.0",
"Red Hat JBoss Enterprise Application Platform :None.js-tokens-3.0.2",
"Red Hat JBoss Enterprise Application Platform :None.js-tokens-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.js-yaml-3.13.1",
"Red Hat JBoss Enterprise Application Platform :None.jsbn-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.jsdom-7.2.2",
"Red Hat JBoss Enterprise Application Platform :None.jsesc-1.3.0",
"Red Hat JBoss Enterprise Application Platform :None.jsesc-2.5.2",
"Red Hat JBoss Enterprise Application Platform :None.json-parse-better-errors-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.json-schema-0.2.3",
"Red Hat JBoss Enterprise Application Platform :None.json-schema-traverse-0.4.1",
"Red Hat JBoss Enterprise Application Platform :None.json-stringify-safe-5.0.1",
"Red Hat JBoss Enterprise Application Platform :None.json5-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.jsonfile-2.4.0",
"Red Hat JBoss Enterprise Application Platform :None.jsonfile-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.jsprim-1.4.1",
"Red Hat JBoss Enterprise Application Platform :None.jstree-3.3.8",
"Red Hat JBoss Enterprise Application Platform :None.kind-of-3.2.2",
"Red Hat JBoss Enterprise Application Platform :None.kind-of-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.kind-of-5.1.0",
"Red Hat JBoss Enterprise Application Platform :None.kind-of-6.0.2",
"Red Hat JBoss Enterprise Application Platform :None.klaw-1.3.1",
"Red Hat JBoss Enterprise Application Platform :None.known-css-properties-0.14.0",
"Red Hat JBoss Enterprise Application Platform :None.less-3.9.0",
"Red Hat JBoss Enterprise Application Platform :None.level-5.0.1",
"Red Hat JBoss Enterprise Application Platform :None.level-codec-9.0.1",
"Red Hat JBoss Enterprise Application Platform :None.level-concat-iterator-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.level-errors-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.level-iterator-stream-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.level-js-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.level-packager-5.0.2",
"Red Hat JBoss Enterprise Application Platform :None.level-write-stream-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.leveldown-5.0.2",
"Red Hat JBoss Enterprise Application Platform :None.levelup-4.0.2",
"Red Hat JBoss Enterprise Application Platform :None.leven-3.1.0",
"Red Hat JBoss Enterprise Application Platform :None.levn-0.2.5",
"Red Hat JBoss Enterprise Application Platform :None.levn-0.3.0",
"Red Hat JBoss Enterprise Application Platform :None.libjansi.so-None",
"Red Hat JBoss Enterprise Application Platform :None.libnetty_transport_native_epoll_x86_64.so-None",
"Red Hat JBoss Enterprise Application Platform :None.liftoff-2.5.0",
"Red Hat JBoss Enterprise Application Platform :None.livereload-js-2.4.0",
"Red Hat JBoss Enterprise Application Platform :None.load-json-file-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.load-json-file-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.locate-path-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.lodash-4.17.11",
"Red Hat JBoss Enterprise Application Platform :None.log-symbols-2.2.0",
"Red Hat JBoss Enterprise Application Platform :None.log-symbols-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.longest-streak-2.0.3",
"Red Hat JBoss Enterprise Application Platform :None.loose-envify-1.4.0",
"Red Hat JBoss Enterprise Application Platform :None.loud-rejection-1.6.0",
"Red Hat JBoss Enterprise Application Platform :None.ltgt-2.2.1",
"Red Hat JBoss Enterprise Application Platform :None.make-iterator-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.map-cache-0.2.2",
"Red Hat JBoss Enterprise Application Platform :None.map-obj-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.map-obj-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.map-visit-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.markdown-escapes-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.markdown-table-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.marked-0.3.19",
"Red Hat JBoss Enterprise Application Platform :None.marked-0.3.5",
"Red Hat JBoss Enterprise Application Platform :None.marked-0.7.0",
"Red Hat JBoss Enterprise Application Platform :None.matchdep-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.mathml-tag-names-2.1.1",
"Red Hat JBoss Enterprise Application Platform :None.maxmin-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.mdast-util-compact-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.meow-3.7.0",
"Red Hat JBoss Enterprise Application Platform :None.meow-5.0.0",
"Red Hat JBoss Enterprise Application Platform :None.merge2-1.2.3",
"Red Hat JBoss Enterprise Application Platform :None.micromatch-3.1.10",
"Red Hat JBoss Enterprise Application Platform :None.micromatch-4.0.2",
"Red Hat JBoss Enterprise Application Platform :None.mime-1.6.0",
"Red Hat JBoss Enterprise Application Platform :None.mime-db-1.40.0",
"Red Hat JBoss Enterprise Application Platform :None.mime-types-2.1.24",
"Red Hat JBoss Enterprise Application Platform :None.minimatch-3.0.4",
"Red Hat JBoss Enterprise Application Platform :None.minimist-0.0.8",
"Red Hat JBoss Enterprise Application Platform :None.minimist-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.minimist-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.minimist-1.2.6",
"Red Hat JBoss Enterprise Application Platform :None.minimist-options-3.0.2",
"Red Hat JBoss Enterprise Application Platform :None.minipass-2.3.5",
"Red Hat JBoss Enterprise Application Platform :None.minizlib-1.2.1",
"Red Hat JBoss Enterprise Application Platform :None.mixin-deep-1.3.2",
"Red Hat JBoss Enterprise Application Platform :None.mkdirp-0.5.1",
"Red Hat JBoss Enterprise Application Platform :None.moment-2.29.4",
"Red Hat JBoss Enterprise Application Platform :None.moment-timezone-0.4.1",
"Red Hat JBoss Enterprise Application Platform :None.ms-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.ms-2.1.2",
"Red Hat JBoss Enterprise Application Platform :None.nanomatch-1.2.13",
"Red Hat JBoss Enterprise Application Platform :None.napi-macros-1.8.2",
"Red Hat JBoss Enterprise Application Platform :None.node-fetch-2.4.1",
"Red Hat JBoss Enterprise Application Platform :None.node-gyp-5.0.1",
"Red Hat JBoss Enterprise Application Platform :None.node-gyp-build-3.8.0",
"Red Hat JBoss Enterprise Application Platform :None.node-releases-1.1.23",
"Red Hat JBoss Enterprise Application Platform :None.nopt-3.0.6",
"Red Hat JBoss Enterprise Application Platform :None.nopt-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.normalize-package-data-2.5.0",
"Red Hat JBoss Enterprise Application Platform :None.normalize-range-0.1.2",
"Red Hat JBoss Enterprise Application Platform :None.normalize-selector-0.2.0",
"Red Hat JBoss Enterprise Application Platform :None.npmlog-4.1.2",
"Red Hat JBoss Enterprise Application Platform :None.nth-check-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.num2fraction-1.2.2",
"Red Hat JBoss Enterprise Application Platform :None.number-is-nan-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.nwmatcher-1.4.4",
"Red Hat JBoss Enterprise Application Platform :None.oauth-sign-0.9.0",
"Red Hat JBoss Enterprise Application Platform :None.object-assign-4.1.1",
"Red Hat JBoss Enterprise Application Platform :None.object-copy-0.1.0",
"Red Hat JBoss Enterprise Application Platform :None.object-visit-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.object.defaults-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.object.map-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.object.pick-1.3.0",
"Red Hat JBoss Enterprise Application Platform :None.once-1.4.0",
"Red Hat JBoss Enterprise Application Platform :None.opencollective-postinstall-2.0.2",
"Red Hat JBoss Enterprise Application Platform :None.optionator-0.5.0",
"Red Hat JBoss Enterprise Application Platform :None.optionator-0.8.2",
"Red Hat JBoss Enterprise Application Platform :None.os-homedir-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.os-tmpdir-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.osenv-0.1.5",
"Red Hat JBoss Enterprise Application Platform :None.p-limit-1.3.0",
"Red Hat JBoss Enterprise Application Platform :None.p-locate-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.p-try-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.parse-entities-1.2.2",
"Red Hat JBoss Enterprise Application Platform :None.parse-filepath-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.parse-json-2.2.0",
"Red Hat JBoss Enterprise Application Platform :None.parse-json-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.parse-passwd-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.parse5-1.5.1",
"Red Hat JBoss Enterprise Application Platform :None.parse5-3.0.3",
"Red Hat JBoss Enterprise Application Platform :None.pascalcase-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.path-dirname-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.path-exists-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.path-exists-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.path-is-absolute-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.path-parse-1.0.6",
"Red Hat JBoss Enterprise Application Platform :None.path-root-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.path-root-regex-0.1.2",
"Red Hat JBoss Enterprise Application Platform :None.path-type-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.path-type-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.patternfly-3.59.2",
"Red Hat JBoss Enterprise Application Platform :None.patternfly-bootstrap-combobox-1.1.7",
"Red Hat JBoss Enterprise Application Platform :None.patternfly-bootstrap-treeview-2.1.5",
"Red Hat JBoss Enterprise Application Platform :None.performance-now-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.picomatch-2.0.7",
"Red Hat JBoss Enterprise Application Platform :None.pify-2.3.0",
"Red Hat JBoss Enterprise Application Platform :None.pify-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.pify-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.pinkie-2.0.4",
"Red Hat JBoss Enterprise Application Platform :None.pinkie-promise-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.pixrem-5.0.0",
"Red Hat JBoss Enterprise Application Platform :None.pom.xml-None",
"Red Hat JBoss Enterprise Application Platform :None.posix-character-classes-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.postcss-6.0.23",
"Red Hat JBoss Enterprise Application Platform :None.postcss-7.0.17",
"Red Hat JBoss Enterprise Application Platform :None.postcss-html-0.36.0",
"Red Hat JBoss Enterprise Application Platform :None.postcss-jsx-0.36.1",
"Red Hat JBoss Enterprise Application Platform :None.postcss-less-3.1.4",
"Red Hat JBoss Enterprise Application Platform :None.postcss-markdown-0.36.0",
"Red Hat JBoss Enterprise Application Platform :None.postcss-media-query-parser-0.2.3",
"Red Hat JBoss Enterprise Application Platform :None.postcss-reporter-6.0.1",
"Red Hat JBoss Enterprise Application Platform :None.postcss-resolve-nested-selector-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.postcss-safe-parser-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.postcss-sass-0.3.5",
"Red Hat JBoss Enterprise Application Platform :None.postcss-scss-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.postcss-selector-parser-3.1.1",
"Red Hat JBoss Enterprise Application Platform :None.postcss-syntax-0.36.2",
"Red Hat JBoss Enterprise Application Platform :None.postcss-value-parser-3.3.1",
"Red Hat JBoss Enterprise Application Platform :None.pouchdb-7.1.1",
"Red Hat JBoss Enterprise Application Platform :None.prelude-ls-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.pretty-bytes-3.0.1",
"Red Hat JBoss Enterprise Application Platform :None.process-nextick-args-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.promise-7.3.1",
"Red Hat JBoss Enterprise Application Platform :None.promise-polyfill-8.1.3",
"Red Hat JBoss Enterprise Application Platform :None.prr-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.psl-1.1.33",
"Red Hat JBoss Enterprise Application Platform :None.punycode-1.4.1",
"Red Hat JBoss Enterprise Application Platform :None.punycode-2.1.1",
"Red Hat JBoss Enterprise Application Platform :None.qs-6.5.2",
"Red Hat JBoss Enterprise Application Platform :None.quick-lru-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.raw-body-1.1.7",
"Red Hat JBoss Enterprise Application Platform :None.read-pkg-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.read-pkg-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.read-pkg-up-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.read-pkg-up-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.readable-stream-0.0.4",
"Red Hat JBoss Enterprise Application Platform :None.readable-stream-1.0.33",
"Red Hat JBoss Enterprise Application Platform :None.readable-stream-1.1.14",
"Red Hat JBoss Enterprise Application Platform :None.readable-stream-2.3.6",
"Red Hat JBoss Enterprise Application Platform :None.readable-stream-3.4.0",
"Red Hat JBoss Enterprise Application Platform :None.rechoir-0.6.2",
"Red Hat JBoss Enterprise Application Platform :None.redent-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.redent-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.reduce-css-calc-2.1.6",
"Red Hat JBoss Enterprise Application Platform :None.regenerator-runtime-0.11.1",
"Red Hat JBoss Enterprise Application Platform :None.regex-not-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.remark-10.0.1",
"Red Hat JBoss Enterprise Application Platform :None.remark-parse-6.0.3",
"Red Hat JBoss Enterprise Application Platform :None.remark-stringify-6.0.4",
"Red Hat JBoss Enterprise Application Platform :None.repeat-element-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.repeat-string-1.6.1",
"Red Hat JBoss Enterprise Application Platform :None.repeating-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.replace-ext-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.request-2.88.0",
"Red Hat JBoss Enterprise Application Platform :None.resolve-1.1.7",
"Red Hat JBoss Enterprise Application Platform :None.resolve-1.11.1",
"Red Hat JBoss Enterprise Application Platform :None.resolve-dir-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.resolve-from-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.resolve-from-5.0.0",
"Red Hat JBoss Enterprise Application Platform :None.resolve-url-0.2.1",
"Red Hat JBoss Enterprise Application Platform :None.ret-0.1.15",
"Red Hat JBoss Enterprise Application Platform :None.rimraf-2.6.3",
"Red Hat JBoss Enterprise Application Platform :None.rw-1.3.3",
"Red Hat JBoss Enterprise Application Platform :None.safe-buffer-5.1.2",
"Red Hat JBoss Enterprise Application Platform :None.safe-json-parse-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.safe-regex-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.safer-buffer-2.1.2",
"Red Hat JBoss Enterprise Application Platform :None.sax-1.2.4",
"Red Hat JBoss Enterprise Application Platform :None.select-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.semver-5.3.0",
"Red Hat JBoss Enterprise Application Platform :None.semver-5.7.0",
"Red Hat JBoss Enterprise Application Platform :None.set-blocking-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.set-value-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.signal-exit-3.0.2",
"Red Hat JBoss Enterprise Application Platform :None.slash-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.slash-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.slice-ansi-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.snapdragon-0.8.2",
"Red Hat JBoss Enterprise Application Platform :None.snapdragon-node-2.1.1",
"Red Hat JBoss Enterprise Application Platform :None.snapdragon-util-3.0.1",
"Red Hat JBoss Enterprise Application Platform :None.source-map-0.2.0",
"Red Hat JBoss Enterprise Application Platform :None.source-map-0.5.7",
"Red Hat JBoss Enterprise Application Platform :None.source-map-0.6.1",
"Red Hat JBoss Enterprise Application Platform :None.source-map-resolve-0.5.2",
"Red Hat JBoss Enterprise Application Platform :None.source-map-url-0.4.0",
"Red Hat JBoss Enterprise Application Platform :None.spark-md5-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.spdx-correct-3.1.0",
"Red Hat JBoss Enterprise Application Platform :None.spdx-exceptions-2.2.0",
"Red Hat JBoss Enterprise Application Platform :None.spdx-expression-parse-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.spdx-license-ids-3.0.4",
"Red Hat JBoss Enterprise Application Platform :None.specificity-0.4.1",
"Red Hat JBoss Enterprise Application Platform :None.split-string-3.1.0",
"Red Hat JBoss Enterprise Application Platform :None.sprintf-js-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.sprintf-js-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.sshpk-1.16.1",
"Red Hat JBoss Enterprise Application Platform :None.stack-trace-0.0.10",
"Red Hat JBoss Enterprise Application Platform :None.state-toggle-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.static-extend-0.1.2",
"Red Hat JBoss Enterprise Application Platform :None.string-template-0.2.1",
"Red Hat JBoss Enterprise Application Platform :None.string-width-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.string-width-3.1.0",
"Red Hat JBoss Enterprise Application Platform :None.string-width-4.1.0",
"Red Hat JBoss Enterprise Application Platform :None.string_decoder-0.10.31",
"Red Hat JBoss Enterprise Application Platform :None.string_decoder-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.stringify-entities-1.3.2",
"Red Hat JBoss Enterprise Application Platform :None.strip-ansi-3.0.1",
"Red Hat JBoss Enterprise Application Platform :None.strip-ansi-5.2.0",
"Red Hat JBoss Enterprise Application Platform :None.strip-bom-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.strip-bom-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.strip-indent-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.strip-indent-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.style-search-0.1.0",
"Red Hat JBoss Enterprise Application Platform :None.stylelint-10.1.0",
"Red Hat JBoss Enterprise Application Platform :None.sugarss-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.supports-color-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.supports-color-5.5.0",
"Red Hat JBoss Enterprise Application Platform :None.supports-color-6.1.0",
"Red Hat JBoss Enterprise Application Platform :None.svg-tags-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.symbol-tree-3.2.4",
"Red Hat JBoss Enterprise Application Platform :None.table-5.4.1",
"Red Hat JBoss Enterprise Application Platform :None.taffydb-2.7.2",
"Red Hat JBoss Enterprise Application Platform :None.taffydb-2.7.3",
"Red Hat JBoss Enterprise Application Platform :None.tar-4.4.10",
"Red Hat JBoss Enterprise Application Platform :None.through2-3.0.1",
"Red Hat JBoss Enterprise Application Platform :None.tiny-emitter-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.tiny-lr-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.to-fast-properties-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.to-fast-properties-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.to-object-path-0.3.0",
"Red Hat JBoss Enterprise Application Platform :None.to-regex-3.0.2",
"Red Hat JBoss Enterprise Application Platform :None.to-regex-range-2.1.1",
"Red Hat JBoss Enterprise Application Platform :None.to-regex-range-5.0.1",
"Red Hat JBoss Enterprise Application Platform :None.tough-cookie-2.4.3",
"Red Hat JBoss Enterprise Application Platform :None.tough-cookie-2.5.0",
"Red Hat JBoss Enterprise Application Platform :None.tr46-0.0.3",
"Red Hat JBoss Enterprise Application Platform :None.trim-0.0.1",
"Red Hat JBoss Enterprise Application Platform :None.trim-newlines-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.trim-newlines-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.trim-right-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.trim-trailing-lines-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.trough-1.0.4",
"Red Hat JBoss Enterprise Application Platform :None.tunnel-agent-0.6.0",
"Red Hat JBoss Enterprise Application Platform :None.tweetnacl-0.14.5",
"Red Hat JBoss Enterprise Application Platform :None.type-check-0.3.2",
"Red Hat JBoss Enterprise Application Platform :None.typedarray-to-buffer-3.1.5",
"Red Hat JBoss Enterprise Application Platform :None.unc-path-regex-0.1.2",
"Red Hat JBoss Enterprise Application Platform :None.underscore.string-3.3.5",
"Red Hat JBoss Enterprise Application Platform :None.unherit-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.unified-7.1.0",
"Red Hat JBoss Enterprise Application Platform :None.union-value-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.uniq-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.unist-util-find-all-after-1.0.4",
"Red Hat JBoss Enterprise Application Platform :None.unist-util-is-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.unist-util-remove-position-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.unist-util-stringify-position-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.unist-util-visit-1.4.1",
"Red Hat JBoss Enterprise Application Platform :None.unist-util-visit-parents-2.1.2",
"Red Hat JBoss Enterprise Application Platform :None.universalify-0.1.2",
"Red Hat JBoss Enterprise Application Platform :None.unset-value-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.uri-js-4.2.2",
"Red Hat JBoss Enterprise Application Platform :None.urix-0.1.0",
"Red Hat JBoss Enterprise Application Platform :None.use-3.1.1",
"Red Hat JBoss Enterprise Application Platform :None.util-deprecate-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.uuid-3.2.1",
"Red Hat JBoss Enterprise Application Platform :None.uuid-3.3.2",
"Red Hat JBoss Enterprise Application Platform :None.v8flags-3.1.3",
"Red Hat JBoss Enterprise Application Platform :None.validate-npm-package-license-3.0.4",
"Red Hat JBoss Enterprise Application Platform :None.verror-1.10.0",
"Red Hat JBoss Enterprise Application Platform :None.vfile-3.0.1",
"Red Hat JBoss Enterprise Application Platform :None.vfile-location-2.0.5",
"Red Hat JBoss Enterprise Application Platform :None.vfile-message-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.vuvuzela-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.webidl-conversions-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.websocket-driver-0.7.3",
"Red Hat JBoss Enterprise Application Platform :None.websocket-extensions-0.1.3",
"Red Hat JBoss Enterprise Application Platform :None.whatwg-fetch-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.whatwg-url-compat-0.6.5",
"Red Hat JBoss Enterprise Application Platform :None.which-1.3.1",
"Red Hat JBoss Enterprise Application Platform :None.wide-align-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.wordwrap-0.0.3",
"Red Hat JBoss Enterprise Application Platform :None.wordwrap-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.wrappy-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.write-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.write-stream-0.4.3",
"Red Hat JBoss Enterprise Application Platform :None.x-is-string-0.1.0",
"Red Hat JBoss Enterprise Application Platform :None.xml-name-validator-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.xtend-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.yallist-3.0.3",
"Red Hat JBoss Enterprise Application Platform :None.yargs-parser-10.1.0",
"Red Hat JBoss Enterprise Application Platform :antlr.antlr-2.7.7.redhat-7.jar",
"Red Hat JBoss Enterprise Application Platform :antlr.antlr-2.7.7.redhat-7.pom",
"Red Hat JBoss Enterprise Application Platform :ch.qos.cal10n.cal10n-api-0.8.1.redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :ch.qos.cal10n.cal10n-api-0.8.1.redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.classmate-1.5.1.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.classmate-1.5.1.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-annotations-2.11.3.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-annotations-2.12.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-annotations-2.12.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-core-2.11.3.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-core-2.12.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-core-2.12.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-databind-2.11.3.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-databind-2.12.6.1-redhat-00004.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-databind-2.12.6.1-redhat-00004.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.datatype.jackson-datatype-jdk8-2.12.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.datatype.jackson-datatype-jdk8-2.12.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.datatype.jackson-datatype-jsr310-2.12.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.datatype.jackson-datatype-jsr310-2.12.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.jaxrs.jackson-jaxrs-base-2.12.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.jaxrs.jackson-jaxrs-base-2.12.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.jaxrs.jackson-jaxrs-json-provider-2.12.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.jaxrs.jackson-jaxrs-json-provider-2.12.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.module.jackson-module-jaxb-annotations-2.12.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.module.jackson-module-jaxb-annotations-2.12.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.woodstox.woodstox-core-6.0.3.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.github.ben-manes.caffeine.caffeine-2.8.8.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.github.fge.btf-1.2.0.redhat-00007.jar",
"Red Hat JBoss Enterprise Application Platform :com.github.fge.jackson-coreutils-1.8.0.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :com.github.fge.json-patch-1.9.0.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :com.github.fge.msg-simple-1.1.0.redhat-00007.jar",
"Red Hat JBoss Enterprise Application Platform :com.github.spullara.mustache.java.compiler-0.9.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.github.spullara.mustache.java.compiler-0.9.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.google.code.gson.gson-2.8.5.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.google.code.gson.gson-2.8.9.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.google.code.gson.gson-2.8.9.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.google.guava.failureaccess-1.0.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :com.google.guava.failureaccess-1.0.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :com.google.guava.guava-30.1.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.google.guava.guava-30.1.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.google.protobuf.protobuf-java-3.12.2.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :com.googlecode.javaewah.JavaEWAH-1.1.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.googlecode.javaewah.JavaEWAH-1.1.7.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.h2database.h2-1.4.197.redhat-00004.jar",
"Red Hat JBoss Enterprise Application Platform :com.h2database.h2-1.4.197.redhat-00004.pom",
"Red Hat JBoss Enterprise Application Platform :com.h2database.h2-1.4.197.redhat-00004.zip",
"Red Hat JBoss Enterprise Application Platform :com.microsoft.azure.azure-storage-8.6.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.microsoft.azure.azure-storage-8.6.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.squareup.protoparser-4.0.3.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.activation.jakarta.activation-1.2.2.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.activation.jakarta.activation-1.2.2.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.faces.jsf-impl-2.3.14.SP06-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.faces.jsf-impl-2.3.14.SP06-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.istack.istack-commons-runtime-3.0.10.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.istack.istack-commons-runtime-3.0.10.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.istack.istack-commons-tools-3.0.10.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.istack.istack-commons-tools-3.0.10.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.mail.jakarta.mail-1.6.5.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.mail.jakarta.mail-1.6.5.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.bind.external.relaxng-datatype-2.3.3.b02-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.bind.external.relaxng-datatype-2.3.3.b02-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.bind.external.rngom-2.3.3.b02-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.bind.external.rngom-2.3.3.b02-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.bind.jaxb.isorelax-20090621.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.fastinfoset.FastInfoset-1.2.13.redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.fastinfoset.FastInfoset-1.2.13.redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.messaging.saaj.saaj-impl-1.4.1.SP1-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.messaging.saaj.saaj-impl-1.4.1.SP1-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :commons-beanutils.commons-beanutils-1.9.4.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :commons-beanutils.commons-beanutils-1.9.4.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :commons-cli.commons-cli-1.2.0.redhat-10.pom",
"Red Hat JBoss Enterprise Application Platform :commons-cli.commons-cli-1.4.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :commons-cli.commons-cli-1.4.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :commons-codec.commons-codec-1.11.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :commons-codec.commons-codec-1.15.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :commons-codec.commons-codec-1.15.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :commons-collections.commons-collections-3.2.2.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :commons-collections.commons-collections-3.2.2.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :commons-io.commons-io-2.10.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :commons-io.commons-io-2.10.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :commons-io.commons-io-2.8.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :commons-lang.commons-lang-2.6.0.redhat-7.jar",
"Red Hat JBoss Enterprise Application Platform :commons-lang.commons-lang-2.6.0.redhat-7.pom",
"Red Hat JBoss Enterprise Application Platform :commons-logging.commons-logging-1.2.0.redhat-00004.pom",
"Red Hat JBoss Enterprise Application Platform :gnu.getopt.java-getopt-1.0.13.redhat-5.jar",
"Red Hat JBoss Enterprise Application Platform :gnu.getopt.java-getopt-1.0.13.redhat-5.pom",
"Red Hat JBoss Enterprise Application Platform :io.agroal.agroal-api-1.3.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.agroal.agroal-api-1.3.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.agroal.agroal-narayana-1.3.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.agroal.agroal-narayana-1.3.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.agroal.agroal-pool-1.3.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.agroal.agroal-pool-1.3.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-buffer-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-buffer-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-dns-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-dns-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-haproxy-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-haproxy-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-http-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-http-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-http2-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-http2-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-memcache-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-memcache-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-mqtt-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-mqtt-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-redis-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-redis-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-smtp-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-smtp-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-socks-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-socks-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-stomp-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-stomp-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-xml-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-xml-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-common-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-handler-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-handler-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-handler-proxy-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-handler-proxy-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-resolver-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-resolver-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-resolver-dns-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-resolver-dns-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-resolver-dns-classes-macos-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-resolver-dns-classes-macos-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-tcnative-classes-2.0.52.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-tcnative-classes-2.0.52.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-classes-epoll-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-classes-epoll-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-classes-kqueue-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-classes-kqueue-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-native-epoll-4.1.77.Final-redhat-00001-linux-x86_64.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-native-epoll-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-native-unix-common-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-native-unix-common-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-rxtx-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-rxtx-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-sctp-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-sctp-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-udt-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-udt-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.reactivex.rxjava2.rxjava-2.2.20.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.reactivex.rxjava3.rxjava-3.0.9.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.undertow.jastow.jastow-2.0.11.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.undertow.jastow.jastow-2.0.11.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.undertow.js.undertow-js-1.0.2.Final-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :io.undertow.js.undertow-js-1.0.2.Final-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :io.undertow.undertow-core-2.2.19.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.undertow.undertow-servlet-2.2.19.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.undertow.undertow-servlet-2.2.19.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.undertow.undertow-websockets-jsr-2.2.19.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.undertow.undertow-websockets-jsr-2.2.19.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :jakarta.enterprise.jakarta.enterprise.cdi-api-2.0.2.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :jakarta.enterprise.jakarta.enterprise.cdi-api-2.0.2.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :jakarta.inject.jakarta.inject-api-1.0.3.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :jakarta.inject.jakarta.inject-api-1.0.3.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :jakarta.json.bind.jakarta.json.bind-api-1.0.2.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :jakarta.json.bind.jakarta.json.bind-api-1.0.2.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :jakarta.json.jakarta.json-api-1.1.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :jakarta.json.jakarta.json-api-1.1.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :jakarta.persistence.jakarta.persistence-api-2.2.3.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :jakarta.persistence.jakarta.persistence-api-2.2.3.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :jakarta.security.enterprise.jakarta.security.enterprise-api-1.0.2.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :jakarta.security.enterprise.jakarta.security.enterprise-api-1.0.2.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :jakarta.validation.jakarta.validation-api-2.0.2.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :jakarta.validation.jakarta.validation-api-2.0.2.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :javax.jws.jsr181-api-1.0.0.MR1-redhat-8.jar",
"Red Hat JBoss Enterprise Application Platform :javax.jws.jsr181-api-1.0.0.MR1-redhat-8.pom",
"Red Hat JBoss Enterprise Application Platform :jaxen.jaxen-1.1.6.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :jaxen.jaxen-1.1.6.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :jboss.jaxbintros.jboss-jaxb-intros-1.0.3.GA-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :jboss.jaxbintros.jboss-jaxb-intros-1.0.3.GA-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :joda-time.joda-time-2.9.7.redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :joda-time.joda-time-2.9.7.redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :net.bytebuddy.byte-buddy-1.11.12.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :net.bytebuddy.byte-buddy-dep-1.11.12.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :net.java.dev.msv.msv-core-2013.6.1.pom",
"Red Hat JBoss Enterprise Application Platform :net.java.dev.msv.xsdlib-2013.6.1.pom",
"Red Hat JBoss Enterprise Application Platform :net.jcip.jcip-annotations-1.0.0.redhat-8.jar",
"Red Hat JBoss Enterprise Application Platform :net.jcip.jcip-annotations-1.0.0.redhat-8.pom",
"Red Hat JBoss Enterprise Application Platform :net.shibboleth.utilities.java-support-7.3.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :net.shibboleth.utilities.java-support-7.3.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.aesh.aesh-2.4.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.aesh.aesh-2.4.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.aesh.aesh-extensions-1.8.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.aesh.aesh-extensions-1.8.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.aesh.readline-2.2.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.aesh.readline-2.2.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.aesh.terminal-api-2.2.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.activemq-artemis-native-1.0.2.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.activemq-artemis-native-1.0.2.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-cli-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-cli-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-commons-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-commons-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-core-client-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-core-client-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-dto-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-dto-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-hornetq-protocol-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-hornetq-protocol-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-hqclient-protocol-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-hqclient-protocol-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-jdbc-store-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-jdbc-store-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-jms-client-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-jms-client-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-jms-server-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-jms-server-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-journal-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-journal-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-ra-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-ra-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-selector-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-selector-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-server-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-server-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-service-extensions-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-service-extensions-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-tools-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-tools-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.avro.avro-1.7.6.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.avro.avro-1.7.6.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.commons.commons-lang3-3.11.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.commons.commons-lang3-3.11.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-core-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-core-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-bindings-coloc-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-bindings-coloc-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-bindings-soap-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-bindings-soap-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-bindings-xml-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-bindings-xml-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-databinding-aegis-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-databinding-aegis-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-databinding-jaxb-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-databinding-jaxb-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-features-clustering-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-features-clustering-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-features-logging-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-features-logging-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-frontend-jaxws-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-frontend-jaxws-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-frontend-simple-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-frontend-simple-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-management-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-management-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-security-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-security-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-security-saml-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-security-saml-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-http-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-http-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-http-hc-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-http-hc-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-jms-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-jms-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-local-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-local-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-addr-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-addr-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-mex-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-mex-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-policy-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-policy-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-rm-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-rm-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-security-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-security-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-wsdl-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-wsdl-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-common-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-common-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-java2ws-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-java2ws-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-validator-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-validator-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-wsdlto-core-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-wsdlto-core-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-wsdlto-databinding-jaxb-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-wsdlto-databinding-jaxb-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-wsdlto-frontend-jaxws-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-wsdlto-frontend-jaxws-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.services.sts.cxf-services-sts-core-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.services.sts.cxf-services-sts-core-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.services.ws-discovery.cxf-services-ws-discovery-api-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.services.ws-discovery.cxf-services-ws-discovery-api-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjc-utils.cxf-xjc-runtime-3.3.1.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjc-utils.cxf-xjc-runtime-3.3.1.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-boolean-3.3.1.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-boolean-3.3.1.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-bug986-3.3.1.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-bug986-3.3.1.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-dv-3.3.1.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-dv-3.3.1.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-ts-3.3.1.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-ts-3.3.1.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpasyncclient-4.1.4.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpasyncclient-4.1.4.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpclient-4.5.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpclient-4.5.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpcore-4.4.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpcore-4.4.14.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpcore-4.4.14.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpcore-nio-4.4.14.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpcore-nio-4.4.14.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpmime-4.5.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpmime-4.5.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.james.apache-mime4j-0.6.0.redhat-7.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.james.apache-mime4j-0.6.0.redhat-7.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.logging.log4j.log4j-api-2.17.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.logging.log4j.log4j-api-2.17.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-analyzers-common-5.5.5.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-analyzers-common-5.5.5.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-backward-codecs-5.5.5.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-backward-codecs-5.5.5.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-core-5.5.5.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-core-5.5.5.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-facet-5.5.5.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-facet-5.5.5.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-misc-5.5.5.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-misc-5.5.5.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-queries-5.5.5.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-queries-5.5.5.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-queryparser-5.5.5.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-queryparser-5.5.5.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.neethi.neethi-3.1.1.redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.neethi.neethi-3.1.1.redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.santuario.xmlsec-2.1.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.santuario.xmlsec-2.1.7.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.sshd.sshd-common-2.7.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.sshd.sshd-common-2.7.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.sshd.sshd-core-2.7.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.sshd.sshd-core-2.7.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.taglibs.taglibs-standard-compat-1.2.6.RC1-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.taglibs.taglibs-standard-compat-1.2.6.RC1-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.taglibs.taglibs-standard-impl-1.2.6.RC1-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.taglibs.taglibs-standard-impl-1.2.6.RC1-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.taglibs.taglibs-standard-spec-1.2.6.RC1-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.taglibs.taglibs-standard-spec-1.2.6.RC1-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.velocity.velocity-engine-core-2.3.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.ws.xmlschema.xmlschema-core-2.2.5.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.ws.xmlschema.xmlschema-core-2.2.5.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-bindings-2.2.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-bindings-2.2.7.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-policy-2.2.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-policy-2.2.7.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-common-2.2.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-common-2.2.7.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-dom-2.2.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-dom-2.2.7.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-policy-stax-2.2.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-policy-stax-2.2.7.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-stax-2.2.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-stax-2.2.7.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.bitbucket.b_c.jose4j-0.7.5.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcmail-jdk15on-1.68.0.redhat-00005.jar",
"Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcmail-jdk15on-1.68.0.redhat-00005.pom",
"Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcpg-jdk15on-1.68.0.redhat-00005.jar",
"Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcpg-jdk15on-1.68.0.redhat-00005.pom",
"Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcpkix-jdk15on-1.68.0.redhat-00005.jar",
"Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcpkix-jdk15on-1.68.0.redhat-00005.pom",
"Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcprov-jdk15on-1.68.0.redhat-00005.jar",
"Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcprov-jdk15on-1.68.0.redhat-00005.pom",
"Red Hat JBoss Enterprise Application Platform :org.codehaus.jackson.jackson-core-asl-1.9.13.redhat-00007.jar",
"Red Hat JBoss Enterprise Application Platform :org.codehaus.jackson.jackson-jaxrs-1.9.13.redhat-00007.jar",
"Red Hat JBoss Enterprise Application Platform :org.codehaus.jackson.jackson-mapper-asl-1.9.13.redhat-00007.jar",
"Red Hat JBoss Enterprise Application Platform :org.codehaus.jackson.jackson-xc-1.9.13.redhat-00007.jar",
"Red Hat JBoss Enterprise Application Platform :org.codehaus.jettison.jettison-1.4.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.codehaus.jettison.jettison-1.4.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.codehaus.woodstox.stax2-api-4.2.1.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.codehaus.woodstox.stax2-api-4.2.1.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.cryptacular.cryptacular-1.2.4.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.cryptacular.cryptacular-1.2.4.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.dom4j.dom4j-2.1.3.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.dom4j.dom4j-2.1.3.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.eclipse.jdt.ecj-3.26.0.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.eclipse.jdt.ecj-3.26.0.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.eclipse.jgit.org.eclipse.jgit-5.13.0.202109080827-r-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.eclipse.jgit.org.eclipse.jgit-5.13.0.202109080827-r-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.eclipse.jgit.org.eclipse.jgit.ssh.apache-5.13.0.202109080827-r-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.eclipse.jgit.org.eclipse.jgit.ssh.apache-5.13.0.202109080827-r-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.eclipse.yasson-1.0.10.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.eclipse.yasson-1.0.10.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.fusesource.hawtjni.hawtjni-runtime-1.17.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.fusesource.jansi.jansi-1.18.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.fusesource.jansi.jansi-linux32-1.8.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.fusesource.jansi.jansi-linux64-1.8.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.fusesource.jansi.jansi-native-1.8.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jakarta.el-3.0.3.redhat-00007.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jakarta.el-3.0.3.redhat-00007.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jakarta.enterprise.concurrent-1.1.1.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jakarta.enterprise.concurrent-1.1.1.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jakarta.json-1.1.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jakarta.json-1.1.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.codemodel-2.3.3.b02-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.codemodel-2.3.3.b02-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.jaxb-jxc-2.3.3.b02-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.jaxb-jxc-2.3.3.b02-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.jaxb-runtime-2.3.3.b02-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.jaxb-runtime-2.3.3.b02-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.jaxb-xjc-2.3.3.b02-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.jaxb-xjc-2.3.3.b02-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.txw2-2.3.3.b02-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.txw2-2.3.3.b02-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.xsom-2.3.3.b02-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.xsom-2.3.3.b02-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.soteria.jakarta.security.enterprise-1.0.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.soteria.jakarta.security.enterprise-1.0.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.common.hibernate-commons-annotations-5.0.5.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-core-5.3.28.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-envers-5.3.28.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-backend-jms-5.10.7.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-backend-jms-5.10.7.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-engine-5.10.7.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-engine-5.10.7.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-orm-5.10.7.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-orm-5.10.7.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-serialization-avro-5.10.7.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-serialization-avro-5.10.7.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.validator.hibernate-validator-6.0.23.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.validator.hibernate-validator-6.0.23.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.validator.hibernate-validator-cdi-6.0.23.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.validator.hibernate-validator-cdi-6.0.23.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.hornetq.hornetq-commons-2.4.8.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hornetq.hornetq-commons-2.4.8.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.hornetq.hornetq-core-client-2.4.8.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hornetq.hornetq-core-client-2.4.8.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.hornetq.hornetq-jms-client-2.4.8.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hornetq.hornetq-jms-client-2.4.8.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-cachestore-jdbc-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-cachestore-jdbc-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-cachestore-remote-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-cachestore-remote-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-client-hotrod-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-client-hotrod-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-commons-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-commons-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-component-annotations-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-component-annotations-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-core-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-core-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-commons-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-commons-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-spi-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-spi-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-v51-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-v51-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-v53-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-v53-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.protostream.protostream-4.3.5.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.protostream.protostream-4.3.5.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jasypt.jasypt-1.9.3.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.jasypt.jasypt-1.9.3.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.javassist.javassist-3.26.0.GA-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.javassist.javassist-3.27.0.GA-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.javassist.javassist-3.27.0.GA-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jberet.jberet-core-1.3.9.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jberet.jberet-core-1.3.9.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.activemq.artemis.integration.artemis-wildfly-integration-1.0.4.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.activemq.artemis.integration.artemis-wildfly-integration-1.0.4.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.classfilewriter.jboss-classfilewriter-1.2.5.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.classfilewriter.jboss-classfilewriter-1.2.5.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.common.jboss-common-beans-2.0.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.common.jboss-common-beans-2.0.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-eclipselink-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-eclipselink-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate4-1-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate4-1-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate4-3-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate4-3-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate5-3-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate5-3-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate5-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate5-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-openjpa-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-openjpa-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-appclient-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-appclient-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-batch-jberet-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-batch-jberet-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-bean-validation-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-bean-validation-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-client-all-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-client-properties-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-client-properties-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-api-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-api-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-common-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-common-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-cache-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-cache-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-hotrod-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-hotrod-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-infinispan-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-infinispan-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ejb-infinispan-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ejb-infinispan-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ejb-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ejb-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-client-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-client-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-extension-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-extension-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-marshalling-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-marshalling-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-jgroups-api-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-jgroups-api-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-jgroups-extension-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-jgroups-extension-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-jgroups-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-jgroups-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-api-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-api-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-jboss-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-jboss-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-protostream-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-protostream-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-server-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-server-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-service-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-service-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-singleton-api-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-singleton-api-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-singleton-extension-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-singleton-extension-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-api-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-api-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-cache-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-cache-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-container-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-container-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-extension-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-extension-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-hotrod-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-hotrod-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-infinispan-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-infinispan-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-undertow-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-undertow-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-cmp-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-cmp-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-configadmin-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-configadmin-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-connector-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-connector-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-datasources-agroal-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-datasources-agroal-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ee-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ee-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ee-security-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ee-security-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ejb3-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ejb3-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-health-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-health-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-iiop-openjdk-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-iiop-openjdk-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jacorb-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jacorb-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jaxr-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jaxr-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jaxrs-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jaxrs-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jdr-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jdr-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jpa-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jpa-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jsf-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jsf-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jsf-injection-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jsf-injection-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jsr77-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jsr77-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-mail-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-mail-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-messaging-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-messaging-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-messaging-activemq-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-messaging-activemq-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-metrics-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-metrics-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-mod_cluster-extension-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-mod_cluster-extension-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-mod_cluster-undertow-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-mod_cluster-undertow-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-naming-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-naming-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ormtransformer-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ormtransformer-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-picketlink-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-picketlink-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-pojo-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-pojo-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-rts-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-rts-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-sar-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-sar-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-api-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-api-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-integration-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-integration-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-plugins-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-plugins-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-vault-tool-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-vault-tool-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-system-jmx-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-system-jmx-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-transactions-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-transactions-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-undertow-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-undertow-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-web-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-web-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-web-common-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-web-common-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-webservices-server-integration-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-webservices-server-integration-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-bean-validation-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-bean-validation-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-common-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-common-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-ejb-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-ejb-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-jpa-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-jpa-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-transactions-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-transactions-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-webservices-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-webservices-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-xts-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-xts-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ejb3.jboss-ejb3-ext-api-2.3.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ejb3.jboss-ejb3-ext-api-2.3.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.genericjms.generic-jms-ra-jar-2.0.9.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.genericjms.generic-jms-ra-jar-2.0.9.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.hal.hal-console-3.3.14.Final-redhat-00001-resources.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.hal.hal-console-3.3.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.invocation.jboss-invocation-1.6.3.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.invocation.jboss-invocation-1.6.3.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-common-api-1.5.3.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-common-api-1.5.3.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-common-impl-1.5.3.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-common-impl-1.5.3.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-common-spi-1.5.3.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-common-spi-1.5.3.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-core-api-1.5.3.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-core-api-1.5.3.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-core-impl-1.5.3.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-core-impl-1.5.3.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-deployers-common-1.5.3.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-deployers-common-1.5.3.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-jdbc-1.5.3.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-jdbc-1.5.3.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-validator-1.5.3.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-validator-1.5.3.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jandex-2.4.2.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jandex-2.4.2.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-dmr-1.5.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-dmr-1.5.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-ejb-client-4.0.45.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-ejb-client-4.0.45.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-ejb-client-legacy-3.0.3.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-ejb-client-legacy-3.0.3.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-iiop-client-1.0.1.Final-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-iiop-client-1.0.1.Final-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-transaction-spi-7.6.0.Final-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-transaction-spi-7.6.0.Final-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-vfs-3.2.17.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-vfs-3.2.17.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logging.commons-logging-jboss-logging-1.0.0.Final-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logging.commons-logging-jboss-logging-1.0.0.Final-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logging.jboss-logging-3.4.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logging.jboss-logging-3.4.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logging.jul-to-slf4j-stub-1.0.1.Final-redhat-3.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logging.jul-to-slf4j-stub-1.0.1.Final-redhat-3.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logmanager.jboss-logmanager-2.1.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logmanager.jboss-logmanager-2.1.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logmanager.log4j-jboss-logmanager-1.2.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logmanager.log4j2-jboss-logmanager-1.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logmanager.log4j2-jboss-logmanager-1.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.marshalling.jboss-marshalling-2.0.12.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.marshalling.jboss-marshalling-2.0.12.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.marshalling.jboss-marshalling-river-2.0.12.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.marshalling.jboss-marshalling-river-2.0.12.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-appclient-13.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-appclient-13.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-common-13.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-common-13.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-ear-13.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-ear-13.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-ejb-13.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-ejb-13.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-web-13.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-web-13.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-cli-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-cli-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-core-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-core-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap6.4-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap6.4-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap6.4-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap6.4-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.0-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.0-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.0-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.0-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.1-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.1-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.1-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.1-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.2-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.2-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.2-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.2-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.3-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.3-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.3-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.3-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.4-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.4-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.4-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.4-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly10.0-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly10.0-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly10.1-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly10.1-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly11.0-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly11.0-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly12.0-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly12.0-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly13.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly13.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly14.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly14.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly15.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly15.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly16.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly16.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly17.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly17.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly18.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly18.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly19.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly19.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly20.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly20.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly21.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly21.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly22.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly22.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly8.2-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly8.2-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly9.0-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly9.0-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.mod_cluster.mod_cluster-container-spi-1.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.mod_cluster.mod_cluster-container-spi-1.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.mod_cluster.mod_cluster-core-1.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.mod_cluster.mod_cluster-core-1.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.mod_cluster.mod_cluster-load-spi-1.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.mod_cluster.mod_cluster-load-spi-1.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.modules.jboss-modules-1.12.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.modules.jboss-modules-1.12.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.msc.jboss-msc-1.4.12.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.msc.jboss-msc-1.4.12.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.arjunacore.arjuna-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.arjunacore.txoj-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.common-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.compensations.compensations-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.compensations.compensations-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jbosstxbridge-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jbosstxbridge-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jta.cdi-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jta.jdbc-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jta.jms-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jta.jta-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jts.idlj-idl-jdk8-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jts.jtax-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jts.jts-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jts.narayana-jts-idlj-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jts.narayana-jts-integration-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jts.narayana-jts-integration-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jts.orbportability-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-api-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-api-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-bridge-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-bridge-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-integration-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-integration-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-util-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-util-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.txframework.txframework-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.txframework.txframework-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.bridge-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.jbossxts-5.11.4.Final-redhat-00001-api.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.jbossxts-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.recovery-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.service-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.ws-c11-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.ws-t11-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.wsas-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.wscf11-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.wstx11-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.openjdk-orb.openjdk-orb-8.1.4.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.openjdk-orb.openjdk-orb-8.1.4.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.remoting.jboss-remoting-5.0.25.SP1-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.remoting.jboss-remoting-5.0.25.SP1-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.remotingjmx.remoting-jmx-3.0.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.remotingjmx.remoting-jmx-3.0.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.jose-jwt-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.jose-jwt-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-atom-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-atom-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-cdi-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-cdi-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-client-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-client-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-crypto-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-crypto-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jackson-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jackson-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jackson2-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jackson2-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jaxb-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jaxb-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jaxrs-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jaxrs-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jettison-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jettison-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jsapi-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jsapi-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-json-binding-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-json-binding-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-json-p-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-json-p-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-multipart-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-multipart-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-rxjava2-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-rxjava2-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-spring-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-spring-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-validator-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-validator-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-yaml-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-yaml-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.seam.integration.jboss-seam-int-jbossas-7.0.0.GA-redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.seam.integration.jboss-seam-int-jbossas-7.0.0.GA-redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-common-3.0.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-common-3.0.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-extras-3.0.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-extras-3.0.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-ntlm-3.0.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-ntlm-3.0.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-spnego-3.0.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-spnego-3.0.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jbossxacml-2.0.8.Final-redhat-8.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.slf4j.slf4j-jboss-logmanager-1.1.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.slf4j.slf4j-jboss-logmanager-1.1.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.annotation.jboss-annotations-api_1.3_spec-2.0.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.annotation.jboss-annotations-api_1.3_spec-2.0.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.batch.jboss-batch-api_1.0_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.batch.jboss-batch-api_1.0_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.ejb.jboss-ejb-api_3.2_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.ejb.jboss-ejb-api_3.2_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.el.jboss-el-api_3.0_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.el.jboss-el-api_3.0_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.enterprise.concurrent.jboss-concurrency-api_1.0_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.enterprise.concurrent.jboss-concurrency-api_1.0_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.faces.jboss-jsf-api_2.3_spec-3.0.0.SP06-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.faces.jboss-jsf-api_2.3_spec-3.0.0.SP06-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.interceptor.jboss-interceptors-api_1.2_spec-2.0.0.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.interceptor.jboss-interceptors-api_1.2_spec-2.0.0.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.jms.jboss-jms-api_2.0_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.jms.jboss-jms-api_2.0_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.management.j2ee.jboss-j2eemgmt-api_1.1_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.management.j2ee.jboss-j2eemgmt-api_1.1_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.resource.jboss-connector-api_1.7_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.resource.jboss-connector-api_1.7_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.security.auth.message.jboss-jaspi-api_1.1_spec-2.0.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.security.auth.message.jboss-jaspi-api_1.1_spec-2.0.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.security.jacc.jboss-jacc-api_1.5_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.security.jacc.jboss-jacc-api_1.5_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.servlet.jboss-servlet-api_4.0_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.servlet.jboss-servlet-api_4.0_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.servlet.jsp.jboss-jsp-api_2.3_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.servlet.jsp.jboss-jsp-api_2.3_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.transaction.jboss-transaction-api_1.3_spec-2.0.0.Final-redhat-00005.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.transaction.jboss-transaction-api_1.3_spec-2.0.0.Final-redhat-00005.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.websocket.jboss-websocket-api_1.1_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.websocket.jboss-websocket-api_1.1_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.ws.rs.jboss-jaxrs-api_2.1_spec-2.0.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.ws.rs.jboss-jaxrs-api_2.1_spec-2.0.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.bind.jboss-jaxb-api_2.3_spec-2.0.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.bind.jboss-jaxb-api_2.3_spec-2.0.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.rpc.jboss-jaxrpc-api_1.1_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.rpc.jboss-jaxrpc-api_1.1_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.soap.jboss-saaj-api_1.3_spec-1.0.6.Final-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.soap.jboss-saaj-api_1.3_spec-1.0.6.Final-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.soap.jboss-saaj-api_1.4_spec-1.0.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.soap.jboss-saaj-api_1.4_spec-1.0.2.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.ws.jboss-jaxws-api_2.3_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.ws.jboss-jaxws-api_2.3_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.staxmapper-1.3.0.Final-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.staxmapper-1.3.0.Final-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.stdio.jboss-stdio-1.1.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.stdio.jboss-stdio-1.1.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.threads.jboss-threads-2.4.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.threads.jboss-threads-2.4.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-ejb-3.1.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-ejb-3.1.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-jsf-3.1.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-jsf-3.1.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-jta-3.1.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-jta-3.1.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-web-3.1.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-web-3.1.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.probe.weld-probe-core-3.1.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.probe.weld-probe-core-3.1.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.weld-api-3.1.0.SP3-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.weld-api-3.1.0.SP3-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.weld-core-impl-3.1.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.weld-core-impl-3.1.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.weld-spi-3.1.0.SP3-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.weld-spi-3.1.0.SP3-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-client-5.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-client-5.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-factories-5.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-factories-5.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-jaspi-5.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-jaspi-5.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-resources-5.4.4.Final-redhat-00001-wildfly2000.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-resources-5.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-server-5.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-server-5.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-transports-udp-5.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-transports-udp-5.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-transports-undertow-5.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-transports-undertow-5.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-api-1.1.2.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-api-1.1.2.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-common-3.3.3.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-common-3.3.3.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-common-tools-1.3.2.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-common-tools-1.3.2.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-spi-3.3.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-spi-3.3.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.projects.jaxws-undertow-httpspi-1.0.1.Final-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.projects.jaxws-undertow-httpspi-1.0.1.Final-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.xnio.netty.netty-xnio-transport-0.1.9.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.xnio.netty.netty-xnio-transport-0.1.9.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.xnio.xnio-api-3.8.7.SP1-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.xnio.xnio-api-3.8.7.SP1-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.xnio.xnio-nio-3.8.7.SP1-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.xnio.xnio-nio-3.8.7.SP1-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jctools.jctools-core-2.1.2.redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jctools.jctools-core-2.1.2.redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jctools.jctools-core-3.1.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jgroups.azure.jgroups-azure-1.3.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jgroups.azure.jgroups-azure-1.3.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jgroups.jgroups-4.2.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jgroups.jgroups-4.2.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jgroups.kubernetes.jgroups-kubernetes-1.0.16.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jgroups.kubernetes.jgroups-kubernetes-1.0.16.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jsoup.jsoup-1.14.2.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.jsoup.jsoup-1.14.2.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.jvnet.staxex.stax-ex-1.8.3.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.jvnet.staxex.stax-ex-1.8.3.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-core-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-core-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-profile-api-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-profile-api-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-saml-api-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-saml-api-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-saml-impl-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-saml-impl-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-security-api-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-security-api-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-security-impl-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-security-impl-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-soap-api-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-soap-api-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-api-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-api-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-impl-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-impl-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-saml-api-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-saml-api-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-saml-impl-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-saml-impl-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xmlsec-api-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xmlsec-api-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xmlsec-impl-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xmlsec-impl-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.ow2.asm.asm-9.1.0.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.ow2.asm.asm-util-9.1.0.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.acl-spi-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.authorization-spi-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.common-spi-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.identity-spi-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.jboss-security-spi-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.jbosssx-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.jbosssx-bare-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-5.0.3.Final-redhat-00009.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-acl-impl-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-bare-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-commons-1.0.0.final-redhat-5.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-commons-1.0.0.final-redhat-5.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-identity-impl-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-infinispan-5.0.3.Final-redhat-00009.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-infinispan-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-spi-bare-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.distribution.picketlink-wildfly8-2.5.5.SP12-redhat-00014.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-api-2.5.5.SP12-redhat-00011.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-api-2.5.5.SP12-redhat-00011.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-common-2.5.5.SP12-redhat-00011.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-common-2.5.5.SP12-redhat-00011.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-config-2.5.5.SP12-redhat-00011.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-config-2.5.5.SP12-redhat-00011.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-federation-2.5.5.SP12-redhat-00011.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-federation-2.5.5.SP12-redhat-00011.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-idm-api-2.5.5.SP12-redhat-00011.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-idm-api-2.5.5.SP12-redhat-00011.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-idm-impl-2.5.5.SP12-redhat-00011.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-idm-impl-2.5.5.SP12-redhat-00011.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-idm-simple-schema-2.5.5.SP12-redhat-00011.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-idm-simple-schema-2.5.5.SP12-redhat-00011.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-impl-2.5.5.SP12-redhat-00011.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-impl-2.5.5.SP12-redhat-00011.pom",
"Red Hat JBoss Enterprise Application Platform :org.projectodd.vdx.vdx-core-1.1.6.redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.projectodd.vdx.vdx-core-1.1.6.redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.projectodd.vdx.vdx-wildfly-1.1.6.redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.projectodd.vdx.vdx-wildfly-1.1.6.redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.reactivestreams.reactive-streams-1.0.3.redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.slf4j.jcl-over-slf4j-1.7.30.redhat-00004.pom",
"Red Hat JBoss Enterprise Application Platform :org.slf4j.slf4j-api-1.7.22.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.slf4j.slf4j-api-1.7.22.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.slf4j.slf4j-api-1.7.30.redhat-00004.pom",
"Red Hat JBoss Enterprise Application Platform :org.slf4j.slf4j-ext-1.7.22.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.slf4j.slf4j-ext-1.7.22.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.client.wildfly-client-config-1.0.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.client.wildfly-client-config-1.0.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.common.wildfly-common-1.5.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.common.wildfly-common-1.5.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-cli-15.0.18.Final-redhat-00001-client.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-cli-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-cli-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-controller-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-controller-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-controller-client-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-controller-client-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-management-client-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-management-client-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-management-subsystem-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-management-subsystem-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-security-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-security-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-security-api-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-security-api-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-deployment-repository-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-deployment-repository-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-deployment-scanner-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-deployment-scanner-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-discovery-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-discovery-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-domain-http-error-context-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-domain-http-error-context-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-domain-http-interface-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-domain-http-interface-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-domain-management-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-domain-management-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-elytron-integration-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-elytron-integration-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-elytron-tool-wrapper-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-elytron-tool-wrapper-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-embedded-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-embedded-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-event-logger-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-event-logger-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-host-controller-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-host-controller-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-io-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-io-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-jmx-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-jmx-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-launcher-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-launcher-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-logging-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-logging-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-management-client-content-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-management-client-content-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-network-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-network-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-patching-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-patching-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-platform-mbean-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-platform-mbean-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-process-controller-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-process-controller-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-protocol-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-protocol-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-remoting-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-remoting-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-request-controller-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-request-controller-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-security-manager-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-security-manager-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-server-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-server-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-threads-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-threads-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-version-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-version-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.discovery.wildfly-discovery-client-1.2.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.discovery.wildfly-discovery-client-1.2.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-java-2.2.3.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-java-2.2.3.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-ppc64le-2.2.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-ppc64le-2.2.2.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel6-x86_64-2.2.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel6-x86_64-2.2.2.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel7-x86_64-2.2.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel7-x86_64-2.2.2.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel8-x86_64-2.2.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel8-x86_64-2.2.2.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel9-x86_64-2.2.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel9-x86_64-2.2.2.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-s390x-2.2.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-s390x-2.2.2.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-windows-x86_64-2.2.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.elytron-web.undertow-server-1.9.2.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.elytron-web.undertow-server-1.9.2.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.elytron-web.undertow-server-servlet-1.9.2.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.elytron-web.undertow-server-servlet-1.9.2.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-asn1-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-asn1-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-audit-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-audit-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-deprecated-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-deprecated-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-http-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-http-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-sasl-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-sasl-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-util-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-util-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-base-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-base-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-client-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-client-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-source-deprecated-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-source-deprecated-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-source-impl-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-source-impl-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-store-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-store-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-digest-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-digest-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-encryption-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-encryption-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-basic-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-basic-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-bearer-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-bearer-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-cert-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-cert-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-deprecated-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-deprecated-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-digest-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-digest-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-external-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-external-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-form-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-form-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-oidc-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-spnego-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-spnego-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-sso-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-sso-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-stateful-basic-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-stateful-basic-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-util-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-util-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-jacc-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-jacc-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-jaspi-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-jaspi-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-jose-jwk-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-jose-util-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-json-util-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-json-util-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-keystore-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-keystore-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-digest-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-digest-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-gssapi-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-gssapi-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-http-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-http-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-oauth2-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-oauth2-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-scram-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-scram-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-password-impl-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-password-impl-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-permission-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-permission-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-provider-util-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-provider-util-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-jdbc-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-jdbc-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-ldap-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-ldap-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-token-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-token-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-anonymous-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-anonymous-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-auth-util-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-auth-util-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-deprecated-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-deprecated-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-digest-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-digest-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-entity-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-entity-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-external-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-external-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-gs2-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-gs2-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-gssapi-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-gssapi-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-localuser-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-localuser-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-oauth2-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-oauth2-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-otp-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-otp-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-plain-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-plain-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-scram-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-scram-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-security-manager-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-security-manager-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-security-manager-action-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-security-manager-action-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-ssl-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-ssl-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-tool-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-tool-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-util-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-util-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-cert-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-cert-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-cert-acme-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-cert-acme-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-cert-util-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-cert-util-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-deprecated-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-deprecated-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-principal-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-principal-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.transaction.wildfly-transaction-client-1.1.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.transaction.wildfly-transaction-client-1.1.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-client-common-1.1.13.SP1-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-client-common-1.1.13.SP1-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-ejb-client-1.1.13.SP1-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-ejb-client-1.1.13.SP1-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-naming-client-1.1.13.SP1-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-naming-client-1.1.13.SP1-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-transaction-client-1.1.13.SP1-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-transaction-client-1.1.13.SP1-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-naming-client-1.0.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-naming-client-1.0.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.yaml.snakeyaml-1.31.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.yaml.snakeyaml-1.31.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :wsdl4j.wsdl4j-1.6.3.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :wsdl4j.wsdl4j-1.6.3.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :xalan.serializer-2.7.1.redhat-00013.jar",
"Red Hat JBoss Enterprise Application Platform :xalan.serializer-2.7.1.redhat-00013.pom",
"Red Hat JBoss Enterprise Application Platform :xalan.xalan-2.7.1.redhat-00013.jar",
"Red Hat JBoss Enterprise Application Platform :xalan.xalan-2.7.1.redhat-00013.pom",
"Red Hat JBoss Enterprise Application Platform :xerces.xercesImpl-2.12.0.SP04-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :xerces.xercesImpl-2.12.0.SP04-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :xml-resolver.xml-resolver-1.2.0.redhat-12.jar",
"Red Hat JBoss Enterprise Application Platform :xml-resolver.xml-resolver-1.2.0.redhat-12.pom",
"Red Hat JBoss Enterprise Application Platform :xom.xom-1.3.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :xom.xom-1.3.7.redhat-00001.pom"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-2053"
},
{
"category": "external",
"summary": "RHBZ#2095862",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095862"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-2053",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2053"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-2053",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2053"
}
],
"release_date": "2022-06-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-05T16:46:28+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied. For details about how to apply this update, see: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform :io.undertow.undertow-core-2.2.19.SP2-redhat-00001.jar"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6825"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform :@babel.code-frame-7.0.0",
"Red Hat JBoss Enterprise Application Platform :@babel.core-7.4.5",
"Red Hat JBoss Enterprise Application Platform :@babel.generator-7.4.4",
"Red Hat JBoss Enterprise Application Platform :@babel.helper-function-name-7.1.0",
"Red Hat JBoss Enterprise Application Platform :@babel.helper-get-function-arity-7.0.0",
"Red Hat JBoss Enterprise Application Platform :@babel.helper-split-export-declaration-7.4.4",
"Red Hat JBoss Enterprise Application Platform :@babel.helpers-7.4.4",
"Red Hat JBoss Enterprise Application Platform :@babel.highlight-7.0.0",
"Red Hat JBoss Enterprise Application Platform :@babel.parser-7.4.5",
"Red Hat JBoss Enterprise Application Platform :@babel.template-7.4.4",
"Red Hat JBoss Enterprise Application Platform :@babel.traverse-7.4.5",
"Red Hat JBoss Enterprise Application Platform :@babel.types-7.4.4",
"Red Hat JBoss Enterprise Application Platform :@mrmlnc.readdir-enhanced-2.2.1",
"Red Hat JBoss Enterprise Application Platform :@nodelib.fs.stat-1.1.3",
"Red Hat JBoss Enterprise Application Platform :@types.c3-0.6.0",
"Red Hat JBoss Enterprise Application Platform :@types.d3-4.13.0",
"Red Hat JBoss Enterprise Application Platform :@types.d3-array-1.2.1",
"Red Hat JBoss Enterprise Application Platform :@types.d3-axis-1.0.10",
"Red Hat JBoss Enterprise Application Platform :@types.d3-brush-1.0.8",
"Red Hat JBoss Enterprise Application Platform :@types.d3-chord-1.0.7",
"Red Hat JBoss Enterprise Application Platform :@types.d3-collection-1.0.7",
"Red Hat JBoss Enterprise Application Platform :@types.d3-color-1.2.1",
"Red Hat JBoss Enterprise Application Platform :@types.d3-dispatch-1.0.6",
"Red Hat JBoss Enterprise Application Platform :@types.d3-drag-1.2.1",
"Red Hat JBoss Enterprise Application Platform :@types.d3-dsv-1.0.33",
"Red Hat JBoss Enterprise Application Platform :@types.d3-ease-1.0.7",
"Red Hat JBoss Enterprise Application Platform :@types.d3-force-1.1.1",
"Red Hat JBoss Enterprise Application Platform :@types.d3-format-1.3.0",
"Red Hat JBoss Enterprise Application Platform :@types.d3-geo-1.10.3",
"Red Hat JBoss Enterprise Application Platform :@types.d3-hierarchy-1.1.2",
"Red Hat JBoss Enterprise Application Platform :@types.d3-interpolate-1.2.0",
"Red Hat JBoss Enterprise Application Platform :@types.d3-path-1.0.7",
"Red Hat JBoss Enterprise Application Platform :@types.d3-polygon-1.0.6",
"Red Hat JBoss Enterprise Application Platform :@types.d3-quadtree-1.0.5",
"Red Hat JBoss Enterprise Application Platform :@types.d3-queue-3.0.6",
"Red Hat JBoss Enterprise Application Platform :@types.d3-random-1.1.1",
"Red Hat JBoss Enterprise Application Platform :@types.d3-request-1.0.2",
"Red Hat JBoss Enterprise Application Platform :@types.d3-scale-1.0.13",
"Red Hat JBoss Enterprise Application Platform :@types.d3-selection-1.3.1",
"Red Hat JBoss Enterprise Application Platform :@types.d3-shape-1.2.3",
"Red Hat JBoss Enterprise Application Platform :@types.d3-time-1.0.8",
"Red Hat JBoss Enterprise Application Platform :@types.d3-time-format-2.1.0",
"Red Hat JBoss Enterprise Application Platform :@types.d3-timer-1.0.7",
"Red Hat JBoss Enterprise Application Platform :@types.d3-transition-1.1.1",
"Red Hat JBoss Enterprise Application Platform :@types.d3-voronoi-1.1.7",
"Red Hat JBoss Enterprise Application Platform :@types.d3-zoom-1.7.1",
"Red Hat JBoss Enterprise Application Platform :@types.events-3.0.0",
"Red Hat JBoss Enterprise Application Platform :@types.geojson-7946.0.3",
"Red Hat JBoss Enterprise Application Platform :@types.glob-7.1.1",
"Red Hat JBoss Enterprise Application Platform :@types.minimatch-3.0.3",
"Red Hat JBoss Enterprise Application Platform :@types.node-12.0.10",
"Red Hat JBoss Enterprise Application Platform :@types.unist-2.0.3",
"Red Hat JBoss Enterprise Application Platform :@types.vfile-3.0.2",
"Red Hat JBoss Enterprise Application Platform :@types.vfile-message-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.abab-1.0.4",
"Red Hat JBoss Enterprise Application Platform :None.abbrev-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.abstract-leveldown-6.0.3",
"Red Hat JBoss Enterprise Application Platform :None.ace-builds-1.4.5",
"Red Hat JBoss Enterprise Application Platform :None.acorn-2.7.0",
"Red Hat JBoss Enterprise Application Platform :None.acorn-globals-1.0.9",
"Red Hat JBoss Enterprise Application Platform :None.ajv-6.10.0",
"Red Hat JBoss Enterprise Application Platform :None.amdefine-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.ansi-regex-2.1.1",
"Red Hat JBoss Enterprise Application Platform :None.ansi-regex-4.1.0",
"Red Hat JBoss Enterprise Application Platform :None.ansi-styles-2.2.1",
"Red Hat JBoss Enterprise Application Platform :None.ansi-styles-3.2.1",
"Red Hat JBoss Enterprise Application Platform :None.aproba-1.2.0",
"Red Hat JBoss Enterprise Application Platform :None.are-we-there-yet-1.1.5",
"Red Hat JBoss Enterprise Application Platform :None.argparse-1.0.10",
"Red Hat JBoss Enterprise Application Platform :None.argsarray-0.0.1",
"Red Hat JBoss Enterprise Application Platform :None.arr-diff-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.arr-flatten-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.arr-union-3.1.0",
"Red Hat JBoss Enterprise Application Platform :None.array-each-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.array-find-index-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.array-slice-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.array-union-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.array-uniq-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.array-unique-0.3.2",
"Red Hat JBoss Enterprise Application Platform :None.arrify-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.artemis-service.exe-None",
"Red Hat JBoss Enterprise Application Platform :None.asap-2.0.6",
"Red Hat JBoss Enterprise Application Platform :None.asn1-0.2.4",
"Red Hat JBoss Enterprise Application Platform :None.assert-plus-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.assign-symbols-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.astral-regex-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.async-1.5.2",
"Red Hat JBoss Enterprise Application Platform :None.async-2.6.2",
"Red Hat JBoss Enterprise Application Platform :None.asynckit-0.4.0",
"Red Hat JBoss Enterprise Application Platform :None.atob-2.1.2",
"Red Hat JBoss Enterprise Application Platform :None.autocompleter-4.0.2",
"Red Hat JBoss Enterprise Application Platform :None.autoprefixer-9.6.0",
"Red Hat JBoss Enterprise Application Platform :None.aws-sign2-0.7.0",
"Red Hat JBoss Enterprise Application Platform :None.aws4-1.8.0",
"Red Hat JBoss Enterprise Application Platform :None.babel-code-frame-6.26.0",
"Red Hat JBoss Enterprise Application Platform :None.babel-generator-6.26.1",
"Red Hat JBoss Enterprise Application Platform :None.babel-messages-6.23.0",
"Red Hat JBoss Enterprise Application Platform :None.babel-runtime-6.26.0",
"Red Hat JBoss Enterprise Application Platform :None.babel-traverse-6.26.0",
"Red Hat JBoss Enterprise Application Platform :None.babel-types-6.26.0",
"Red Hat JBoss Enterprise Application Platform :None.babylon-6.18.0",
"Red Hat JBoss Enterprise Application Platform :None.bail-1.0.4",
"Red Hat JBoss Enterprise Application Platform :None.balanced-match-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.base-0.11.2",
"Red Hat JBoss Enterprise Application Platform :None.bcrypt-pbkdf-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.body-5.1.0",
"Red Hat JBoss Enterprise Application Platform :None.boolbase-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-3.3.7",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-3.4.1",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-datepicker-1.8.0",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-datepicker-1.9.0",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-sass-3.4.1",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-select-1.12.2",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-select-1.13.10",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-slider-10.6.1",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-slider-9.10.0",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-switch-3.3.4",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-switch-3.3.5",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-touchspin-3.1.1",
"Red Hat JBoss Enterprise Application Platform :None.brace-expansion-1.1.11",
"Red Hat JBoss Enterprise Application Platform :None.braces-2.3.2",
"Red Hat JBoss Enterprise Application Platform :None.braces-3.0.2",
"Red Hat JBoss Enterprise Application Platform :None.browserslist-4.6.3",
"Red Hat JBoss Enterprise Application Platform :None.buffer-from-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.bytes-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.c3-0.4.23",
"Red Hat JBoss Enterprise Application Platform :None.c3-0.7.1",
"Red Hat JBoss Enterprise Application Platform :None.cache-base-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.call-me-maybe-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.caller-callsite-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.caller-path-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.callsites-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.camelcase-2.1.1",
"Red Hat JBoss Enterprise Application Platform :None.camelcase-4.1.0",
"Red Hat JBoss Enterprise Application Platform :None.camelcase-keys-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.camelcase-keys-4.2.0",
"Red Hat JBoss Enterprise Application Platform :None.caniuse-lite-1.0.30000978",
"Red Hat JBoss Enterprise Application Platform :None.caseless-0.12.0",
"Red Hat JBoss Enterprise Application Platform :None.ccount-1.0.4",
"Red Hat JBoss Enterprise Application Platform :None.chalk-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.chalk-2.4.2",
"Red Hat JBoss Enterprise Application Platform :None.character-entities-1.2.3",
"Red Hat JBoss Enterprise Application Platform :None.character-entities-html4-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.character-entities-legacy-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.character-reference-invalid-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.cheerio-0.20.0",
"Red Hat JBoss Enterprise Application Platform :None.cheerio-1.0.0-rc.2",
"Red Hat JBoss Enterprise Application Platform :None.chownr-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.class-utils-0.3.6",
"Red Hat JBoss Enterprise Application Platform :None.clean-css-4.2.1",
"Red Hat JBoss Enterprise Application Platform :None.clipboard-2.0.11",
"Red Hat JBoss Enterprise Application Platform :None.clone-2.1.2",
"Red Hat JBoss Enterprise Application Platform :None.clone-buffer-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.clone-regexp-2.2.0",
"Red Hat JBoss Enterprise Application Platform :None.code-point-at-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.coffeescript-1.10.0",
"Red Hat JBoss Enterprise Application Platform :None.collapse-white-space-1.0.5",
"Red Hat JBoss Enterprise Application Platform :None.collection-visit-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.color-convert-1.9.3",
"Red Hat JBoss Enterprise Application Platform :None.color-logger-0.0.3",
"Red Hat JBoss Enterprise Application Platform :None.color-logger-0.0.6",
"Red Hat JBoss Enterprise Application Platform :None.color-name-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.colors-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.combined-stream-1.0.8",
"Red Hat JBoss Enterprise Application Platform :None.commander-2.20.0",
"Red Hat JBoss Enterprise Application Platform :None.component-emitter-1.3.0",
"Red Hat JBoss Enterprise Application Platform :None.concat-map-0.0.1",
"Red Hat JBoss Enterprise Application Platform :None.console-control-strings-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.continuable-cache-0.3.1",
"Red Hat JBoss Enterprise Application Platform :None.convert-source-map-1.6.0",
"Red Hat JBoss Enterprise Application Platform :None.copy-descriptor-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.core-js-0.9.18",
"Red Hat JBoss Enterprise Application Platform :None.core-js-2.6.9",
"Red Hat JBoss Enterprise Application Platform :None.core-util-is-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.cosmiconfig-5.2.1",
"Red Hat JBoss Enterprise Application Platform :None.css-2.2.4",
"Red Hat JBoss Enterprise Application Platform :None.css-parse-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.css-select-1.2.0",
"Red Hat JBoss Enterprise Application Platform :None.css-unit-converter-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.css-what-2.1.3",
"Red Hat JBoss Enterprise Application Platform :None.cssom-0.3.6",
"Red Hat JBoss Enterprise Application Platform :None.cssstyle-0.2.37",
"Red Hat JBoss Enterprise Application Platform :None.currently-unhandled-0.4.1",
"Red Hat JBoss Enterprise Application Platform :None.d3-3.5.17",
"Red Hat JBoss Enterprise Application Platform :None.d3-5.9.2",
"Red Hat JBoss Enterprise Application Platform :None.d3-array-1.2.4",
"Red Hat JBoss Enterprise Application Platform :None.d3-axis-1.0.12",
"Red Hat JBoss Enterprise Application Platform :None.d3-brush-1.0.6",
"Red Hat JBoss Enterprise Application Platform :None.d3-chord-1.0.6",
"Red Hat JBoss Enterprise Application Platform :None.d3-collection-1.0.7",
"Red Hat JBoss Enterprise Application Platform :None.d3-color-1.2.3",
"Red Hat JBoss Enterprise Application Platform :None.d3-contour-1.3.2",
"Red Hat JBoss Enterprise Application Platform :None.d3-dispatch-1.0.5",
"Red Hat JBoss Enterprise Application Platform :None.d3-drag-1.2.3",
"Red Hat JBoss Enterprise Application Platform :None.d3-dsv-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.d3-ease-1.0.5",
"Red Hat JBoss Enterprise Application Platform :None.d3-fetch-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.d3-force-1.2.1",
"Red Hat JBoss Enterprise Application Platform :None.d3-format-1.3.2",
"Red Hat JBoss Enterprise Application Platform :None.d3-geo-1.11.6",
"Red Hat JBoss Enterprise Application Platform :None.d3-hierarchy-1.1.8",
"Red Hat JBoss Enterprise Application Platform :None.d3-interpolate-1.3.2",
"Red Hat JBoss Enterprise Application Platform :None.d3-path-1.0.7",
"Red Hat JBoss Enterprise Application Platform :None.d3-polygon-1.0.5",
"Red Hat JBoss Enterprise Application Platform :None.d3-quadtree-1.0.6",
"Red Hat JBoss Enterprise Application Platform :None.d3-random-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.d3-scale-2.2.2",
"Red Hat JBoss Enterprise Application Platform :None.d3-scale-chromatic-1.3.3",
"Red Hat JBoss Enterprise Application Platform :None.d3-selection-1.4.0",
"Red Hat JBoss Enterprise Application Platform :None.d3-shape-1.3.5",
"Red Hat JBoss Enterprise Application Platform :None.d3-time-1.0.11",
"Red Hat JBoss Enterprise Application Platform :None.d3-time-format-2.1.3",
"Red Hat JBoss Enterprise Application Platform :None.d3-timer-1.0.9",
"Red Hat JBoss Enterprise Application Platform :None.d3-transition-1.2.0",
"Red Hat JBoss Enterprise Application Platform :None.d3-voronoi-1.1.4",
"Red Hat JBoss Enterprise Application Platform :None.d3-zoom-1.7.3",
"Red Hat JBoss Enterprise Application Platform :None.dashdash-1.14.1",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-1.10.16",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-1.10.19",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-bs-1.10.16",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-buttons-1.5.6",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-colreorder-1.4.1",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-colreorder-bs-1.3.3",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-keytable-2.5.0",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-select-1.2.7",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-select-1.3.0",
"Red Hat JBoss Enterprise Application Platform :None.dateformat-1.0.12",
"Red Hat JBoss Enterprise Application Platform :None.debug-2.6.9",
"Red Hat JBoss Enterprise Application Platform :None.debug-3.2.6",
"Red Hat JBoss Enterprise Application Platform :None.debug-4.1.1",
"Red Hat JBoss Enterprise Application Platform :None.decamelize-1.2.0",
"Red Hat JBoss Enterprise Application Platform :None.decamelize-keys-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.decode-uri-component-0.2.0",
"Red Hat JBoss Enterprise Application Platform :None.deep-is-0.1.3",
"Red Hat JBoss Enterprise Application Platform :None.deferred-leveldown-5.0.1",
"Red Hat JBoss Enterprise Application Platform :None.define-property-0.2.5",
"Red Hat JBoss Enterprise Application Platform :None.define-property-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.define-property-2.0.2",
"Red Hat JBoss Enterprise Application Platform :None.delayed-stream-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.delegate-3.2.0",
"Red Hat JBoss Enterprise Application Platform :None.delegates-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.detect-file-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.detect-indent-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.diff-3.5.0",
"Red Hat JBoss Enterprise Application Platform :None.dir-glob-2.2.2",
"Red Hat JBoss Enterprise Application Platform :None.dom-serializer-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.domelementtype-1.3.1",
"Red Hat JBoss Enterprise Application Platform :None.domhandler-2.3.0",
"Red Hat JBoss Enterprise Application Platform :None.domhandler-2.4.2",
"Red Hat JBoss Enterprise Application Platform :None.domutils-1.5.1",
"Red Hat JBoss Enterprise Application Platform :None.dot-prop-4.2.0",
"Red Hat JBoss Enterprise Application Platform :None.double-ended-queue-2.1.0-0",
"Red Hat JBoss Enterprise Application Platform :None.drmonty-datatables-colvis-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.duplexer-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.ecc-jsbn-0.1.2",
"Red Hat JBoss Enterprise Application Platform :None.electron-to-chromium-1.3.174",
"Red Hat JBoss Enterprise Application Platform :None.emoji-regex-7.0.3",
"Red Hat JBoss Enterprise Application Platform :None.emoji-regex-8.0.0",
"Red Hat JBoss Enterprise Application Platform :None.encoding-down-6.1.0",
"Red Hat JBoss Enterprise Application Platform :None.end-stream-0.1.0",
"Red Hat JBoss Enterprise Application Platform :None.entities-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.entities-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.env-paths-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.eonasdan-bootstrap-datetimepicker-4.17.47",
"Red Hat JBoss Enterprise Application Platform :None.errno-0.1.7",
"Red Hat JBoss Enterprise Application Platform :None.error-7.0.2",
"Red Hat JBoss Enterprise Application Platform :None.error-ex-1.3.2",
"Red Hat JBoss Enterprise Application Platform :None.es6-denodeify-0.1.5",
"Red Hat JBoss Enterprise Application Platform :None.escape-html-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.escape-html-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.escape-string-regexp-1.0.5",
"Red Hat JBoss Enterprise Application Platform :None.escodegen-1.11.1",
"Red Hat JBoss Enterprise Application Platform :None.escodegen-1.7.0",
"Red Hat JBoss Enterprise Application Platform :None.esdoc-0.4.8",
"Red Hat JBoss Enterprise Application Platform :None.esdoc-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.espree-2.2.0",
"Red Hat JBoss Enterprise Application Platform :None.esprima-1.2.5",
"Red Hat JBoss Enterprise Application Platform :None.esprima-3.1.3",
"Red Hat JBoss Enterprise Application Platform :None.esprima-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.estraverse-1.9.3",
"Red Hat JBoss Enterprise Application Platform :None.estraverse-4.1.0",
"Red Hat JBoss Enterprise Application Platform :None.estraverse-4.2.0",
"Red Hat JBoss Enterprise Application Platform :None.esutils-2.0.2",
"Red Hat JBoss Enterprise Application Platform :None.eventemitter2-0.4.14",
"Red Hat JBoss Enterprise Application Platform :None.execall-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.exit-0.1.2",
"Red Hat JBoss Enterprise Application Platform :None.expand-brackets-2.1.4",
"Red Hat JBoss Enterprise Application Platform :None.expand-tilde-2.0.2",
"Red Hat JBoss Enterprise Application Platform :None.extend-3.0.2",
"Red Hat JBoss Enterprise Application Platform :None.extend-shallow-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.extend-shallow-3.0.2",
"Red Hat JBoss Enterprise Application Platform :None.extglob-2.0.4",
"Red Hat JBoss Enterprise Application Platform :None.extsprintf-1.3.0",
"Red Hat JBoss Enterprise Application Platform :None.fast-deep-equal-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.fast-future-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.fast-glob-2.2.7",
"Red Hat JBoss Enterprise Application Platform :None.fast-json-stable-stringify-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.fast-levenshtein-1.0.7",
"Red Hat JBoss Enterprise Application Platform :None.fast-levenshtein-2.0.6",
"Red Hat JBoss Enterprise Application Platform :None.faye-websocket-0.10.0",
"Red Hat JBoss Enterprise Application Platform :None.fetch-cookie-0.7.0",
"Red Hat JBoss Enterprise Application Platform :None.figures-1.7.0",
"Red Hat JBoss Enterprise Application Platform :None.file-entry-cache-5.0.1",
"Red Hat JBoss Enterprise Application Platform :None.file-sync-cmp-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.fill-range-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.fill-range-7.0.1",
"Red Hat JBoss Enterprise Application Platform :None.find-up-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.find-up-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.findup-sync-0.3.0",
"Red Hat JBoss Enterprise Application Platform :None.findup-sync-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.fined-1.2.0",
"Red Hat JBoss Enterprise Application Platform :None.flagged-respawn-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.flat-cache-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.flatted-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.font-awesome-4.7.0",
"Red Hat JBoss Enterprise Application Platform :None.font-awesome-sass-4.7.0",
"Red Hat JBoss Enterprise Application Platform :None.for-in-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.for-own-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.forever-agent-0.6.1",
"Red Hat JBoss Enterprise Application Platform :None.form-data-2.3.3",
"Red Hat JBoss Enterprise Application Platform :None.fragment-cache-0.2.1",
"Red Hat JBoss Enterprise Application Platform :None.fs-extra-0.26.5",
"Red Hat JBoss Enterprise Application Platform :None.fs-extra-5.0.0",
"Red Hat JBoss Enterprise Application Platform :None.fs-minipass-1.2.6",
"Red Hat JBoss Enterprise Application Platform :None.fs.realpath-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.gauge-2.7.4",
"Red Hat JBoss Enterprise Application Platform :None.gaze-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.get-stdin-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.get-stdin-7.0.0",
"Red Hat JBoss Enterprise Application Platform :None.get-value-2.0.6",
"Red Hat JBoss Enterprise Application Platform :None.getobject-0.1.0",
"Red Hat JBoss Enterprise Application Platform :None.getpass-0.1.7",
"Red Hat JBoss Enterprise Application Platform :None.glob-5.0.15",
"Red Hat JBoss Enterprise Application Platform :None.glob-7.0.6",
"Red Hat JBoss Enterprise Application Platform :None.glob-7.1.4",
"Red Hat JBoss Enterprise Application Platform :None.glob-parent-3.1.0",
"Red Hat JBoss Enterprise Application Platform :None.glob-to-regexp-0.3.0",
"Red Hat JBoss Enterprise Application Platform :None.global-modules-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.global-modules-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.global-prefix-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.global-prefix-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.globals-11.12.0",
"Red Hat JBoss Enterprise Application Platform :None.globals-9.18.0",
"Red Hat JBoss Enterprise Application Platform :None.globby-9.2.0",
"Red Hat JBoss Enterprise Application Platform :None.globjoin-0.1.4",
"Red Hat JBoss Enterprise Application Platform :None.globule-1.2.1",
"Red Hat JBoss Enterprise Application Platform :None.gonzales-pe-4.2.4",
"Red Hat JBoss Enterprise Application Platform :None.good-listener-1.2.2",
"Red Hat JBoss Enterprise Application Platform :None.google-code-prettify-1.0.5",
"Red Hat JBoss Enterprise Application Platform :None.graceful-fs-4.1.15",
"Red Hat JBoss Enterprise Application Platform :None.grunt-1.0.4",
"Red Hat JBoss Enterprise Application Platform :None.grunt-cli-1.2.0",
"Red Hat JBoss Enterprise Application Platform :None.grunt-cli-1.3.2",
"Red Hat JBoss Enterprise Application Platform :None.grunt-contrib-clean-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.grunt-contrib-concat-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.grunt-contrib-copy-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.grunt-contrib-cssmin-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.grunt-contrib-less-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.grunt-contrib-watch-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.grunt-css-count-0.3.2",
"Red Hat JBoss Enterprise Application Platform :None.grunt-esdoc-0.0.4",
"Red Hat JBoss Enterprise Application Platform :None.grunt-known-options-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.grunt-legacy-log-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.grunt-legacy-log-utils-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.grunt-legacy-util-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.grunt-postcss-0.9.0",
"Red Hat JBoss Enterprise Application Platform :None.grunt-stylelint-0.11.0",
"Red Hat JBoss Enterprise Application Platform :None.gzip-size-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.har-schema-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.har-validator-5.1.3",
"Red Hat JBoss Enterprise Application Platform :None.has-ansi-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.has-flag-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.has-unicode-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.has-value-0.3.1",
"Red Hat JBoss Enterprise Application Platform :None.has-value-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.has-values-0.1.4",
"Red Hat JBoss Enterprise Application Platform :None.has-values-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.homedir-polyfill-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.hooker-0.2.3",
"Red Hat JBoss Enterprise Application Platform :None.hosted-git-info-2.7.1",
"Red Hat JBoss Enterprise Application Platform :None.html-tags-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.htmlparser2-3.10.1",
"Red Hat JBoss Enterprise Application Platform :None.htmlparser2-3.8.3",
"Red Hat JBoss Enterprise Application Platform :None.http-parser-js-0.4.10",
"Red Hat JBoss Enterprise Application Platform :None.http-signature-1.2.0",
"Red Hat JBoss Enterprise Application Platform :None.ice-cap-0.0.4",
"Red Hat JBoss Enterprise Application Platform :None.iconv-lite-0.4.24",
"Red Hat JBoss Enterprise Application Platform :None.ignore-4.0.6",
"Red Hat JBoss Enterprise Application Platform :None.ignore-5.1.2",
"Red Hat JBoss Enterprise Application Platform :None.image-size-0.5.5",
"Red Hat JBoss Enterprise Application Platform :None.immediate-3.0.6",
"Red Hat JBoss Enterprise Application Platform :None.immediate-3.2.3",
"Red Hat JBoss Enterprise Application Platform :None.import-fresh-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.import-lazy-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.imurmurhash-0.1.4",
"Red Hat JBoss Enterprise Application Platform :None.indent-string-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.indent-string-3.2.0",
"Red Hat JBoss Enterprise Application Platform :None.indexes-of-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.inflight-1.0.6",
"Red Hat JBoss Enterprise Application Platform :None.inherits-2.0.3",
"Red Hat JBoss Enterprise Application Platform :None.ini-1.3.5",
"Red Hat JBoss Enterprise Application Platform :None.interpret-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.invariant-2.2.4",
"Red Hat JBoss Enterprise Application Platform :None.is-absolute-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-accessor-descriptor-0.1.6",
"Red Hat JBoss Enterprise Application Platform :None.is-accessor-descriptor-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-alphabetical-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.is-alphanumeric-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-alphanumerical-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.is-arrayish-0.2.1",
"Red Hat JBoss Enterprise Application Platform :None.is-buffer-1.1.6",
"Red Hat JBoss Enterprise Application Platform :None.is-buffer-2.0.3",
"Red Hat JBoss Enterprise Application Platform :None.is-data-descriptor-0.1.4",
"Red Hat JBoss Enterprise Application Platform :None.is-data-descriptor-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-decimal-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.is-descriptor-0.1.6",
"Red Hat JBoss Enterprise Application Platform :None.is-descriptor-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.is-directory-0.3.1",
"Red Hat JBoss Enterprise Application Platform :None.is-extendable-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.is-extendable-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.is-extglob-2.1.1",
"Red Hat JBoss Enterprise Application Platform :None.is-finite-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.is-fullwidth-code-point-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-fullwidth-code-point-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-fullwidth-code-point-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-glob-3.1.0",
"Red Hat JBoss Enterprise Application Platform :None.is-glob-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.is-hexadecimal-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.is-number-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-number-7.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-obj-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.is-plain-obj-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.is-plain-object-2.0.4",
"Red Hat JBoss Enterprise Application Platform :None.is-regexp-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.is-relative-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-typedarray-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-unc-path-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-utf8-0.2.1",
"Red Hat JBoss Enterprise Application Platform :None.is-whitespace-character-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.is-windows-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.is-word-character-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.isarray-0.0.1",
"Red Hat JBoss Enterprise Application Platform :None.isarray-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.isexe-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.isobject-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.isobject-3.0.1",
"Red Hat JBoss Enterprise Application Platform :None.isstream-0.1.2",
"Red Hat JBoss Enterprise Application Platform :None.jansi.dll-None",
"Red Hat JBoss Enterprise Application Platform :None.jboss-eap-7.4.7-runtime-maven-repository.zip-None",
"Red Hat JBoss Enterprise Application Platform :None.jquery-3.2.1",
"Red Hat JBoss Enterprise Application Platform :None.jquery-3.4.1",
"Red Hat JBoss Enterprise Application Platform :None.jquery-match-height-0.7.2",
"Red Hat JBoss Enterprise Application Platform :None.js-cookie-2.2.0",
"Red Hat JBoss Enterprise Application Platform :None.js-tokens-3.0.2",
"Red Hat JBoss Enterprise Application Platform :None.js-tokens-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.js-yaml-3.13.1",
"Red Hat JBoss Enterprise Application Platform :None.jsbn-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.jsdom-7.2.2",
"Red Hat JBoss Enterprise Application Platform :None.jsesc-1.3.0",
"Red Hat JBoss Enterprise Application Platform :None.jsesc-2.5.2",
"Red Hat JBoss Enterprise Application Platform :None.json-parse-better-errors-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.json-schema-0.2.3",
"Red Hat JBoss Enterprise Application Platform :None.json-schema-traverse-0.4.1",
"Red Hat JBoss Enterprise Application Platform :None.json-stringify-safe-5.0.1",
"Red Hat JBoss Enterprise Application Platform :None.json5-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.jsonfile-2.4.0",
"Red Hat JBoss Enterprise Application Platform :None.jsonfile-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.jsprim-1.4.1",
"Red Hat JBoss Enterprise Application Platform :None.jstree-3.3.8",
"Red Hat JBoss Enterprise Application Platform :None.kind-of-3.2.2",
"Red Hat JBoss Enterprise Application Platform :None.kind-of-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.kind-of-5.1.0",
"Red Hat JBoss Enterprise Application Platform :None.kind-of-6.0.2",
"Red Hat JBoss Enterprise Application Platform :None.klaw-1.3.1",
"Red Hat JBoss Enterprise Application Platform :None.known-css-properties-0.14.0",
"Red Hat JBoss Enterprise Application Platform :None.less-3.9.0",
"Red Hat JBoss Enterprise Application Platform :None.level-5.0.1",
"Red Hat JBoss Enterprise Application Platform :None.level-codec-9.0.1",
"Red Hat JBoss Enterprise Application Platform :None.level-concat-iterator-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.level-errors-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.level-iterator-stream-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.level-js-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.level-packager-5.0.2",
"Red Hat JBoss Enterprise Application Platform :None.level-write-stream-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.leveldown-5.0.2",
"Red Hat JBoss Enterprise Application Platform :None.levelup-4.0.2",
"Red Hat JBoss Enterprise Application Platform :None.leven-3.1.0",
"Red Hat JBoss Enterprise Application Platform :None.levn-0.2.5",
"Red Hat JBoss Enterprise Application Platform :None.levn-0.3.0",
"Red Hat JBoss Enterprise Application Platform :None.libjansi.so-None",
"Red Hat JBoss Enterprise Application Platform :None.libnetty_transport_native_epoll_x86_64.so-None",
"Red Hat JBoss Enterprise Application Platform :None.liftoff-2.5.0",
"Red Hat JBoss Enterprise Application Platform :None.livereload-js-2.4.0",
"Red Hat JBoss Enterprise Application Platform :None.load-json-file-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.load-json-file-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.locate-path-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.lodash-4.17.11",
"Red Hat JBoss Enterprise Application Platform :None.log-symbols-2.2.0",
"Red Hat JBoss Enterprise Application Platform :None.log-symbols-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.longest-streak-2.0.3",
"Red Hat JBoss Enterprise Application Platform :None.loose-envify-1.4.0",
"Red Hat JBoss Enterprise Application Platform :None.loud-rejection-1.6.0",
"Red Hat JBoss Enterprise Application Platform :None.ltgt-2.2.1",
"Red Hat JBoss Enterprise Application Platform :None.make-iterator-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.map-cache-0.2.2",
"Red Hat JBoss Enterprise Application Platform :None.map-obj-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.map-obj-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.map-visit-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.markdown-escapes-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.markdown-table-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.marked-0.3.19",
"Red Hat JBoss Enterprise Application Platform :None.marked-0.3.5",
"Red Hat JBoss Enterprise Application Platform :None.marked-0.7.0",
"Red Hat JBoss Enterprise Application Platform :None.matchdep-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.mathml-tag-names-2.1.1",
"Red Hat JBoss Enterprise Application Platform :None.maxmin-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.mdast-util-compact-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.meow-3.7.0",
"Red Hat JBoss Enterprise Application Platform :None.meow-5.0.0",
"Red Hat JBoss Enterprise Application Platform :None.merge2-1.2.3",
"Red Hat JBoss Enterprise Application Platform :None.micromatch-3.1.10",
"Red Hat JBoss Enterprise Application Platform :None.micromatch-4.0.2",
"Red Hat JBoss Enterprise Application Platform :None.mime-1.6.0",
"Red Hat JBoss Enterprise Application Platform :None.mime-db-1.40.0",
"Red Hat JBoss Enterprise Application Platform :None.mime-types-2.1.24",
"Red Hat JBoss Enterprise Application Platform :None.minimatch-3.0.4",
"Red Hat JBoss Enterprise Application Platform :None.minimist-0.0.8",
"Red Hat JBoss Enterprise Application Platform :None.minimist-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.minimist-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.minimist-1.2.6",
"Red Hat JBoss Enterprise Application Platform :None.minimist-options-3.0.2",
"Red Hat JBoss Enterprise Application Platform :None.minipass-2.3.5",
"Red Hat JBoss Enterprise Application Platform :None.minizlib-1.2.1",
"Red Hat JBoss Enterprise Application Platform :None.mixin-deep-1.3.2",
"Red Hat JBoss Enterprise Application Platform :None.mkdirp-0.5.1",
"Red Hat JBoss Enterprise Application Platform :None.moment-2.29.4",
"Red Hat JBoss Enterprise Application Platform :None.moment-timezone-0.4.1",
"Red Hat JBoss Enterprise Application Platform :None.ms-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.ms-2.1.2",
"Red Hat JBoss Enterprise Application Platform :None.nanomatch-1.2.13",
"Red Hat JBoss Enterprise Application Platform :None.napi-macros-1.8.2",
"Red Hat JBoss Enterprise Application Platform :None.node-fetch-2.4.1",
"Red Hat JBoss Enterprise Application Platform :None.node-gyp-5.0.1",
"Red Hat JBoss Enterprise Application Platform :None.node-gyp-build-3.8.0",
"Red Hat JBoss Enterprise Application Platform :None.node-releases-1.1.23",
"Red Hat JBoss Enterprise Application Platform :None.nopt-3.0.6",
"Red Hat JBoss Enterprise Application Platform :None.nopt-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.normalize-package-data-2.5.0",
"Red Hat JBoss Enterprise Application Platform :None.normalize-range-0.1.2",
"Red Hat JBoss Enterprise Application Platform :None.normalize-selector-0.2.0",
"Red Hat JBoss Enterprise Application Platform :None.npmlog-4.1.2",
"Red Hat JBoss Enterprise Application Platform :None.nth-check-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.num2fraction-1.2.2",
"Red Hat JBoss Enterprise Application Platform :None.number-is-nan-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.nwmatcher-1.4.4",
"Red Hat JBoss Enterprise Application Platform :None.oauth-sign-0.9.0",
"Red Hat JBoss Enterprise Application Platform :None.object-assign-4.1.1",
"Red Hat JBoss Enterprise Application Platform :None.object-copy-0.1.0",
"Red Hat JBoss Enterprise Application Platform :None.object-visit-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.object.defaults-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.object.map-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.object.pick-1.3.0",
"Red Hat JBoss Enterprise Application Platform :None.once-1.4.0",
"Red Hat JBoss Enterprise Application Platform :None.opencollective-postinstall-2.0.2",
"Red Hat JBoss Enterprise Application Platform :None.optionator-0.5.0",
"Red Hat JBoss Enterprise Application Platform :None.optionator-0.8.2",
"Red Hat JBoss Enterprise Application Platform :None.os-homedir-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.os-tmpdir-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.osenv-0.1.5",
"Red Hat JBoss Enterprise Application Platform :None.p-limit-1.3.0",
"Red Hat JBoss Enterprise Application Platform :None.p-locate-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.p-try-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.parse-entities-1.2.2",
"Red Hat JBoss Enterprise Application Platform :None.parse-filepath-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.parse-json-2.2.0",
"Red Hat JBoss Enterprise Application Platform :None.parse-json-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.parse-passwd-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.parse5-1.5.1",
"Red Hat JBoss Enterprise Application Platform :None.parse5-3.0.3",
"Red Hat JBoss Enterprise Application Platform :None.pascalcase-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.path-dirname-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.path-exists-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.path-exists-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.path-is-absolute-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.path-parse-1.0.6",
"Red Hat JBoss Enterprise Application Platform :None.path-root-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.path-root-regex-0.1.2",
"Red Hat JBoss Enterprise Application Platform :None.path-type-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.path-type-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.patternfly-3.59.2",
"Red Hat JBoss Enterprise Application Platform :None.patternfly-bootstrap-combobox-1.1.7",
"Red Hat JBoss Enterprise Application Platform :None.patternfly-bootstrap-treeview-2.1.5",
"Red Hat JBoss Enterprise Application Platform :None.performance-now-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.picomatch-2.0.7",
"Red Hat JBoss Enterprise Application Platform :None.pify-2.3.0",
"Red Hat JBoss Enterprise Application Platform :None.pify-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.pify-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.pinkie-2.0.4",
"Red Hat JBoss Enterprise Application Platform :None.pinkie-promise-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.pixrem-5.0.0",
"Red Hat JBoss Enterprise Application Platform :None.pom.xml-None",
"Red Hat JBoss Enterprise Application Platform :None.posix-character-classes-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.postcss-6.0.23",
"Red Hat JBoss Enterprise Application Platform :None.postcss-7.0.17",
"Red Hat JBoss Enterprise Application Platform :None.postcss-html-0.36.0",
"Red Hat JBoss Enterprise Application Platform :None.postcss-jsx-0.36.1",
"Red Hat JBoss Enterprise Application Platform :None.postcss-less-3.1.4",
"Red Hat JBoss Enterprise Application Platform :None.postcss-markdown-0.36.0",
"Red Hat JBoss Enterprise Application Platform :None.postcss-media-query-parser-0.2.3",
"Red Hat JBoss Enterprise Application Platform :None.postcss-reporter-6.0.1",
"Red Hat JBoss Enterprise Application Platform :None.postcss-resolve-nested-selector-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.postcss-safe-parser-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.postcss-sass-0.3.5",
"Red Hat JBoss Enterprise Application Platform :None.postcss-scss-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.postcss-selector-parser-3.1.1",
"Red Hat JBoss Enterprise Application Platform :None.postcss-syntax-0.36.2",
"Red Hat JBoss Enterprise Application Platform :None.postcss-value-parser-3.3.1",
"Red Hat JBoss Enterprise Application Platform :None.pouchdb-7.1.1",
"Red Hat JBoss Enterprise Application Platform :None.prelude-ls-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.pretty-bytes-3.0.1",
"Red Hat JBoss Enterprise Application Platform :None.process-nextick-args-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.promise-7.3.1",
"Red Hat JBoss Enterprise Application Platform :None.promise-polyfill-8.1.3",
"Red Hat JBoss Enterprise Application Platform :None.prr-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.psl-1.1.33",
"Red Hat JBoss Enterprise Application Platform :None.punycode-1.4.1",
"Red Hat JBoss Enterprise Application Platform :None.punycode-2.1.1",
"Red Hat JBoss Enterprise Application Platform :None.qs-6.5.2",
"Red Hat JBoss Enterprise Application Platform :None.quick-lru-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.raw-body-1.1.7",
"Red Hat JBoss Enterprise Application Platform :None.read-pkg-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.read-pkg-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.read-pkg-up-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.read-pkg-up-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.readable-stream-0.0.4",
"Red Hat JBoss Enterprise Application Platform :None.readable-stream-1.0.33",
"Red Hat JBoss Enterprise Application Platform :None.readable-stream-1.1.14",
"Red Hat JBoss Enterprise Application Platform :None.readable-stream-2.3.6",
"Red Hat JBoss Enterprise Application Platform :None.readable-stream-3.4.0",
"Red Hat JBoss Enterprise Application Platform :None.rechoir-0.6.2",
"Red Hat JBoss Enterprise Application Platform :None.redent-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.redent-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.reduce-css-calc-2.1.6",
"Red Hat JBoss Enterprise Application Platform :None.regenerator-runtime-0.11.1",
"Red Hat JBoss Enterprise Application Platform :None.regex-not-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.remark-10.0.1",
"Red Hat JBoss Enterprise Application Platform :None.remark-parse-6.0.3",
"Red Hat JBoss Enterprise Application Platform :None.remark-stringify-6.0.4",
"Red Hat JBoss Enterprise Application Platform :None.repeat-element-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.repeat-string-1.6.1",
"Red Hat JBoss Enterprise Application Platform :None.repeating-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.replace-ext-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.request-2.88.0",
"Red Hat JBoss Enterprise Application Platform :None.resolve-1.1.7",
"Red Hat JBoss Enterprise Application Platform :None.resolve-1.11.1",
"Red Hat JBoss Enterprise Application Platform :None.resolve-dir-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.resolve-from-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.resolve-from-5.0.0",
"Red Hat JBoss Enterprise Application Platform :None.resolve-url-0.2.1",
"Red Hat JBoss Enterprise Application Platform :None.ret-0.1.15",
"Red Hat JBoss Enterprise Application Platform :None.rimraf-2.6.3",
"Red Hat JBoss Enterprise Application Platform :None.rw-1.3.3",
"Red Hat JBoss Enterprise Application Platform :None.safe-buffer-5.1.2",
"Red Hat JBoss Enterprise Application Platform :None.safe-json-parse-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.safe-regex-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.safer-buffer-2.1.2",
"Red Hat JBoss Enterprise Application Platform :None.sax-1.2.4",
"Red Hat JBoss Enterprise Application Platform :None.select-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.semver-5.3.0",
"Red Hat JBoss Enterprise Application Platform :None.semver-5.7.0",
"Red Hat JBoss Enterprise Application Platform :None.set-blocking-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.set-value-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.signal-exit-3.0.2",
"Red Hat JBoss Enterprise Application Platform :None.slash-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.slash-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.slice-ansi-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.snapdragon-0.8.2",
"Red Hat JBoss Enterprise Application Platform :None.snapdragon-node-2.1.1",
"Red Hat JBoss Enterprise Application Platform :None.snapdragon-util-3.0.1",
"Red Hat JBoss Enterprise Application Platform :None.source-map-0.2.0",
"Red Hat JBoss Enterprise Application Platform :None.source-map-0.5.7",
"Red Hat JBoss Enterprise Application Platform :None.source-map-0.6.1",
"Red Hat JBoss Enterprise Application Platform :None.source-map-resolve-0.5.2",
"Red Hat JBoss Enterprise Application Platform :None.source-map-url-0.4.0",
"Red Hat JBoss Enterprise Application Platform :None.spark-md5-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.spdx-correct-3.1.0",
"Red Hat JBoss Enterprise Application Platform :None.spdx-exceptions-2.2.0",
"Red Hat JBoss Enterprise Application Platform :None.spdx-expression-parse-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.spdx-license-ids-3.0.4",
"Red Hat JBoss Enterprise Application Platform :None.specificity-0.4.1",
"Red Hat JBoss Enterprise Application Platform :None.split-string-3.1.0",
"Red Hat JBoss Enterprise Application Platform :None.sprintf-js-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.sprintf-js-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.sshpk-1.16.1",
"Red Hat JBoss Enterprise Application Platform :None.stack-trace-0.0.10",
"Red Hat JBoss Enterprise Application Platform :None.state-toggle-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.static-extend-0.1.2",
"Red Hat JBoss Enterprise Application Platform :None.string-template-0.2.1",
"Red Hat JBoss Enterprise Application Platform :None.string-width-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.string-width-3.1.0",
"Red Hat JBoss Enterprise Application Platform :None.string-width-4.1.0",
"Red Hat JBoss Enterprise Application Platform :None.string_decoder-0.10.31",
"Red Hat JBoss Enterprise Application Platform :None.string_decoder-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.stringify-entities-1.3.2",
"Red Hat JBoss Enterprise Application Platform :None.strip-ansi-3.0.1",
"Red Hat JBoss Enterprise Application Platform :None.strip-ansi-5.2.0",
"Red Hat JBoss Enterprise Application Platform :None.strip-bom-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.strip-bom-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.strip-indent-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.strip-indent-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.style-search-0.1.0",
"Red Hat JBoss Enterprise Application Platform :None.stylelint-10.1.0",
"Red Hat JBoss Enterprise Application Platform :None.sugarss-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.supports-color-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.supports-color-5.5.0",
"Red Hat JBoss Enterprise Application Platform :None.supports-color-6.1.0",
"Red Hat JBoss Enterprise Application Platform :None.svg-tags-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.symbol-tree-3.2.4",
"Red Hat JBoss Enterprise Application Platform :None.table-5.4.1",
"Red Hat JBoss Enterprise Application Platform :None.taffydb-2.7.2",
"Red Hat JBoss Enterprise Application Platform :None.taffydb-2.7.3",
"Red Hat JBoss Enterprise Application Platform :None.tar-4.4.10",
"Red Hat JBoss Enterprise Application Platform :None.through2-3.0.1",
"Red Hat JBoss Enterprise Application Platform :None.tiny-emitter-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.tiny-lr-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.to-fast-properties-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.to-fast-properties-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.to-object-path-0.3.0",
"Red Hat JBoss Enterprise Application Platform :None.to-regex-3.0.2",
"Red Hat JBoss Enterprise Application Platform :None.to-regex-range-2.1.1",
"Red Hat JBoss Enterprise Application Platform :None.to-regex-range-5.0.1",
"Red Hat JBoss Enterprise Application Platform :None.tough-cookie-2.4.3",
"Red Hat JBoss Enterprise Application Platform :None.tough-cookie-2.5.0",
"Red Hat JBoss Enterprise Application Platform :None.tr46-0.0.3",
"Red Hat JBoss Enterprise Application Platform :None.trim-0.0.1",
"Red Hat JBoss Enterprise Application Platform :None.trim-newlines-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.trim-newlines-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.trim-right-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.trim-trailing-lines-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.trough-1.0.4",
"Red Hat JBoss Enterprise Application Platform :None.tunnel-agent-0.6.0",
"Red Hat JBoss Enterprise Application Platform :None.tweetnacl-0.14.5",
"Red Hat JBoss Enterprise Application Platform :None.type-check-0.3.2",
"Red Hat JBoss Enterprise Application Platform :None.typedarray-to-buffer-3.1.5",
"Red Hat JBoss Enterprise Application Platform :None.unc-path-regex-0.1.2",
"Red Hat JBoss Enterprise Application Platform :None.underscore.string-3.3.5",
"Red Hat JBoss Enterprise Application Platform :None.unherit-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.unified-7.1.0",
"Red Hat JBoss Enterprise Application Platform :None.union-value-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.uniq-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.unist-util-find-all-after-1.0.4",
"Red Hat JBoss Enterprise Application Platform :None.unist-util-is-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.unist-util-remove-position-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.unist-util-stringify-position-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.unist-util-visit-1.4.1",
"Red Hat JBoss Enterprise Application Platform :None.unist-util-visit-parents-2.1.2",
"Red Hat JBoss Enterprise Application Platform :None.universalify-0.1.2",
"Red Hat JBoss Enterprise Application Platform :None.unset-value-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.uri-js-4.2.2",
"Red Hat JBoss Enterprise Application Platform :None.urix-0.1.0",
"Red Hat JBoss Enterprise Application Platform :None.use-3.1.1",
"Red Hat JBoss Enterprise Application Platform :None.util-deprecate-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.uuid-3.2.1",
"Red Hat JBoss Enterprise Application Platform :None.uuid-3.3.2",
"Red Hat JBoss Enterprise Application Platform :None.v8flags-3.1.3",
"Red Hat JBoss Enterprise Application Platform :None.validate-npm-package-license-3.0.4",
"Red Hat JBoss Enterprise Application Platform :None.verror-1.10.0",
"Red Hat JBoss Enterprise Application Platform :None.vfile-3.0.1",
"Red Hat JBoss Enterprise Application Platform :None.vfile-location-2.0.5",
"Red Hat JBoss Enterprise Application Platform :None.vfile-message-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.vuvuzela-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.webidl-conversions-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.websocket-driver-0.7.3",
"Red Hat JBoss Enterprise Application Platform :None.websocket-extensions-0.1.3",
"Red Hat JBoss Enterprise Application Platform :None.whatwg-fetch-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.whatwg-url-compat-0.6.5",
"Red Hat JBoss Enterprise Application Platform :None.which-1.3.1",
"Red Hat JBoss Enterprise Application Platform :None.wide-align-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.wordwrap-0.0.3",
"Red Hat JBoss Enterprise Application Platform :None.wordwrap-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.wrappy-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.write-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.write-stream-0.4.3",
"Red Hat JBoss Enterprise Application Platform :None.x-is-string-0.1.0",
"Red Hat JBoss Enterprise Application Platform :None.xml-name-validator-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.xtend-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.yallist-3.0.3",
"Red Hat JBoss Enterprise Application Platform :None.yargs-parser-10.1.0",
"Red Hat JBoss Enterprise Application Platform :antlr.antlr-2.7.7.redhat-7.jar",
"Red Hat JBoss Enterprise Application Platform :antlr.antlr-2.7.7.redhat-7.pom",
"Red Hat JBoss Enterprise Application Platform :ch.qos.cal10n.cal10n-api-0.8.1.redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :ch.qos.cal10n.cal10n-api-0.8.1.redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.classmate-1.5.1.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.classmate-1.5.1.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-annotations-2.11.3.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-annotations-2.12.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-annotations-2.12.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-core-2.11.3.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-core-2.12.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-core-2.12.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-databind-2.11.3.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-databind-2.12.6.1-redhat-00004.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-databind-2.12.6.1-redhat-00004.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.datatype.jackson-datatype-jdk8-2.12.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.datatype.jackson-datatype-jdk8-2.12.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.datatype.jackson-datatype-jsr310-2.12.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.datatype.jackson-datatype-jsr310-2.12.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.jaxrs.jackson-jaxrs-base-2.12.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.jaxrs.jackson-jaxrs-base-2.12.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.jaxrs.jackson-jaxrs-json-provider-2.12.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.jaxrs.jackson-jaxrs-json-provider-2.12.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.module.jackson-module-jaxb-annotations-2.12.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.module.jackson-module-jaxb-annotations-2.12.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.woodstox.woodstox-core-6.0.3.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.github.ben-manes.caffeine.caffeine-2.8.8.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.github.fge.btf-1.2.0.redhat-00007.jar",
"Red Hat JBoss Enterprise Application Platform :com.github.fge.jackson-coreutils-1.8.0.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :com.github.fge.json-patch-1.9.0.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :com.github.fge.msg-simple-1.1.0.redhat-00007.jar",
"Red Hat JBoss Enterprise Application Platform :com.github.spullara.mustache.java.compiler-0.9.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.github.spullara.mustache.java.compiler-0.9.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.google.code.gson.gson-2.8.5.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.google.code.gson.gson-2.8.9.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.google.code.gson.gson-2.8.9.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.google.guava.failureaccess-1.0.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :com.google.guava.failureaccess-1.0.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :com.google.guava.guava-30.1.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.google.guava.guava-30.1.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.google.protobuf.protobuf-java-3.12.2.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :com.googlecode.javaewah.JavaEWAH-1.1.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.googlecode.javaewah.JavaEWAH-1.1.7.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.h2database.h2-1.4.197.redhat-00004.jar",
"Red Hat JBoss Enterprise Application Platform :com.h2database.h2-1.4.197.redhat-00004.pom",
"Red Hat JBoss Enterprise Application Platform :com.h2database.h2-1.4.197.redhat-00004.zip",
"Red Hat JBoss Enterprise Application Platform :com.microsoft.azure.azure-storage-8.6.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.microsoft.azure.azure-storage-8.6.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.squareup.protoparser-4.0.3.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.activation.jakarta.activation-1.2.2.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.activation.jakarta.activation-1.2.2.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.faces.jsf-impl-2.3.14.SP06-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.faces.jsf-impl-2.3.14.SP06-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.istack.istack-commons-runtime-3.0.10.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.istack.istack-commons-runtime-3.0.10.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.istack.istack-commons-tools-3.0.10.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.istack.istack-commons-tools-3.0.10.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.mail.jakarta.mail-1.6.5.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.mail.jakarta.mail-1.6.5.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.bind.external.relaxng-datatype-2.3.3.b02-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.bind.external.relaxng-datatype-2.3.3.b02-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.bind.external.rngom-2.3.3.b02-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.bind.external.rngom-2.3.3.b02-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.bind.jaxb.isorelax-20090621.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.fastinfoset.FastInfoset-1.2.13.redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.fastinfoset.FastInfoset-1.2.13.redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.messaging.saaj.saaj-impl-1.4.1.SP1-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.messaging.saaj.saaj-impl-1.4.1.SP1-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :commons-beanutils.commons-beanutils-1.9.4.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :commons-beanutils.commons-beanutils-1.9.4.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :commons-cli.commons-cli-1.2.0.redhat-10.pom",
"Red Hat JBoss Enterprise Application Platform :commons-cli.commons-cli-1.4.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :commons-cli.commons-cli-1.4.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :commons-codec.commons-codec-1.11.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :commons-codec.commons-codec-1.15.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :commons-codec.commons-codec-1.15.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :commons-collections.commons-collections-3.2.2.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :commons-collections.commons-collections-3.2.2.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :commons-io.commons-io-2.10.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :commons-io.commons-io-2.10.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :commons-io.commons-io-2.8.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :commons-lang.commons-lang-2.6.0.redhat-7.jar",
"Red Hat JBoss Enterprise Application Platform :commons-lang.commons-lang-2.6.0.redhat-7.pom",
"Red Hat JBoss Enterprise Application Platform :commons-logging.commons-logging-1.2.0.redhat-00004.pom",
"Red Hat JBoss Enterprise Application Platform :gnu.getopt.java-getopt-1.0.13.redhat-5.jar",
"Red Hat JBoss Enterprise Application Platform :gnu.getopt.java-getopt-1.0.13.redhat-5.pom",
"Red Hat JBoss Enterprise Application Platform :io.agroal.agroal-api-1.3.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.agroal.agroal-api-1.3.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.agroal.agroal-narayana-1.3.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.agroal.agroal-narayana-1.3.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.agroal.agroal-pool-1.3.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.agroal.agroal-pool-1.3.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-buffer-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-buffer-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-dns-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-dns-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-haproxy-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-haproxy-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-http-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-http-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-http2-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-http2-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-memcache-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-memcache-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-mqtt-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-mqtt-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-redis-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-redis-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-smtp-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-smtp-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-socks-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-socks-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-stomp-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-stomp-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-xml-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-xml-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-common-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-handler-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-handler-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-handler-proxy-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-handler-proxy-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-resolver-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-resolver-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-resolver-dns-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-resolver-dns-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-resolver-dns-classes-macos-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-resolver-dns-classes-macos-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-tcnative-classes-2.0.52.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-tcnative-classes-2.0.52.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-classes-epoll-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-classes-epoll-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-classes-kqueue-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-classes-kqueue-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-native-epoll-4.1.77.Final-redhat-00001-linux-x86_64.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-native-epoll-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-native-unix-common-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-native-unix-common-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-rxtx-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-rxtx-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-sctp-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-sctp-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-udt-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-udt-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.reactivex.rxjava2.rxjava-2.2.20.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.reactivex.rxjava3.rxjava-3.0.9.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.undertow.jastow.jastow-2.0.11.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.undertow.jastow.jastow-2.0.11.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.undertow.js.undertow-js-1.0.2.Final-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :io.undertow.js.undertow-js-1.0.2.Final-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :io.undertow.undertow-core-2.2.19.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.undertow.undertow-core-2.2.19.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.undertow.undertow-servlet-2.2.19.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.undertow.undertow-servlet-2.2.19.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.undertow.undertow-websockets-jsr-2.2.19.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.undertow.undertow-websockets-jsr-2.2.19.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :jakarta.enterprise.jakarta.enterprise.cdi-api-2.0.2.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :jakarta.enterprise.jakarta.enterprise.cdi-api-2.0.2.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :jakarta.inject.jakarta.inject-api-1.0.3.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :jakarta.inject.jakarta.inject-api-1.0.3.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :jakarta.json.bind.jakarta.json.bind-api-1.0.2.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :jakarta.json.bind.jakarta.json.bind-api-1.0.2.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :jakarta.json.jakarta.json-api-1.1.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :jakarta.json.jakarta.json-api-1.1.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :jakarta.persistence.jakarta.persistence-api-2.2.3.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :jakarta.persistence.jakarta.persistence-api-2.2.3.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :jakarta.security.enterprise.jakarta.security.enterprise-api-1.0.2.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :jakarta.security.enterprise.jakarta.security.enterprise-api-1.0.2.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :jakarta.validation.jakarta.validation-api-2.0.2.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :jakarta.validation.jakarta.validation-api-2.0.2.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :javax.jws.jsr181-api-1.0.0.MR1-redhat-8.jar",
"Red Hat JBoss Enterprise Application Platform :javax.jws.jsr181-api-1.0.0.MR1-redhat-8.pom",
"Red Hat JBoss Enterprise Application Platform :jaxen.jaxen-1.1.6.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :jaxen.jaxen-1.1.6.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :jboss.jaxbintros.jboss-jaxb-intros-1.0.3.GA-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :jboss.jaxbintros.jboss-jaxb-intros-1.0.3.GA-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :joda-time.joda-time-2.9.7.redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :joda-time.joda-time-2.9.7.redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :net.bytebuddy.byte-buddy-1.11.12.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :net.bytebuddy.byte-buddy-dep-1.11.12.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :net.java.dev.msv.msv-core-2013.6.1.pom",
"Red Hat JBoss Enterprise Application Platform :net.java.dev.msv.xsdlib-2013.6.1.pom",
"Red Hat JBoss Enterprise Application Platform :net.jcip.jcip-annotations-1.0.0.redhat-8.jar",
"Red Hat JBoss Enterprise Application Platform :net.jcip.jcip-annotations-1.0.0.redhat-8.pom",
"Red Hat JBoss Enterprise Application Platform :net.shibboleth.utilities.java-support-7.3.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :net.shibboleth.utilities.java-support-7.3.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.aesh.aesh-2.4.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.aesh.aesh-2.4.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.aesh.aesh-extensions-1.8.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.aesh.aesh-extensions-1.8.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.aesh.readline-2.2.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.aesh.readline-2.2.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.aesh.terminal-api-2.2.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.activemq-artemis-native-1.0.2.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.activemq-artemis-native-1.0.2.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-cli-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-cli-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-commons-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-commons-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-core-client-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-core-client-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-dto-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-dto-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-hornetq-protocol-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-hornetq-protocol-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-hqclient-protocol-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-hqclient-protocol-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-jdbc-store-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-jdbc-store-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-jms-client-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-jms-client-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-jms-server-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-jms-server-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-journal-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-journal-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-ra-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-ra-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-selector-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-selector-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-server-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-server-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-service-extensions-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-service-extensions-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-tools-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-tools-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.avro.avro-1.7.6.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.avro.avro-1.7.6.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.commons.commons-lang3-3.11.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.commons.commons-lang3-3.11.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-core-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-core-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-bindings-coloc-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-bindings-coloc-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-bindings-soap-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-bindings-soap-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-bindings-xml-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-bindings-xml-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-databinding-aegis-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-databinding-aegis-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-databinding-jaxb-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-databinding-jaxb-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-features-clustering-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-features-clustering-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-features-logging-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-features-logging-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-frontend-jaxws-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-frontend-jaxws-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-frontend-simple-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-frontend-simple-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-management-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-management-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-security-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-security-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-security-saml-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-security-saml-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-http-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-http-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-http-hc-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-http-hc-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-jms-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-jms-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-local-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-local-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-addr-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-addr-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-mex-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-mex-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-policy-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-policy-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-rm-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-rm-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-security-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-security-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-wsdl-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-wsdl-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-common-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-common-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-java2ws-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-java2ws-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-validator-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-validator-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-wsdlto-core-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-wsdlto-core-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-wsdlto-databinding-jaxb-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-wsdlto-databinding-jaxb-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-wsdlto-frontend-jaxws-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-wsdlto-frontend-jaxws-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.services.sts.cxf-services-sts-core-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.services.sts.cxf-services-sts-core-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.services.ws-discovery.cxf-services-ws-discovery-api-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.services.ws-discovery.cxf-services-ws-discovery-api-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjc-utils.cxf-xjc-runtime-3.3.1.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjc-utils.cxf-xjc-runtime-3.3.1.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-boolean-3.3.1.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-boolean-3.3.1.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-bug986-3.3.1.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-bug986-3.3.1.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-dv-3.3.1.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-dv-3.3.1.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-ts-3.3.1.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-ts-3.3.1.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpasyncclient-4.1.4.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpasyncclient-4.1.4.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpclient-4.5.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpclient-4.5.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpcore-4.4.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpcore-4.4.14.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpcore-4.4.14.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpcore-nio-4.4.14.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpcore-nio-4.4.14.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpmime-4.5.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpmime-4.5.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.james.apache-mime4j-0.6.0.redhat-7.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.james.apache-mime4j-0.6.0.redhat-7.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.logging.log4j.log4j-api-2.17.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.logging.log4j.log4j-api-2.17.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-analyzers-common-5.5.5.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-analyzers-common-5.5.5.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-backward-codecs-5.5.5.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-backward-codecs-5.5.5.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-core-5.5.5.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-core-5.5.5.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-facet-5.5.5.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-facet-5.5.5.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-misc-5.5.5.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-misc-5.5.5.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-queries-5.5.5.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-queries-5.5.5.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-queryparser-5.5.5.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-queryparser-5.5.5.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.neethi.neethi-3.1.1.redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.neethi.neethi-3.1.1.redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.santuario.xmlsec-2.1.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.santuario.xmlsec-2.1.7.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.sshd.sshd-common-2.7.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.sshd.sshd-common-2.7.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.sshd.sshd-core-2.7.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.sshd.sshd-core-2.7.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.taglibs.taglibs-standard-compat-1.2.6.RC1-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.taglibs.taglibs-standard-compat-1.2.6.RC1-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.taglibs.taglibs-standard-impl-1.2.6.RC1-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.taglibs.taglibs-standard-impl-1.2.6.RC1-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.taglibs.taglibs-standard-spec-1.2.6.RC1-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.taglibs.taglibs-standard-spec-1.2.6.RC1-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.velocity.velocity-engine-core-2.3.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.ws.xmlschema.xmlschema-core-2.2.5.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.ws.xmlschema.xmlschema-core-2.2.5.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-bindings-2.2.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-bindings-2.2.7.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-policy-2.2.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-policy-2.2.7.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-common-2.2.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-common-2.2.7.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-dom-2.2.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-dom-2.2.7.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-policy-stax-2.2.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-policy-stax-2.2.7.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-stax-2.2.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-stax-2.2.7.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.bitbucket.b_c.jose4j-0.7.5.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcmail-jdk15on-1.68.0.redhat-00005.jar",
"Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcmail-jdk15on-1.68.0.redhat-00005.pom",
"Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcpg-jdk15on-1.68.0.redhat-00005.jar",
"Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcpg-jdk15on-1.68.0.redhat-00005.pom",
"Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcpkix-jdk15on-1.68.0.redhat-00005.jar",
"Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcpkix-jdk15on-1.68.0.redhat-00005.pom",
"Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcprov-jdk15on-1.68.0.redhat-00005.jar",
"Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcprov-jdk15on-1.68.0.redhat-00005.pom",
"Red Hat JBoss Enterprise Application Platform :org.codehaus.jackson.jackson-core-asl-1.9.13.redhat-00007.jar",
"Red Hat JBoss Enterprise Application Platform :org.codehaus.jackson.jackson-jaxrs-1.9.13.redhat-00007.jar",
"Red Hat JBoss Enterprise Application Platform :org.codehaus.jackson.jackson-mapper-asl-1.9.13.redhat-00007.jar",
"Red Hat JBoss Enterprise Application Platform :org.codehaus.jackson.jackson-xc-1.9.13.redhat-00007.jar",
"Red Hat JBoss Enterprise Application Platform :org.codehaus.jettison.jettison-1.4.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.codehaus.jettison.jettison-1.4.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.codehaus.woodstox.stax2-api-4.2.1.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.codehaus.woodstox.stax2-api-4.2.1.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.cryptacular.cryptacular-1.2.4.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.cryptacular.cryptacular-1.2.4.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.dom4j.dom4j-2.1.3.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.dom4j.dom4j-2.1.3.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.eclipse.jdt.ecj-3.26.0.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.eclipse.jdt.ecj-3.26.0.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.eclipse.jgit.org.eclipse.jgit-5.13.0.202109080827-r-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.eclipse.jgit.org.eclipse.jgit-5.13.0.202109080827-r-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.eclipse.jgit.org.eclipse.jgit.ssh.apache-5.13.0.202109080827-r-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.eclipse.jgit.org.eclipse.jgit.ssh.apache-5.13.0.202109080827-r-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.eclipse.yasson-1.0.10.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.eclipse.yasson-1.0.10.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.fusesource.hawtjni.hawtjni-runtime-1.17.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.fusesource.jansi.jansi-1.18.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.fusesource.jansi.jansi-linux32-1.8.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.fusesource.jansi.jansi-linux64-1.8.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.fusesource.jansi.jansi-native-1.8.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jakarta.el-3.0.3.redhat-00007.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jakarta.el-3.0.3.redhat-00007.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jakarta.enterprise.concurrent-1.1.1.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jakarta.enterprise.concurrent-1.1.1.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jakarta.json-1.1.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jakarta.json-1.1.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.codemodel-2.3.3.b02-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.codemodel-2.3.3.b02-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.jaxb-jxc-2.3.3.b02-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.jaxb-jxc-2.3.3.b02-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.jaxb-runtime-2.3.3.b02-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.jaxb-runtime-2.3.3.b02-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.jaxb-xjc-2.3.3.b02-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.jaxb-xjc-2.3.3.b02-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.txw2-2.3.3.b02-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.txw2-2.3.3.b02-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.xsom-2.3.3.b02-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.xsom-2.3.3.b02-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.soteria.jakarta.security.enterprise-1.0.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.soteria.jakarta.security.enterprise-1.0.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.common.hibernate-commons-annotations-5.0.5.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-core-5.3.28.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-envers-5.3.28.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-backend-jms-5.10.7.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-backend-jms-5.10.7.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-engine-5.10.7.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-engine-5.10.7.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-orm-5.10.7.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-orm-5.10.7.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-serialization-avro-5.10.7.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-serialization-avro-5.10.7.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.validator.hibernate-validator-6.0.23.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.validator.hibernate-validator-6.0.23.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.validator.hibernate-validator-cdi-6.0.23.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.validator.hibernate-validator-cdi-6.0.23.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.hornetq.hornetq-commons-2.4.8.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hornetq.hornetq-commons-2.4.8.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.hornetq.hornetq-core-client-2.4.8.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hornetq.hornetq-core-client-2.4.8.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.hornetq.hornetq-jms-client-2.4.8.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hornetq.hornetq-jms-client-2.4.8.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-cachestore-jdbc-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-cachestore-jdbc-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-cachestore-remote-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-cachestore-remote-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-client-hotrod-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-client-hotrod-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-commons-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-commons-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-component-annotations-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-component-annotations-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-core-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-core-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-commons-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-commons-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-spi-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-spi-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-v51-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-v51-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-v53-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-v53-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.protostream.protostream-4.3.5.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.protostream.protostream-4.3.5.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jasypt.jasypt-1.9.3.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.jasypt.jasypt-1.9.3.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.javassist.javassist-3.26.0.GA-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.javassist.javassist-3.27.0.GA-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.javassist.javassist-3.27.0.GA-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jberet.jberet-core-1.3.9.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jberet.jberet-core-1.3.9.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.activemq.artemis.integration.artemis-wildfly-integration-1.0.4.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.activemq.artemis.integration.artemis-wildfly-integration-1.0.4.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.classfilewriter.jboss-classfilewriter-1.2.5.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.classfilewriter.jboss-classfilewriter-1.2.5.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.common.jboss-common-beans-2.0.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.common.jboss-common-beans-2.0.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-eclipselink-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-eclipselink-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate4-1-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate4-1-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate4-3-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate4-3-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate5-3-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate5-3-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate5-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate5-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-openjpa-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-openjpa-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-appclient-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-appclient-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-batch-jberet-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-batch-jberet-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-bean-validation-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-bean-validation-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-client-all-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-client-properties-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-client-properties-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-api-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-api-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-common-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-common-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-cache-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-cache-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-hotrod-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-hotrod-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-infinispan-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-infinispan-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ejb-infinispan-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ejb-infinispan-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ejb-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ejb-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-client-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-client-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-extension-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-extension-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-marshalling-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-marshalling-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-jgroups-api-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-jgroups-api-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-jgroups-extension-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-jgroups-extension-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-jgroups-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-jgroups-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-api-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-api-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-jboss-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-jboss-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-protostream-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-protostream-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-server-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-server-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-service-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-service-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-singleton-api-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-singleton-api-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-singleton-extension-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-singleton-extension-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-api-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-api-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-cache-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-cache-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-container-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-container-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-extension-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-extension-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-hotrod-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-hotrod-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-infinispan-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-infinispan-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-undertow-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-undertow-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-cmp-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-cmp-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-configadmin-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-configadmin-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-connector-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-connector-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-datasources-agroal-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-datasources-agroal-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ee-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ee-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ee-security-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ee-security-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ejb3-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ejb3-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-health-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-health-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-iiop-openjdk-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-iiop-openjdk-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jacorb-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jacorb-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jaxr-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jaxr-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jaxrs-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jaxrs-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jdr-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jdr-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jpa-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jpa-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jsf-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jsf-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jsf-injection-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jsf-injection-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jsr77-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jsr77-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-mail-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-mail-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-messaging-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-messaging-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-messaging-activemq-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-messaging-activemq-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-metrics-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-metrics-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-mod_cluster-extension-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-mod_cluster-extension-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-mod_cluster-undertow-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-mod_cluster-undertow-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-naming-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-naming-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ormtransformer-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ormtransformer-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-picketlink-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-picketlink-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-pojo-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-pojo-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-rts-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-rts-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-sar-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-sar-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-api-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-api-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-integration-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-integration-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-plugins-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-plugins-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-vault-tool-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-vault-tool-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-system-jmx-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-system-jmx-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-transactions-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-transactions-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-undertow-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-undertow-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-web-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-web-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-web-common-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-web-common-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-webservices-server-integration-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-webservices-server-integration-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-bean-validation-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-bean-validation-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-common-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-common-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-ejb-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-ejb-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-jpa-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-jpa-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-transactions-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-transactions-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-webservices-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-webservices-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-xts-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-xts-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ejb3.jboss-ejb3-ext-api-2.3.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ejb3.jboss-ejb3-ext-api-2.3.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.genericjms.generic-jms-ra-jar-2.0.9.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.genericjms.generic-jms-ra-jar-2.0.9.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.hal.hal-console-3.3.14.Final-redhat-00001-resources.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.hal.hal-console-3.3.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.invocation.jboss-invocation-1.6.3.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.invocation.jboss-invocation-1.6.3.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-common-api-1.5.3.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-common-api-1.5.3.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-common-impl-1.5.3.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-common-impl-1.5.3.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-common-spi-1.5.3.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-common-spi-1.5.3.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-core-api-1.5.3.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-core-api-1.5.3.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-core-impl-1.5.3.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-core-impl-1.5.3.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-deployers-common-1.5.3.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-deployers-common-1.5.3.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-jdbc-1.5.3.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-jdbc-1.5.3.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-validator-1.5.3.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-validator-1.5.3.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jandex-2.4.2.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jandex-2.4.2.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-dmr-1.5.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-dmr-1.5.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-ejb-client-4.0.45.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-ejb-client-4.0.45.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-ejb-client-legacy-3.0.3.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-ejb-client-legacy-3.0.3.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-iiop-client-1.0.1.Final-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-iiop-client-1.0.1.Final-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-transaction-spi-7.6.0.Final-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-transaction-spi-7.6.0.Final-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-vfs-3.2.17.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-vfs-3.2.17.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logging.commons-logging-jboss-logging-1.0.0.Final-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logging.commons-logging-jboss-logging-1.0.0.Final-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logging.jboss-logging-3.4.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logging.jboss-logging-3.4.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logging.jul-to-slf4j-stub-1.0.1.Final-redhat-3.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logging.jul-to-slf4j-stub-1.0.1.Final-redhat-3.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logmanager.jboss-logmanager-2.1.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logmanager.jboss-logmanager-2.1.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logmanager.log4j-jboss-logmanager-1.2.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logmanager.log4j2-jboss-logmanager-1.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logmanager.log4j2-jboss-logmanager-1.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.marshalling.jboss-marshalling-2.0.12.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.marshalling.jboss-marshalling-2.0.12.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.marshalling.jboss-marshalling-river-2.0.12.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.marshalling.jboss-marshalling-river-2.0.12.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-appclient-13.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-appclient-13.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-common-13.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-common-13.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-ear-13.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-ear-13.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-ejb-13.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-ejb-13.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-web-13.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-web-13.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-cli-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-cli-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-core-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-core-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap6.4-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap6.4-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap6.4-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap6.4-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.0-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.0-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.0-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.0-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.1-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.1-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.1-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.1-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.2-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.2-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.2-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.2-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.3-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.3-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.3-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.3-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.4-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.4-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.4-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.4-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly10.0-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly10.0-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly10.1-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly10.1-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly11.0-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly11.0-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly12.0-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly12.0-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly13.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly13.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly14.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly14.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly15.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly15.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly16.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly16.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly17.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly17.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly18.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly18.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly19.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly19.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly20.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly20.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly21.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly21.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly22.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly22.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly8.2-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly8.2-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly9.0-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly9.0-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.mod_cluster.mod_cluster-container-spi-1.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.mod_cluster.mod_cluster-container-spi-1.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.mod_cluster.mod_cluster-core-1.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.mod_cluster.mod_cluster-core-1.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.mod_cluster.mod_cluster-load-spi-1.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.mod_cluster.mod_cluster-load-spi-1.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.modules.jboss-modules-1.12.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.modules.jboss-modules-1.12.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.msc.jboss-msc-1.4.12.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.msc.jboss-msc-1.4.12.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.arjunacore.arjuna-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.arjunacore.txoj-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.common-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.compensations.compensations-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.compensations.compensations-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jbosstxbridge-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jbosstxbridge-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jta.cdi-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jta.jdbc-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jta.jms-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jta.jta-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jts.idlj-idl-jdk8-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jts.jtax-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jts.jts-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jts.narayana-jts-idlj-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jts.narayana-jts-integration-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jts.narayana-jts-integration-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jts.orbportability-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-api-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-api-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-bridge-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-bridge-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-integration-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-integration-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-util-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-util-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.txframework.txframework-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.txframework.txframework-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.bridge-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.jbossxts-5.11.4.Final-redhat-00001-api.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.jbossxts-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.recovery-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.service-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.ws-c11-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.ws-t11-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.wsas-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.wscf11-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.wstx11-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.openjdk-orb.openjdk-orb-8.1.4.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.openjdk-orb.openjdk-orb-8.1.4.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.remoting.jboss-remoting-5.0.25.SP1-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.remoting.jboss-remoting-5.0.25.SP1-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.remotingjmx.remoting-jmx-3.0.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.remotingjmx.remoting-jmx-3.0.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.jose-jwt-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.jose-jwt-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-atom-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-atom-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-cdi-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-cdi-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-client-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-client-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-crypto-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-crypto-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jackson-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jackson-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jackson2-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jackson2-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jaxb-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jaxb-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jaxrs-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jaxrs-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jettison-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jettison-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jsapi-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jsapi-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-json-binding-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-json-binding-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-json-p-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-json-p-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-multipart-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-multipart-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-rxjava2-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-rxjava2-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-spring-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-spring-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-validator-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-validator-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-yaml-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-yaml-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.seam.integration.jboss-seam-int-jbossas-7.0.0.GA-redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.seam.integration.jboss-seam-int-jbossas-7.0.0.GA-redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-common-3.0.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-common-3.0.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-extras-3.0.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-extras-3.0.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-ntlm-3.0.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-ntlm-3.0.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-spnego-3.0.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-spnego-3.0.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jbossxacml-2.0.8.Final-redhat-8.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.slf4j.slf4j-jboss-logmanager-1.1.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.slf4j.slf4j-jboss-logmanager-1.1.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.annotation.jboss-annotations-api_1.3_spec-2.0.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.annotation.jboss-annotations-api_1.3_spec-2.0.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.batch.jboss-batch-api_1.0_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.batch.jboss-batch-api_1.0_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.ejb.jboss-ejb-api_3.2_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.ejb.jboss-ejb-api_3.2_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.el.jboss-el-api_3.0_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.el.jboss-el-api_3.0_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.enterprise.concurrent.jboss-concurrency-api_1.0_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.enterprise.concurrent.jboss-concurrency-api_1.0_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.faces.jboss-jsf-api_2.3_spec-3.0.0.SP06-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.faces.jboss-jsf-api_2.3_spec-3.0.0.SP06-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.interceptor.jboss-interceptors-api_1.2_spec-2.0.0.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.interceptor.jboss-interceptors-api_1.2_spec-2.0.0.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.jms.jboss-jms-api_2.0_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.jms.jboss-jms-api_2.0_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.management.j2ee.jboss-j2eemgmt-api_1.1_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.management.j2ee.jboss-j2eemgmt-api_1.1_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.resource.jboss-connector-api_1.7_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.resource.jboss-connector-api_1.7_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.security.auth.message.jboss-jaspi-api_1.1_spec-2.0.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.security.auth.message.jboss-jaspi-api_1.1_spec-2.0.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.security.jacc.jboss-jacc-api_1.5_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.security.jacc.jboss-jacc-api_1.5_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.servlet.jboss-servlet-api_4.0_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.servlet.jboss-servlet-api_4.0_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.servlet.jsp.jboss-jsp-api_2.3_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.servlet.jsp.jboss-jsp-api_2.3_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.transaction.jboss-transaction-api_1.3_spec-2.0.0.Final-redhat-00005.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.transaction.jboss-transaction-api_1.3_spec-2.0.0.Final-redhat-00005.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.websocket.jboss-websocket-api_1.1_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.websocket.jboss-websocket-api_1.1_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.ws.rs.jboss-jaxrs-api_2.1_spec-2.0.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.ws.rs.jboss-jaxrs-api_2.1_spec-2.0.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.bind.jboss-jaxb-api_2.3_spec-2.0.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.bind.jboss-jaxb-api_2.3_spec-2.0.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.rpc.jboss-jaxrpc-api_1.1_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.rpc.jboss-jaxrpc-api_1.1_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.soap.jboss-saaj-api_1.3_spec-1.0.6.Final-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.soap.jboss-saaj-api_1.3_spec-1.0.6.Final-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.soap.jboss-saaj-api_1.4_spec-1.0.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.soap.jboss-saaj-api_1.4_spec-1.0.2.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.ws.jboss-jaxws-api_2.3_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.ws.jboss-jaxws-api_2.3_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.staxmapper-1.3.0.Final-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.staxmapper-1.3.0.Final-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.stdio.jboss-stdio-1.1.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.stdio.jboss-stdio-1.1.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.threads.jboss-threads-2.4.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.threads.jboss-threads-2.4.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-ejb-3.1.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-ejb-3.1.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-jsf-3.1.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-jsf-3.1.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-jta-3.1.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-jta-3.1.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-web-3.1.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-web-3.1.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.probe.weld-probe-core-3.1.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.probe.weld-probe-core-3.1.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.weld-api-3.1.0.SP3-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.weld-api-3.1.0.SP3-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.weld-core-impl-3.1.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.weld-core-impl-3.1.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.weld-spi-3.1.0.SP3-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.weld-spi-3.1.0.SP3-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-client-5.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-client-5.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-factories-5.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-factories-5.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-jaspi-5.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-jaspi-5.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-resources-5.4.4.Final-redhat-00001-wildfly2000.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-resources-5.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-server-5.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-server-5.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-transports-udp-5.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-transports-udp-5.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-transports-undertow-5.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-transports-undertow-5.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-api-1.1.2.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-api-1.1.2.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-common-3.3.3.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-common-3.3.3.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-common-tools-1.3.2.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-common-tools-1.3.2.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-spi-3.3.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-spi-3.3.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.projects.jaxws-undertow-httpspi-1.0.1.Final-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.projects.jaxws-undertow-httpspi-1.0.1.Final-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.xnio.netty.netty-xnio-transport-0.1.9.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.xnio.netty.netty-xnio-transport-0.1.9.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.xnio.xnio-api-3.8.7.SP1-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.xnio.xnio-api-3.8.7.SP1-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.xnio.xnio-nio-3.8.7.SP1-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.xnio.xnio-nio-3.8.7.SP1-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jctools.jctools-core-2.1.2.redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jctools.jctools-core-2.1.2.redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jctools.jctools-core-3.1.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jgroups.azure.jgroups-azure-1.3.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jgroups.azure.jgroups-azure-1.3.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jgroups.jgroups-4.2.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jgroups.jgroups-4.2.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jgroups.kubernetes.jgroups-kubernetes-1.0.16.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jgroups.kubernetes.jgroups-kubernetes-1.0.16.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jsoup.jsoup-1.14.2.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.jsoup.jsoup-1.14.2.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.jvnet.staxex.stax-ex-1.8.3.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.jvnet.staxex.stax-ex-1.8.3.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-core-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-core-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-profile-api-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-profile-api-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-saml-api-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-saml-api-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-saml-impl-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-saml-impl-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-security-api-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-security-api-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-security-impl-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-security-impl-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-soap-api-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-soap-api-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-api-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-api-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-impl-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-impl-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-saml-api-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-saml-api-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-saml-impl-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-saml-impl-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xmlsec-api-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xmlsec-api-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xmlsec-impl-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xmlsec-impl-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.ow2.asm.asm-9.1.0.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.ow2.asm.asm-util-9.1.0.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.acl-spi-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.authorization-spi-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.common-spi-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.identity-spi-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.jboss-security-spi-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.jbosssx-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.jbosssx-bare-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-5.0.3.Final-redhat-00009.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-acl-impl-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-bare-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-commons-1.0.0.final-redhat-5.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-commons-1.0.0.final-redhat-5.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-identity-impl-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-infinispan-5.0.3.Final-redhat-00009.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-infinispan-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-spi-bare-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.distribution.picketlink-wildfly8-2.5.5.SP12-redhat-00014.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-api-2.5.5.SP12-redhat-00011.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-api-2.5.5.SP12-redhat-00011.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-common-2.5.5.SP12-redhat-00011.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-common-2.5.5.SP12-redhat-00011.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-config-2.5.5.SP12-redhat-00011.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-config-2.5.5.SP12-redhat-00011.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-federation-2.5.5.SP12-redhat-00011.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-federation-2.5.5.SP12-redhat-00011.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-idm-api-2.5.5.SP12-redhat-00011.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-idm-api-2.5.5.SP12-redhat-00011.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-idm-impl-2.5.5.SP12-redhat-00011.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-idm-impl-2.5.5.SP12-redhat-00011.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-idm-simple-schema-2.5.5.SP12-redhat-00011.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-idm-simple-schema-2.5.5.SP12-redhat-00011.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-impl-2.5.5.SP12-redhat-00011.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-impl-2.5.5.SP12-redhat-00011.pom",
"Red Hat JBoss Enterprise Application Platform :org.projectodd.vdx.vdx-core-1.1.6.redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.projectodd.vdx.vdx-core-1.1.6.redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.projectodd.vdx.vdx-wildfly-1.1.6.redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.projectodd.vdx.vdx-wildfly-1.1.6.redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.reactivestreams.reactive-streams-1.0.3.redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.slf4j.jcl-over-slf4j-1.7.30.redhat-00004.pom",
"Red Hat JBoss Enterprise Application Platform :org.slf4j.slf4j-api-1.7.22.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.slf4j.slf4j-api-1.7.22.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.slf4j.slf4j-api-1.7.30.redhat-00004.pom",
"Red Hat JBoss Enterprise Application Platform :org.slf4j.slf4j-ext-1.7.22.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.slf4j.slf4j-ext-1.7.22.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.client.wildfly-client-config-1.0.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.client.wildfly-client-config-1.0.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.common.wildfly-common-1.5.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.common.wildfly-common-1.5.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-cli-15.0.18.Final-redhat-00001-client.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-cli-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-cli-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-controller-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-controller-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-controller-client-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-controller-client-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-management-client-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-management-client-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-management-subsystem-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-management-subsystem-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-security-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-security-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-security-api-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-security-api-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-deployment-repository-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-deployment-repository-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-deployment-scanner-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-deployment-scanner-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-discovery-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-discovery-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-domain-http-error-context-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-domain-http-error-context-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-domain-http-interface-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-domain-http-interface-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-domain-management-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-domain-management-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-elytron-integration-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-elytron-integration-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-elytron-tool-wrapper-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-elytron-tool-wrapper-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-embedded-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-embedded-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-event-logger-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-event-logger-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-host-controller-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-host-controller-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-io-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-io-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-jmx-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-jmx-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-launcher-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-launcher-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-logging-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-logging-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-management-client-content-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-management-client-content-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-network-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-network-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-patching-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-patching-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-platform-mbean-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-platform-mbean-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-process-controller-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-process-controller-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-protocol-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-protocol-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-remoting-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-remoting-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-request-controller-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-request-controller-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-security-manager-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-security-manager-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-server-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-server-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-threads-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-threads-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-version-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-version-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.discovery.wildfly-discovery-client-1.2.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.discovery.wildfly-discovery-client-1.2.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-java-2.2.3.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-java-2.2.3.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-ppc64le-2.2.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-ppc64le-2.2.2.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel6-x86_64-2.2.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel6-x86_64-2.2.2.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel7-x86_64-2.2.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel7-x86_64-2.2.2.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel8-x86_64-2.2.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel8-x86_64-2.2.2.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel9-x86_64-2.2.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel9-x86_64-2.2.2.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-s390x-2.2.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-s390x-2.2.2.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-windows-x86_64-2.2.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.elytron-web.undertow-server-1.9.2.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.elytron-web.undertow-server-1.9.2.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.elytron-web.undertow-server-servlet-1.9.2.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.elytron-web.undertow-server-servlet-1.9.2.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-asn1-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-asn1-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-audit-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-audit-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-deprecated-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-deprecated-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-http-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-http-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-sasl-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-sasl-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-util-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-util-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-base-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-base-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-client-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-client-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-source-deprecated-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-source-deprecated-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-source-impl-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-source-impl-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-store-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-store-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-digest-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-digest-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-encryption-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-encryption-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-basic-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-basic-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-bearer-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-bearer-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-cert-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-cert-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-deprecated-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-deprecated-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-digest-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-digest-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-external-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-external-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-form-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-form-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-oidc-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-spnego-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-spnego-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-sso-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-sso-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-stateful-basic-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-stateful-basic-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-util-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-util-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-jacc-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-jacc-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-jaspi-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-jaspi-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-jose-jwk-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-jose-util-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-json-util-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-json-util-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-keystore-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-keystore-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-digest-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-digest-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-gssapi-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-gssapi-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-http-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-http-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-oauth2-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-oauth2-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-scram-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-scram-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-password-impl-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-password-impl-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-permission-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-permission-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-provider-util-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-provider-util-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-jdbc-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-jdbc-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-ldap-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-ldap-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-token-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-token-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-anonymous-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-anonymous-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-auth-util-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-auth-util-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-deprecated-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-deprecated-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-digest-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-digest-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-entity-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-entity-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-external-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-external-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-gs2-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-gs2-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-gssapi-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-gssapi-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-localuser-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-localuser-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-oauth2-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-oauth2-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-otp-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-otp-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-plain-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-plain-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-scram-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-scram-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-security-manager-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-security-manager-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-security-manager-action-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-security-manager-action-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-ssl-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-ssl-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-tool-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-tool-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-util-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-util-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-cert-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-cert-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-cert-acme-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-cert-acme-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-cert-util-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-cert-util-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-deprecated-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-deprecated-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-principal-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-principal-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.transaction.wildfly-transaction-client-1.1.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.transaction.wildfly-transaction-client-1.1.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-client-common-1.1.13.SP1-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-client-common-1.1.13.SP1-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-ejb-client-1.1.13.SP1-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-ejb-client-1.1.13.SP1-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-naming-client-1.1.13.SP1-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-naming-client-1.1.13.SP1-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-transaction-client-1.1.13.SP1-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-transaction-client-1.1.13.SP1-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-naming-client-1.0.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-naming-client-1.0.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.yaml.snakeyaml-1.31.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.yaml.snakeyaml-1.31.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :wsdl4j.wsdl4j-1.6.3.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :wsdl4j.wsdl4j-1.6.3.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :xalan.serializer-2.7.1.redhat-00013.jar",
"Red Hat JBoss Enterprise Application Platform :xalan.serializer-2.7.1.redhat-00013.pom",
"Red Hat JBoss Enterprise Application Platform :xalan.xalan-2.7.1.redhat-00013.jar",
"Red Hat JBoss Enterprise Application Platform :xalan.xalan-2.7.1.redhat-00013.pom",
"Red Hat JBoss Enterprise Application Platform :xerces.xercesImpl-2.12.0.SP04-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :xerces.xercesImpl-2.12.0.SP04-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :xml-resolver.xml-resolver-1.2.0.redhat-12.jar",
"Red Hat JBoss Enterprise Application Platform :xml-resolver.xml-resolver-1.2.0.redhat-12.pom",
"Red Hat JBoss Enterprise Application Platform :xom.xom-1.3.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :xom.xom-1.3.7.redhat-00001.pom"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undertow: Large AJP request may cause DoS"
},
{
"cve": "CVE-2022-25857",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-09-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform :@babel.code-frame-7.0.0",
"Red Hat JBoss Enterprise Application Platform :@babel.core-7.4.5",
"Red Hat JBoss Enterprise Application Platform :@babel.generator-7.4.4",
"Red Hat JBoss Enterprise Application Platform :@babel.helper-function-name-7.1.0",
"Red Hat JBoss Enterprise Application Platform :@babel.helper-get-function-arity-7.0.0",
"Red Hat JBoss Enterprise Application Platform :@babel.helper-split-export-declaration-7.4.4",
"Red Hat JBoss Enterprise Application Platform :@babel.helpers-7.4.4",
"Red Hat JBoss Enterprise Application Platform :@babel.highlight-7.0.0",
"Red Hat JBoss Enterprise Application Platform :@babel.parser-7.4.5",
"Red Hat JBoss Enterprise Application Platform :@babel.template-7.4.4",
"Red Hat JBoss Enterprise Application Platform :@babel.traverse-7.4.5",
"Red Hat JBoss Enterprise Application Platform :@babel.types-7.4.4",
"Red Hat JBoss Enterprise Application Platform :@mrmlnc.readdir-enhanced-2.2.1",
"Red Hat JBoss Enterprise Application Platform :@nodelib.fs.stat-1.1.3",
"Red Hat JBoss Enterprise Application Platform :@types.c3-0.6.0",
"Red Hat JBoss Enterprise Application Platform :@types.d3-4.13.0",
"Red Hat JBoss Enterprise Application Platform :@types.d3-array-1.2.1",
"Red Hat JBoss Enterprise Application Platform :@types.d3-axis-1.0.10",
"Red Hat JBoss Enterprise Application Platform :@types.d3-brush-1.0.8",
"Red Hat JBoss Enterprise Application Platform :@types.d3-chord-1.0.7",
"Red Hat JBoss Enterprise Application Platform :@types.d3-collection-1.0.7",
"Red Hat JBoss Enterprise Application Platform :@types.d3-color-1.2.1",
"Red Hat JBoss Enterprise Application Platform :@types.d3-dispatch-1.0.6",
"Red Hat JBoss Enterprise Application Platform :@types.d3-drag-1.2.1",
"Red Hat JBoss Enterprise Application Platform :@types.d3-dsv-1.0.33",
"Red Hat JBoss Enterprise Application Platform :@types.d3-ease-1.0.7",
"Red Hat JBoss Enterprise Application Platform :@types.d3-force-1.1.1",
"Red Hat JBoss Enterprise Application Platform :@types.d3-format-1.3.0",
"Red Hat JBoss Enterprise Application Platform :@types.d3-geo-1.10.3",
"Red Hat JBoss Enterprise Application Platform :@types.d3-hierarchy-1.1.2",
"Red Hat JBoss Enterprise Application Platform :@types.d3-interpolate-1.2.0",
"Red Hat JBoss Enterprise Application Platform :@types.d3-path-1.0.7",
"Red Hat JBoss Enterprise Application Platform :@types.d3-polygon-1.0.6",
"Red Hat JBoss Enterprise Application Platform :@types.d3-quadtree-1.0.5",
"Red Hat JBoss Enterprise Application Platform :@types.d3-queue-3.0.6",
"Red Hat JBoss Enterprise Application Platform :@types.d3-random-1.1.1",
"Red Hat JBoss Enterprise Application Platform :@types.d3-request-1.0.2",
"Red Hat JBoss Enterprise Application Platform :@types.d3-scale-1.0.13",
"Red Hat JBoss Enterprise Application Platform :@types.d3-selection-1.3.1",
"Red Hat JBoss Enterprise Application Platform :@types.d3-shape-1.2.3",
"Red Hat JBoss Enterprise Application Platform :@types.d3-time-1.0.8",
"Red Hat JBoss Enterprise Application Platform :@types.d3-time-format-2.1.0",
"Red Hat JBoss Enterprise Application Platform :@types.d3-timer-1.0.7",
"Red Hat JBoss Enterprise Application Platform :@types.d3-transition-1.1.1",
"Red Hat JBoss Enterprise Application Platform :@types.d3-voronoi-1.1.7",
"Red Hat JBoss Enterprise Application Platform :@types.d3-zoom-1.7.1",
"Red Hat JBoss Enterprise Application Platform :@types.events-3.0.0",
"Red Hat JBoss Enterprise Application Platform :@types.geojson-7946.0.3",
"Red Hat JBoss Enterprise Application Platform :@types.glob-7.1.1",
"Red Hat JBoss Enterprise Application Platform :@types.minimatch-3.0.3",
"Red Hat JBoss Enterprise Application Platform :@types.node-12.0.10",
"Red Hat JBoss Enterprise Application Platform :@types.unist-2.0.3",
"Red Hat JBoss Enterprise Application Platform :@types.vfile-3.0.2",
"Red Hat JBoss Enterprise Application Platform :@types.vfile-message-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.abab-1.0.4",
"Red Hat JBoss Enterprise Application Platform :None.abbrev-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.abstract-leveldown-6.0.3",
"Red Hat JBoss Enterprise Application Platform :None.ace-builds-1.4.5",
"Red Hat JBoss Enterprise Application Platform :None.acorn-2.7.0",
"Red Hat JBoss Enterprise Application Platform :None.acorn-globals-1.0.9",
"Red Hat JBoss Enterprise Application Platform :None.ajv-6.10.0",
"Red Hat JBoss Enterprise Application Platform :None.amdefine-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.ansi-regex-2.1.1",
"Red Hat JBoss Enterprise Application Platform :None.ansi-regex-4.1.0",
"Red Hat JBoss Enterprise Application Platform :None.ansi-styles-2.2.1",
"Red Hat JBoss Enterprise Application Platform :None.ansi-styles-3.2.1",
"Red Hat JBoss Enterprise Application Platform :None.aproba-1.2.0",
"Red Hat JBoss Enterprise Application Platform :None.are-we-there-yet-1.1.5",
"Red Hat JBoss Enterprise Application Platform :None.argparse-1.0.10",
"Red Hat JBoss Enterprise Application Platform :None.argsarray-0.0.1",
"Red Hat JBoss Enterprise Application Platform :None.arr-diff-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.arr-flatten-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.arr-union-3.1.0",
"Red Hat JBoss Enterprise Application Platform :None.array-each-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.array-find-index-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.array-slice-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.array-union-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.array-uniq-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.array-unique-0.3.2",
"Red Hat JBoss Enterprise Application Platform :None.arrify-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.artemis-service.exe-None",
"Red Hat JBoss Enterprise Application Platform :None.asap-2.0.6",
"Red Hat JBoss Enterprise Application Platform :None.asn1-0.2.4",
"Red Hat JBoss Enterprise Application Platform :None.assert-plus-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.assign-symbols-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.astral-regex-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.async-1.5.2",
"Red Hat JBoss Enterprise Application Platform :None.async-2.6.2",
"Red Hat JBoss Enterprise Application Platform :None.asynckit-0.4.0",
"Red Hat JBoss Enterprise Application Platform :None.atob-2.1.2",
"Red Hat JBoss Enterprise Application Platform :None.autocompleter-4.0.2",
"Red Hat JBoss Enterprise Application Platform :None.autoprefixer-9.6.0",
"Red Hat JBoss Enterprise Application Platform :None.aws-sign2-0.7.0",
"Red Hat JBoss Enterprise Application Platform :None.aws4-1.8.0",
"Red Hat JBoss Enterprise Application Platform :None.babel-code-frame-6.26.0",
"Red Hat JBoss Enterprise Application Platform :None.babel-generator-6.26.1",
"Red Hat JBoss Enterprise Application Platform :None.babel-messages-6.23.0",
"Red Hat JBoss Enterprise Application Platform :None.babel-runtime-6.26.0",
"Red Hat JBoss Enterprise Application Platform :None.babel-traverse-6.26.0",
"Red Hat JBoss Enterprise Application Platform :None.babel-types-6.26.0",
"Red Hat JBoss Enterprise Application Platform :None.babylon-6.18.0",
"Red Hat JBoss Enterprise Application Platform :None.bail-1.0.4",
"Red Hat JBoss Enterprise Application Platform :None.balanced-match-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.base-0.11.2",
"Red Hat JBoss Enterprise Application Platform :None.bcrypt-pbkdf-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.body-5.1.0",
"Red Hat JBoss Enterprise Application Platform :None.boolbase-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-3.3.7",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-3.4.1",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-datepicker-1.8.0",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-datepicker-1.9.0",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-sass-3.4.1",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-select-1.12.2",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-select-1.13.10",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-slider-10.6.1",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-slider-9.10.0",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-switch-3.3.4",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-switch-3.3.5",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-touchspin-3.1.1",
"Red Hat JBoss Enterprise Application Platform :None.brace-expansion-1.1.11",
"Red Hat JBoss Enterprise Application Platform :None.braces-2.3.2",
"Red Hat JBoss Enterprise Application Platform :None.braces-3.0.2",
"Red Hat JBoss Enterprise Application Platform :None.browserslist-4.6.3",
"Red Hat JBoss Enterprise Application Platform :None.buffer-from-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.bytes-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.c3-0.4.23",
"Red Hat JBoss Enterprise Application Platform :None.c3-0.7.1",
"Red Hat JBoss Enterprise Application Platform :None.cache-base-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.call-me-maybe-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.caller-callsite-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.caller-path-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.callsites-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.camelcase-2.1.1",
"Red Hat JBoss Enterprise Application Platform :None.camelcase-4.1.0",
"Red Hat JBoss Enterprise Application Platform :None.camelcase-keys-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.camelcase-keys-4.2.0",
"Red Hat JBoss Enterprise Application Platform :None.caniuse-lite-1.0.30000978",
"Red Hat JBoss Enterprise Application Platform :None.caseless-0.12.0",
"Red Hat JBoss Enterprise Application Platform :None.ccount-1.0.4",
"Red Hat JBoss Enterprise Application Platform :None.chalk-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.chalk-2.4.2",
"Red Hat JBoss Enterprise Application Platform :None.character-entities-1.2.3",
"Red Hat JBoss Enterprise Application Platform :None.character-entities-html4-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.character-entities-legacy-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.character-reference-invalid-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.cheerio-0.20.0",
"Red Hat JBoss Enterprise Application Platform :None.cheerio-1.0.0-rc.2",
"Red Hat JBoss Enterprise Application Platform :None.chownr-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.class-utils-0.3.6",
"Red Hat JBoss Enterprise Application Platform :None.clean-css-4.2.1",
"Red Hat JBoss Enterprise Application Platform :None.clipboard-2.0.11",
"Red Hat JBoss Enterprise Application Platform :None.clone-2.1.2",
"Red Hat JBoss Enterprise Application Platform :None.clone-buffer-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.clone-regexp-2.2.0",
"Red Hat JBoss Enterprise Application Platform :None.code-point-at-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.coffeescript-1.10.0",
"Red Hat JBoss Enterprise Application Platform :None.collapse-white-space-1.0.5",
"Red Hat JBoss Enterprise Application Platform :None.collection-visit-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.color-convert-1.9.3",
"Red Hat JBoss Enterprise Application Platform :None.color-logger-0.0.3",
"Red Hat JBoss Enterprise Application Platform :None.color-logger-0.0.6",
"Red Hat JBoss Enterprise Application Platform :None.color-name-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.colors-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.combined-stream-1.0.8",
"Red Hat JBoss Enterprise Application Platform :None.commander-2.20.0",
"Red Hat JBoss Enterprise Application Platform :None.component-emitter-1.3.0",
"Red Hat JBoss Enterprise Application Platform :None.concat-map-0.0.1",
"Red Hat JBoss Enterprise Application Platform :None.console-control-strings-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.continuable-cache-0.3.1",
"Red Hat JBoss Enterprise Application Platform :None.convert-source-map-1.6.0",
"Red Hat JBoss Enterprise Application Platform :None.copy-descriptor-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.core-js-0.9.18",
"Red Hat JBoss Enterprise Application Platform :None.core-js-2.6.9",
"Red Hat JBoss Enterprise Application Platform :None.core-util-is-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.cosmiconfig-5.2.1",
"Red Hat JBoss Enterprise Application Platform :None.css-2.2.4",
"Red Hat JBoss Enterprise Application Platform :None.css-parse-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.css-select-1.2.0",
"Red Hat JBoss Enterprise Application Platform :None.css-unit-converter-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.css-what-2.1.3",
"Red Hat JBoss Enterprise Application Platform :None.cssom-0.3.6",
"Red Hat JBoss Enterprise Application Platform :None.cssstyle-0.2.37",
"Red Hat JBoss Enterprise Application Platform :None.currently-unhandled-0.4.1",
"Red Hat JBoss Enterprise Application Platform :None.d3-3.5.17",
"Red Hat JBoss Enterprise Application Platform :None.d3-5.9.2",
"Red Hat JBoss Enterprise Application Platform :None.d3-array-1.2.4",
"Red Hat JBoss Enterprise Application Platform :None.d3-axis-1.0.12",
"Red Hat JBoss Enterprise Application Platform :None.d3-brush-1.0.6",
"Red Hat JBoss Enterprise Application Platform :None.d3-chord-1.0.6",
"Red Hat JBoss Enterprise Application Platform :None.d3-collection-1.0.7",
"Red Hat JBoss Enterprise Application Platform :None.d3-color-1.2.3",
"Red Hat JBoss Enterprise Application Platform :None.d3-contour-1.3.2",
"Red Hat JBoss Enterprise Application Platform :None.d3-dispatch-1.0.5",
"Red Hat JBoss Enterprise Application Platform :None.d3-drag-1.2.3",
"Red Hat JBoss Enterprise Application Platform :None.d3-dsv-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.d3-ease-1.0.5",
"Red Hat JBoss Enterprise Application Platform :None.d3-fetch-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.d3-force-1.2.1",
"Red Hat JBoss Enterprise Application Platform :None.d3-format-1.3.2",
"Red Hat JBoss Enterprise Application Platform :None.d3-geo-1.11.6",
"Red Hat JBoss Enterprise Application Platform :None.d3-hierarchy-1.1.8",
"Red Hat JBoss Enterprise Application Platform :None.d3-interpolate-1.3.2",
"Red Hat JBoss Enterprise Application Platform :None.d3-path-1.0.7",
"Red Hat JBoss Enterprise Application Platform :None.d3-polygon-1.0.5",
"Red Hat JBoss Enterprise Application Platform :None.d3-quadtree-1.0.6",
"Red Hat JBoss Enterprise Application Platform :None.d3-random-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.d3-scale-2.2.2",
"Red Hat JBoss Enterprise Application Platform :None.d3-scale-chromatic-1.3.3",
"Red Hat JBoss Enterprise Application Platform :None.d3-selection-1.4.0",
"Red Hat JBoss Enterprise Application Platform :None.d3-shape-1.3.5",
"Red Hat JBoss Enterprise Application Platform :None.d3-time-1.0.11",
"Red Hat JBoss Enterprise Application Platform :None.d3-time-format-2.1.3",
"Red Hat JBoss Enterprise Application Platform :None.d3-timer-1.0.9",
"Red Hat JBoss Enterprise Application Platform :None.d3-transition-1.2.0",
"Red Hat JBoss Enterprise Application Platform :None.d3-voronoi-1.1.4",
"Red Hat JBoss Enterprise Application Platform :None.d3-zoom-1.7.3",
"Red Hat JBoss Enterprise Application Platform :None.dashdash-1.14.1",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-1.10.16",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-1.10.19",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-bs-1.10.16",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-buttons-1.5.6",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-colreorder-1.4.1",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-colreorder-bs-1.3.3",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-keytable-2.5.0",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-select-1.2.7",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-select-1.3.0",
"Red Hat JBoss Enterprise Application Platform :None.dateformat-1.0.12",
"Red Hat JBoss Enterprise Application Platform :None.debug-2.6.9",
"Red Hat JBoss Enterprise Application Platform :None.debug-3.2.6",
"Red Hat JBoss Enterprise Application Platform :None.debug-4.1.1",
"Red Hat JBoss Enterprise Application Platform :None.decamelize-1.2.0",
"Red Hat JBoss Enterprise Application Platform :None.decamelize-keys-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.decode-uri-component-0.2.0",
"Red Hat JBoss Enterprise Application Platform :None.deep-is-0.1.3",
"Red Hat JBoss Enterprise Application Platform :None.deferred-leveldown-5.0.1",
"Red Hat JBoss Enterprise Application Platform :None.define-property-0.2.5",
"Red Hat JBoss Enterprise Application Platform :None.define-property-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.define-property-2.0.2",
"Red Hat JBoss Enterprise Application Platform :None.delayed-stream-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.delegate-3.2.0",
"Red Hat JBoss Enterprise Application Platform :None.delegates-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.detect-file-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.detect-indent-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.diff-3.5.0",
"Red Hat JBoss Enterprise Application Platform :None.dir-glob-2.2.2",
"Red Hat JBoss Enterprise Application Platform :None.dom-serializer-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.domelementtype-1.3.1",
"Red Hat JBoss Enterprise Application Platform :None.domhandler-2.3.0",
"Red Hat JBoss Enterprise Application Platform :None.domhandler-2.4.2",
"Red Hat JBoss Enterprise Application Platform :None.domutils-1.5.1",
"Red Hat JBoss Enterprise Application Platform :None.dot-prop-4.2.0",
"Red Hat JBoss Enterprise Application Platform :None.double-ended-queue-2.1.0-0",
"Red Hat JBoss Enterprise Application Platform :None.drmonty-datatables-colvis-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.duplexer-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.ecc-jsbn-0.1.2",
"Red Hat JBoss Enterprise Application Platform :None.electron-to-chromium-1.3.174",
"Red Hat JBoss Enterprise Application Platform :None.emoji-regex-7.0.3",
"Red Hat JBoss Enterprise Application Platform :None.emoji-regex-8.0.0",
"Red Hat JBoss Enterprise Application Platform :None.encoding-down-6.1.0",
"Red Hat JBoss Enterprise Application Platform :None.end-stream-0.1.0",
"Red Hat JBoss Enterprise Application Platform :None.entities-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.entities-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.env-paths-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.eonasdan-bootstrap-datetimepicker-4.17.47",
"Red Hat JBoss Enterprise Application Platform :None.errno-0.1.7",
"Red Hat JBoss Enterprise Application Platform :None.error-7.0.2",
"Red Hat JBoss Enterprise Application Platform :None.error-ex-1.3.2",
"Red Hat JBoss Enterprise Application Platform :None.es6-denodeify-0.1.5",
"Red Hat JBoss Enterprise Application Platform :None.escape-html-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.escape-html-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.escape-string-regexp-1.0.5",
"Red Hat JBoss Enterprise Application Platform :None.escodegen-1.11.1",
"Red Hat JBoss Enterprise Application Platform :None.escodegen-1.7.0",
"Red Hat JBoss Enterprise Application Platform :None.esdoc-0.4.8",
"Red Hat JBoss Enterprise Application Platform :None.esdoc-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.espree-2.2.0",
"Red Hat JBoss Enterprise Application Platform :None.esprima-1.2.5",
"Red Hat JBoss Enterprise Application Platform :None.esprima-3.1.3",
"Red Hat JBoss Enterprise Application Platform :None.esprima-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.estraverse-1.9.3",
"Red Hat JBoss Enterprise Application Platform :None.estraverse-4.1.0",
"Red Hat JBoss Enterprise Application Platform :None.estraverse-4.2.0",
"Red Hat JBoss Enterprise Application Platform :None.esutils-2.0.2",
"Red Hat JBoss Enterprise Application Platform :None.eventemitter2-0.4.14",
"Red Hat JBoss Enterprise Application Platform :None.execall-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.exit-0.1.2",
"Red Hat JBoss Enterprise Application Platform :None.expand-brackets-2.1.4",
"Red Hat JBoss Enterprise Application Platform :None.expand-tilde-2.0.2",
"Red Hat JBoss Enterprise Application Platform :None.extend-3.0.2",
"Red Hat JBoss Enterprise Application Platform :None.extend-shallow-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.extend-shallow-3.0.2",
"Red Hat JBoss Enterprise Application Platform :None.extglob-2.0.4",
"Red Hat JBoss Enterprise Application Platform :None.extsprintf-1.3.0",
"Red Hat JBoss Enterprise Application Platform :None.fast-deep-equal-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.fast-future-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.fast-glob-2.2.7",
"Red Hat JBoss Enterprise Application Platform :None.fast-json-stable-stringify-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.fast-levenshtein-1.0.7",
"Red Hat JBoss Enterprise Application Platform :None.fast-levenshtein-2.0.6",
"Red Hat JBoss Enterprise Application Platform :None.faye-websocket-0.10.0",
"Red Hat JBoss Enterprise Application Platform :None.fetch-cookie-0.7.0",
"Red Hat JBoss Enterprise Application Platform :None.figures-1.7.0",
"Red Hat JBoss Enterprise Application Platform :None.file-entry-cache-5.0.1",
"Red Hat JBoss Enterprise Application Platform :None.file-sync-cmp-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.fill-range-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.fill-range-7.0.1",
"Red Hat JBoss Enterprise Application Platform :None.find-up-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.find-up-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.findup-sync-0.3.0",
"Red Hat JBoss Enterprise Application Platform :None.findup-sync-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.fined-1.2.0",
"Red Hat JBoss Enterprise Application Platform :None.flagged-respawn-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.flat-cache-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.flatted-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.font-awesome-4.7.0",
"Red Hat JBoss Enterprise Application Platform :None.font-awesome-sass-4.7.0",
"Red Hat JBoss Enterprise Application Platform :None.for-in-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.for-own-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.forever-agent-0.6.1",
"Red Hat JBoss Enterprise Application Platform :None.form-data-2.3.3",
"Red Hat JBoss Enterprise Application Platform :None.fragment-cache-0.2.1",
"Red Hat JBoss Enterprise Application Platform :None.fs-extra-0.26.5",
"Red Hat JBoss Enterprise Application Platform :None.fs-extra-5.0.0",
"Red Hat JBoss Enterprise Application Platform :None.fs-minipass-1.2.6",
"Red Hat JBoss Enterprise Application Platform :None.fs.realpath-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.gauge-2.7.4",
"Red Hat JBoss Enterprise Application Platform :None.gaze-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.get-stdin-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.get-stdin-7.0.0",
"Red Hat JBoss Enterprise Application Platform :None.get-value-2.0.6",
"Red Hat JBoss Enterprise Application Platform :None.getobject-0.1.0",
"Red Hat JBoss Enterprise Application Platform :None.getpass-0.1.7",
"Red Hat JBoss Enterprise Application Platform :None.glob-5.0.15",
"Red Hat JBoss Enterprise Application Platform :None.glob-7.0.6",
"Red Hat JBoss Enterprise Application Platform :None.glob-7.1.4",
"Red Hat JBoss Enterprise Application Platform :None.glob-parent-3.1.0",
"Red Hat JBoss Enterprise Application Platform :None.glob-to-regexp-0.3.0",
"Red Hat JBoss Enterprise Application Platform :None.global-modules-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.global-modules-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.global-prefix-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.global-prefix-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.globals-11.12.0",
"Red Hat JBoss Enterprise Application Platform :None.globals-9.18.0",
"Red Hat JBoss Enterprise Application Platform :None.globby-9.2.0",
"Red Hat JBoss Enterprise Application Platform :None.globjoin-0.1.4",
"Red Hat JBoss Enterprise Application Platform :None.globule-1.2.1",
"Red Hat JBoss Enterprise Application Platform :None.gonzales-pe-4.2.4",
"Red Hat JBoss Enterprise Application Platform :None.good-listener-1.2.2",
"Red Hat JBoss Enterprise Application Platform :None.google-code-prettify-1.0.5",
"Red Hat JBoss Enterprise Application Platform :None.graceful-fs-4.1.15",
"Red Hat JBoss Enterprise Application Platform :None.grunt-1.0.4",
"Red Hat JBoss Enterprise Application Platform :None.grunt-cli-1.2.0",
"Red Hat JBoss Enterprise Application Platform :None.grunt-cli-1.3.2",
"Red Hat JBoss Enterprise Application Platform :None.grunt-contrib-clean-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.grunt-contrib-concat-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.grunt-contrib-copy-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.grunt-contrib-cssmin-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.grunt-contrib-less-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.grunt-contrib-watch-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.grunt-css-count-0.3.2",
"Red Hat JBoss Enterprise Application Platform :None.grunt-esdoc-0.0.4",
"Red Hat JBoss Enterprise Application Platform :None.grunt-known-options-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.grunt-legacy-log-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.grunt-legacy-log-utils-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.grunt-legacy-util-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.grunt-postcss-0.9.0",
"Red Hat JBoss Enterprise Application Platform :None.grunt-stylelint-0.11.0",
"Red Hat JBoss Enterprise Application Platform :None.gzip-size-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.har-schema-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.har-validator-5.1.3",
"Red Hat JBoss Enterprise Application Platform :None.has-ansi-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.has-flag-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.has-unicode-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.has-value-0.3.1",
"Red Hat JBoss Enterprise Application Platform :None.has-value-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.has-values-0.1.4",
"Red Hat JBoss Enterprise Application Platform :None.has-values-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.homedir-polyfill-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.hooker-0.2.3",
"Red Hat JBoss Enterprise Application Platform :None.hosted-git-info-2.7.1",
"Red Hat JBoss Enterprise Application Platform :None.html-tags-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.htmlparser2-3.10.1",
"Red Hat JBoss Enterprise Application Platform :None.htmlparser2-3.8.3",
"Red Hat JBoss Enterprise Application Platform :None.http-parser-js-0.4.10",
"Red Hat JBoss Enterprise Application Platform :None.http-signature-1.2.0",
"Red Hat JBoss Enterprise Application Platform :None.ice-cap-0.0.4",
"Red Hat JBoss Enterprise Application Platform :None.iconv-lite-0.4.24",
"Red Hat JBoss Enterprise Application Platform :None.ignore-4.0.6",
"Red Hat JBoss Enterprise Application Platform :None.ignore-5.1.2",
"Red Hat JBoss Enterprise Application Platform :None.image-size-0.5.5",
"Red Hat JBoss Enterprise Application Platform :None.immediate-3.0.6",
"Red Hat JBoss Enterprise Application Platform :None.immediate-3.2.3",
"Red Hat JBoss Enterprise Application Platform :None.import-fresh-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.import-lazy-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.imurmurhash-0.1.4",
"Red Hat JBoss Enterprise Application Platform :None.indent-string-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.indent-string-3.2.0",
"Red Hat JBoss Enterprise Application Platform :None.indexes-of-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.inflight-1.0.6",
"Red Hat JBoss Enterprise Application Platform :None.inherits-2.0.3",
"Red Hat JBoss Enterprise Application Platform :None.ini-1.3.5",
"Red Hat JBoss Enterprise Application Platform :None.interpret-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.invariant-2.2.4",
"Red Hat JBoss Enterprise Application Platform :None.is-absolute-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-accessor-descriptor-0.1.6",
"Red Hat JBoss Enterprise Application Platform :None.is-accessor-descriptor-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-alphabetical-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.is-alphanumeric-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-alphanumerical-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.is-arrayish-0.2.1",
"Red Hat JBoss Enterprise Application Platform :None.is-buffer-1.1.6",
"Red Hat JBoss Enterprise Application Platform :None.is-buffer-2.0.3",
"Red Hat JBoss Enterprise Application Platform :None.is-data-descriptor-0.1.4",
"Red Hat JBoss Enterprise Application Platform :None.is-data-descriptor-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-decimal-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.is-descriptor-0.1.6",
"Red Hat JBoss Enterprise Application Platform :None.is-descriptor-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.is-directory-0.3.1",
"Red Hat JBoss Enterprise Application Platform :None.is-extendable-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.is-extendable-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.is-extglob-2.1.1",
"Red Hat JBoss Enterprise Application Platform :None.is-finite-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.is-fullwidth-code-point-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-fullwidth-code-point-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-fullwidth-code-point-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-glob-3.1.0",
"Red Hat JBoss Enterprise Application Platform :None.is-glob-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.is-hexadecimal-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.is-number-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-number-7.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-obj-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.is-plain-obj-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.is-plain-object-2.0.4",
"Red Hat JBoss Enterprise Application Platform :None.is-regexp-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.is-relative-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-typedarray-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-unc-path-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-utf8-0.2.1",
"Red Hat JBoss Enterprise Application Platform :None.is-whitespace-character-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.is-windows-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.is-word-character-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.isarray-0.0.1",
"Red Hat JBoss Enterprise Application Platform :None.isarray-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.isexe-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.isobject-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.isobject-3.0.1",
"Red Hat JBoss Enterprise Application Platform :None.isstream-0.1.2",
"Red Hat JBoss Enterprise Application Platform :None.jansi.dll-None",
"Red Hat JBoss Enterprise Application Platform :None.jboss-eap-7.4.7-runtime-maven-repository.zip-None",
"Red Hat JBoss Enterprise Application Platform :None.jquery-3.2.1",
"Red Hat JBoss Enterprise Application Platform :None.jquery-3.4.1",
"Red Hat JBoss Enterprise Application Platform :None.jquery-match-height-0.7.2",
"Red Hat JBoss Enterprise Application Platform :None.js-cookie-2.2.0",
"Red Hat JBoss Enterprise Application Platform :None.js-tokens-3.0.2",
"Red Hat JBoss Enterprise Application Platform :None.js-tokens-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.js-yaml-3.13.1",
"Red Hat JBoss Enterprise Application Platform :None.jsbn-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.jsdom-7.2.2",
"Red Hat JBoss Enterprise Application Platform :None.jsesc-1.3.0",
"Red Hat JBoss Enterprise Application Platform :None.jsesc-2.5.2",
"Red Hat JBoss Enterprise Application Platform :None.json-parse-better-errors-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.json-schema-0.2.3",
"Red Hat JBoss Enterprise Application Platform :None.json-schema-traverse-0.4.1",
"Red Hat JBoss Enterprise Application Platform :None.json-stringify-safe-5.0.1",
"Red Hat JBoss Enterprise Application Platform :None.json5-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.jsonfile-2.4.0",
"Red Hat JBoss Enterprise Application Platform :None.jsonfile-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.jsprim-1.4.1",
"Red Hat JBoss Enterprise Application Platform :None.jstree-3.3.8",
"Red Hat JBoss Enterprise Application Platform :None.kind-of-3.2.2",
"Red Hat JBoss Enterprise Application Platform :None.kind-of-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.kind-of-5.1.0",
"Red Hat JBoss Enterprise Application Platform :None.kind-of-6.0.2",
"Red Hat JBoss Enterprise Application Platform :None.klaw-1.3.1",
"Red Hat JBoss Enterprise Application Platform :None.known-css-properties-0.14.0",
"Red Hat JBoss Enterprise Application Platform :None.less-3.9.0",
"Red Hat JBoss Enterprise Application Platform :None.level-5.0.1",
"Red Hat JBoss Enterprise Application Platform :None.level-codec-9.0.1",
"Red Hat JBoss Enterprise Application Platform :None.level-concat-iterator-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.level-errors-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.level-iterator-stream-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.level-js-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.level-packager-5.0.2",
"Red Hat JBoss Enterprise Application Platform :None.level-write-stream-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.leveldown-5.0.2",
"Red Hat JBoss Enterprise Application Platform :None.levelup-4.0.2",
"Red Hat JBoss Enterprise Application Platform :None.leven-3.1.0",
"Red Hat JBoss Enterprise Application Platform :None.levn-0.2.5",
"Red Hat JBoss Enterprise Application Platform :None.levn-0.3.0",
"Red Hat JBoss Enterprise Application Platform :None.libjansi.so-None",
"Red Hat JBoss Enterprise Application Platform :None.libnetty_transport_native_epoll_x86_64.so-None",
"Red Hat JBoss Enterprise Application Platform :None.liftoff-2.5.0",
"Red Hat JBoss Enterprise Application Platform :None.livereload-js-2.4.0",
"Red Hat JBoss Enterprise Application Platform :None.load-json-file-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.load-json-file-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.locate-path-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.lodash-4.17.11",
"Red Hat JBoss Enterprise Application Platform :None.log-symbols-2.2.0",
"Red Hat JBoss Enterprise Application Platform :None.log-symbols-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.longest-streak-2.0.3",
"Red Hat JBoss Enterprise Application Platform :None.loose-envify-1.4.0",
"Red Hat JBoss Enterprise Application Platform :None.loud-rejection-1.6.0",
"Red Hat JBoss Enterprise Application Platform :None.ltgt-2.2.1",
"Red Hat JBoss Enterprise Application Platform :None.make-iterator-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.map-cache-0.2.2",
"Red Hat JBoss Enterprise Application Platform :None.map-obj-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.map-obj-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.map-visit-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.markdown-escapes-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.markdown-table-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.marked-0.3.19",
"Red Hat JBoss Enterprise Application Platform :None.marked-0.3.5",
"Red Hat JBoss Enterprise Application Platform :None.marked-0.7.0",
"Red Hat JBoss Enterprise Application Platform :None.matchdep-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.mathml-tag-names-2.1.1",
"Red Hat JBoss Enterprise Application Platform :None.maxmin-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.mdast-util-compact-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.meow-3.7.0",
"Red Hat JBoss Enterprise Application Platform :None.meow-5.0.0",
"Red Hat JBoss Enterprise Application Platform :None.merge2-1.2.3",
"Red Hat JBoss Enterprise Application Platform :None.micromatch-3.1.10",
"Red Hat JBoss Enterprise Application Platform :None.micromatch-4.0.2",
"Red Hat JBoss Enterprise Application Platform :None.mime-1.6.0",
"Red Hat JBoss Enterprise Application Platform :None.mime-db-1.40.0",
"Red Hat JBoss Enterprise Application Platform :None.mime-types-2.1.24",
"Red Hat JBoss Enterprise Application Platform :None.minimatch-3.0.4",
"Red Hat JBoss Enterprise Application Platform :None.minimist-0.0.8",
"Red Hat JBoss Enterprise Application Platform :None.minimist-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.minimist-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.minimist-1.2.6",
"Red Hat JBoss Enterprise Application Platform :None.minimist-options-3.0.2",
"Red Hat JBoss Enterprise Application Platform :None.minipass-2.3.5",
"Red Hat JBoss Enterprise Application Platform :None.minizlib-1.2.1",
"Red Hat JBoss Enterprise Application Platform :None.mixin-deep-1.3.2",
"Red Hat JBoss Enterprise Application Platform :None.mkdirp-0.5.1",
"Red Hat JBoss Enterprise Application Platform :None.moment-2.29.4",
"Red Hat JBoss Enterprise Application Platform :None.moment-timezone-0.4.1",
"Red Hat JBoss Enterprise Application Platform :None.ms-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.ms-2.1.2",
"Red Hat JBoss Enterprise Application Platform :None.nanomatch-1.2.13",
"Red Hat JBoss Enterprise Application Platform :None.napi-macros-1.8.2",
"Red Hat JBoss Enterprise Application Platform :None.node-fetch-2.4.1",
"Red Hat JBoss Enterprise Application Platform :None.node-gyp-5.0.1",
"Red Hat JBoss Enterprise Application Platform :None.node-gyp-build-3.8.0",
"Red Hat JBoss Enterprise Application Platform :None.node-releases-1.1.23",
"Red Hat JBoss Enterprise Application Platform :None.nopt-3.0.6",
"Red Hat JBoss Enterprise Application Platform :None.nopt-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.normalize-package-data-2.5.0",
"Red Hat JBoss Enterprise Application Platform :None.normalize-range-0.1.2",
"Red Hat JBoss Enterprise Application Platform :None.normalize-selector-0.2.0",
"Red Hat JBoss Enterprise Application Platform :None.npmlog-4.1.2",
"Red Hat JBoss Enterprise Application Platform :None.nth-check-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.num2fraction-1.2.2",
"Red Hat JBoss Enterprise Application Platform :None.number-is-nan-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.nwmatcher-1.4.4",
"Red Hat JBoss Enterprise Application Platform :None.oauth-sign-0.9.0",
"Red Hat JBoss Enterprise Application Platform :None.object-assign-4.1.1",
"Red Hat JBoss Enterprise Application Platform :None.object-copy-0.1.0",
"Red Hat JBoss Enterprise Application Platform :None.object-visit-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.object.defaults-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.object.map-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.object.pick-1.3.0",
"Red Hat JBoss Enterprise Application Platform :None.once-1.4.0",
"Red Hat JBoss Enterprise Application Platform :None.opencollective-postinstall-2.0.2",
"Red Hat JBoss Enterprise Application Platform :None.optionator-0.5.0",
"Red Hat JBoss Enterprise Application Platform :None.optionator-0.8.2",
"Red Hat JBoss Enterprise Application Platform :None.os-homedir-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.os-tmpdir-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.osenv-0.1.5",
"Red Hat JBoss Enterprise Application Platform :None.p-limit-1.3.0",
"Red Hat JBoss Enterprise Application Platform :None.p-locate-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.p-try-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.parse-entities-1.2.2",
"Red Hat JBoss Enterprise Application Platform :None.parse-filepath-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.parse-json-2.2.0",
"Red Hat JBoss Enterprise Application Platform :None.parse-json-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.parse-passwd-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.parse5-1.5.1",
"Red Hat JBoss Enterprise Application Platform :None.parse5-3.0.3",
"Red Hat JBoss Enterprise Application Platform :None.pascalcase-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.path-dirname-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.path-exists-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.path-exists-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.path-is-absolute-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.path-parse-1.0.6",
"Red Hat JBoss Enterprise Application Platform :None.path-root-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.path-root-regex-0.1.2",
"Red Hat JBoss Enterprise Application Platform :None.path-type-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.path-type-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.patternfly-3.59.2",
"Red Hat JBoss Enterprise Application Platform :None.patternfly-bootstrap-combobox-1.1.7",
"Red Hat JBoss Enterprise Application Platform :None.patternfly-bootstrap-treeview-2.1.5",
"Red Hat JBoss Enterprise Application Platform :None.performance-now-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.picomatch-2.0.7",
"Red Hat JBoss Enterprise Application Platform :None.pify-2.3.0",
"Red Hat JBoss Enterprise Application Platform :None.pify-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.pify-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.pinkie-2.0.4",
"Red Hat JBoss Enterprise Application Platform :None.pinkie-promise-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.pixrem-5.0.0",
"Red Hat JBoss Enterprise Application Platform :None.pom.xml-None",
"Red Hat JBoss Enterprise Application Platform :None.posix-character-classes-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.postcss-6.0.23",
"Red Hat JBoss Enterprise Application Platform :None.postcss-7.0.17",
"Red Hat JBoss Enterprise Application Platform :None.postcss-html-0.36.0",
"Red Hat JBoss Enterprise Application Platform :None.postcss-jsx-0.36.1",
"Red Hat JBoss Enterprise Application Platform :None.postcss-less-3.1.4",
"Red Hat JBoss Enterprise Application Platform :None.postcss-markdown-0.36.0",
"Red Hat JBoss Enterprise Application Platform :None.postcss-media-query-parser-0.2.3",
"Red Hat JBoss Enterprise Application Platform :None.postcss-reporter-6.0.1",
"Red Hat JBoss Enterprise Application Platform :None.postcss-resolve-nested-selector-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.postcss-safe-parser-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.postcss-sass-0.3.5",
"Red Hat JBoss Enterprise Application Platform :None.postcss-scss-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.postcss-selector-parser-3.1.1",
"Red Hat JBoss Enterprise Application Platform :None.postcss-syntax-0.36.2",
"Red Hat JBoss Enterprise Application Platform :None.postcss-value-parser-3.3.1",
"Red Hat JBoss Enterprise Application Platform :None.pouchdb-7.1.1",
"Red Hat JBoss Enterprise Application Platform :None.prelude-ls-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.pretty-bytes-3.0.1",
"Red Hat JBoss Enterprise Application Platform :None.process-nextick-args-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.promise-7.3.1",
"Red Hat JBoss Enterprise Application Platform :None.promise-polyfill-8.1.3",
"Red Hat JBoss Enterprise Application Platform :None.prr-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.psl-1.1.33",
"Red Hat JBoss Enterprise Application Platform :None.punycode-1.4.1",
"Red Hat JBoss Enterprise Application Platform :None.punycode-2.1.1",
"Red Hat JBoss Enterprise Application Platform :None.qs-6.5.2",
"Red Hat JBoss Enterprise Application Platform :None.quick-lru-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.raw-body-1.1.7",
"Red Hat JBoss Enterprise Application Platform :None.read-pkg-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.read-pkg-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.read-pkg-up-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.read-pkg-up-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.readable-stream-0.0.4",
"Red Hat JBoss Enterprise Application Platform :None.readable-stream-1.0.33",
"Red Hat JBoss Enterprise Application Platform :None.readable-stream-1.1.14",
"Red Hat JBoss Enterprise Application Platform :None.readable-stream-2.3.6",
"Red Hat JBoss Enterprise Application Platform :None.readable-stream-3.4.0",
"Red Hat JBoss Enterprise Application Platform :None.rechoir-0.6.2",
"Red Hat JBoss Enterprise Application Platform :None.redent-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.redent-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.reduce-css-calc-2.1.6",
"Red Hat JBoss Enterprise Application Platform :None.regenerator-runtime-0.11.1",
"Red Hat JBoss Enterprise Application Platform :None.regex-not-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.remark-10.0.1",
"Red Hat JBoss Enterprise Application Platform :None.remark-parse-6.0.3",
"Red Hat JBoss Enterprise Application Platform :None.remark-stringify-6.0.4",
"Red Hat JBoss Enterprise Application Platform :None.repeat-element-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.repeat-string-1.6.1",
"Red Hat JBoss Enterprise Application Platform :None.repeating-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.replace-ext-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.request-2.88.0",
"Red Hat JBoss Enterprise Application Platform :None.resolve-1.1.7",
"Red Hat JBoss Enterprise Application Platform :None.resolve-1.11.1",
"Red Hat JBoss Enterprise Application Platform :None.resolve-dir-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.resolve-from-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.resolve-from-5.0.0",
"Red Hat JBoss Enterprise Application Platform :None.resolve-url-0.2.1",
"Red Hat JBoss Enterprise Application Platform :None.ret-0.1.15",
"Red Hat JBoss Enterprise Application Platform :None.rimraf-2.6.3",
"Red Hat JBoss Enterprise Application Platform :None.rw-1.3.3",
"Red Hat JBoss Enterprise Application Platform :None.safe-buffer-5.1.2",
"Red Hat JBoss Enterprise Application Platform :None.safe-json-parse-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.safe-regex-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.safer-buffer-2.1.2",
"Red Hat JBoss Enterprise Application Platform :None.sax-1.2.4",
"Red Hat JBoss Enterprise Application Platform :None.select-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.semver-5.3.0",
"Red Hat JBoss Enterprise Application Platform :None.semver-5.7.0",
"Red Hat JBoss Enterprise Application Platform :None.set-blocking-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.set-value-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.signal-exit-3.0.2",
"Red Hat JBoss Enterprise Application Platform :None.slash-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.slash-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.slice-ansi-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.snapdragon-0.8.2",
"Red Hat JBoss Enterprise Application Platform :None.snapdragon-node-2.1.1",
"Red Hat JBoss Enterprise Application Platform :None.snapdragon-util-3.0.1",
"Red Hat JBoss Enterprise Application Platform :None.source-map-0.2.0",
"Red Hat JBoss Enterprise Application Platform :None.source-map-0.5.7",
"Red Hat JBoss Enterprise Application Platform :None.source-map-0.6.1",
"Red Hat JBoss Enterprise Application Platform :None.source-map-resolve-0.5.2",
"Red Hat JBoss Enterprise Application Platform :None.source-map-url-0.4.0",
"Red Hat JBoss Enterprise Application Platform :None.spark-md5-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.spdx-correct-3.1.0",
"Red Hat JBoss Enterprise Application Platform :None.spdx-exceptions-2.2.0",
"Red Hat JBoss Enterprise Application Platform :None.spdx-expression-parse-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.spdx-license-ids-3.0.4",
"Red Hat JBoss Enterprise Application Platform :None.specificity-0.4.1",
"Red Hat JBoss Enterprise Application Platform :None.split-string-3.1.0",
"Red Hat JBoss Enterprise Application Platform :None.sprintf-js-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.sprintf-js-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.sshpk-1.16.1",
"Red Hat JBoss Enterprise Application Platform :None.stack-trace-0.0.10",
"Red Hat JBoss Enterprise Application Platform :None.state-toggle-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.static-extend-0.1.2",
"Red Hat JBoss Enterprise Application Platform :None.string-template-0.2.1",
"Red Hat JBoss Enterprise Application Platform :None.string-width-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.string-width-3.1.0",
"Red Hat JBoss Enterprise Application Platform :None.string-width-4.1.0",
"Red Hat JBoss Enterprise Application Platform :None.string_decoder-0.10.31",
"Red Hat JBoss Enterprise Application Platform :None.string_decoder-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.stringify-entities-1.3.2",
"Red Hat JBoss Enterprise Application Platform :None.strip-ansi-3.0.1",
"Red Hat JBoss Enterprise Application Platform :None.strip-ansi-5.2.0",
"Red Hat JBoss Enterprise Application Platform :None.strip-bom-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.strip-bom-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.strip-indent-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.strip-indent-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.style-search-0.1.0",
"Red Hat JBoss Enterprise Application Platform :None.stylelint-10.1.0",
"Red Hat JBoss Enterprise Application Platform :None.sugarss-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.supports-color-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.supports-color-5.5.0",
"Red Hat JBoss Enterprise Application Platform :None.supports-color-6.1.0",
"Red Hat JBoss Enterprise Application Platform :None.svg-tags-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.symbol-tree-3.2.4",
"Red Hat JBoss Enterprise Application Platform :None.table-5.4.1",
"Red Hat JBoss Enterprise Application Platform :None.taffydb-2.7.2",
"Red Hat JBoss Enterprise Application Platform :None.taffydb-2.7.3",
"Red Hat JBoss Enterprise Application Platform :None.tar-4.4.10",
"Red Hat JBoss Enterprise Application Platform :None.through2-3.0.1",
"Red Hat JBoss Enterprise Application Platform :None.tiny-emitter-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.tiny-lr-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.to-fast-properties-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.to-fast-properties-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.to-object-path-0.3.0",
"Red Hat JBoss Enterprise Application Platform :None.to-regex-3.0.2",
"Red Hat JBoss Enterprise Application Platform :None.to-regex-range-2.1.1",
"Red Hat JBoss Enterprise Application Platform :None.to-regex-range-5.0.1",
"Red Hat JBoss Enterprise Application Platform :None.tough-cookie-2.4.3",
"Red Hat JBoss Enterprise Application Platform :None.tough-cookie-2.5.0",
"Red Hat JBoss Enterprise Application Platform :None.tr46-0.0.3",
"Red Hat JBoss Enterprise Application Platform :None.trim-0.0.1",
"Red Hat JBoss Enterprise Application Platform :None.trim-newlines-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.trim-newlines-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.trim-right-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.trim-trailing-lines-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.trough-1.0.4",
"Red Hat JBoss Enterprise Application Platform :None.tunnel-agent-0.6.0",
"Red Hat JBoss Enterprise Application Platform :None.tweetnacl-0.14.5",
"Red Hat JBoss Enterprise Application Platform :None.type-check-0.3.2",
"Red Hat JBoss Enterprise Application Platform :None.typedarray-to-buffer-3.1.5",
"Red Hat JBoss Enterprise Application Platform :None.unc-path-regex-0.1.2",
"Red Hat JBoss Enterprise Application Platform :None.underscore.string-3.3.5",
"Red Hat JBoss Enterprise Application Platform :None.unherit-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.unified-7.1.0",
"Red Hat JBoss Enterprise Application Platform :None.union-value-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.uniq-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.unist-util-find-all-after-1.0.4",
"Red Hat JBoss Enterprise Application Platform :None.unist-util-is-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.unist-util-remove-position-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.unist-util-stringify-position-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.unist-util-visit-1.4.1",
"Red Hat JBoss Enterprise Application Platform :None.unist-util-visit-parents-2.1.2",
"Red Hat JBoss Enterprise Application Platform :None.universalify-0.1.2",
"Red Hat JBoss Enterprise Application Platform :None.unset-value-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.uri-js-4.2.2",
"Red Hat JBoss Enterprise Application Platform :None.urix-0.1.0",
"Red Hat JBoss Enterprise Application Platform :None.use-3.1.1",
"Red Hat JBoss Enterprise Application Platform :None.util-deprecate-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.uuid-3.2.1",
"Red Hat JBoss Enterprise Application Platform :None.uuid-3.3.2",
"Red Hat JBoss Enterprise Application Platform :None.v8flags-3.1.3",
"Red Hat JBoss Enterprise Application Platform :None.validate-npm-package-license-3.0.4",
"Red Hat JBoss Enterprise Application Platform :None.verror-1.10.0",
"Red Hat JBoss Enterprise Application Platform :None.vfile-3.0.1",
"Red Hat JBoss Enterprise Application Platform :None.vfile-location-2.0.5",
"Red Hat JBoss Enterprise Application Platform :None.vfile-message-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.vuvuzela-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.webidl-conversions-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.websocket-driver-0.7.3",
"Red Hat JBoss Enterprise Application Platform :None.websocket-extensions-0.1.3",
"Red Hat JBoss Enterprise Application Platform :None.whatwg-fetch-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.whatwg-url-compat-0.6.5",
"Red Hat JBoss Enterprise Application Platform :None.which-1.3.1",
"Red Hat JBoss Enterprise Application Platform :None.wide-align-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.wordwrap-0.0.3",
"Red Hat JBoss Enterprise Application Platform :None.wordwrap-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.wrappy-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.write-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.write-stream-0.4.3",
"Red Hat JBoss Enterprise Application Platform :None.x-is-string-0.1.0",
"Red Hat JBoss Enterprise Application Platform :None.xml-name-validator-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.xtend-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.yallist-3.0.3",
"Red Hat JBoss Enterprise Application Platform :None.yargs-parser-10.1.0",
"Red Hat JBoss Enterprise Application Platform :antlr.antlr-2.7.7.redhat-7.jar",
"Red Hat JBoss Enterprise Application Platform :antlr.antlr-2.7.7.redhat-7.pom",
"Red Hat JBoss Enterprise Application Platform :ch.qos.cal10n.cal10n-api-0.8.1.redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :ch.qos.cal10n.cal10n-api-0.8.1.redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.classmate-1.5.1.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.classmate-1.5.1.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-annotations-2.11.3.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-annotations-2.12.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-annotations-2.12.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-core-2.11.3.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-core-2.12.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-core-2.12.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-databind-2.11.3.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-databind-2.12.6.1-redhat-00004.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-databind-2.12.6.1-redhat-00004.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.datatype.jackson-datatype-jdk8-2.12.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.datatype.jackson-datatype-jdk8-2.12.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.datatype.jackson-datatype-jsr310-2.12.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.datatype.jackson-datatype-jsr310-2.12.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.jaxrs.jackson-jaxrs-base-2.12.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.jaxrs.jackson-jaxrs-base-2.12.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.jaxrs.jackson-jaxrs-json-provider-2.12.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.jaxrs.jackson-jaxrs-json-provider-2.12.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.module.jackson-module-jaxb-annotations-2.12.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.module.jackson-module-jaxb-annotations-2.12.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.woodstox.woodstox-core-6.0.3.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.github.ben-manes.caffeine.caffeine-2.8.8.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.github.fge.btf-1.2.0.redhat-00007.jar",
"Red Hat JBoss Enterprise Application Platform :com.github.fge.jackson-coreutils-1.8.0.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :com.github.fge.json-patch-1.9.0.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :com.github.fge.msg-simple-1.1.0.redhat-00007.jar",
"Red Hat JBoss Enterprise Application Platform :com.github.spullara.mustache.java.compiler-0.9.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.github.spullara.mustache.java.compiler-0.9.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.google.code.gson.gson-2.8.5.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.google.code.gson.gson-2.8.9.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.google.code.gson.gson-2.8.9.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.google.guava.failureaccess-1.0.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :com.google.guava.failureaccess-1.0.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :com.google.guava.guava-30.1.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.google.guava.guava-30.1.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.google.protobuf.protobuf-java-3.12.2.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :com.googlecode.javaewah.JavaEWAH-1.1.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.googlecode.javaewah.JavaEWAH-1.1.7.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.h2database.h2-1.4.197.redhat-00004.jar",
"Red Hat JBoss Enterprise Application Platform :com.h2database.h2-1.4.197.redhat-00004.pom",
"Red Hat JBoss Enterprise Application Platform :com.h2database.h2-1.4.197.redhat-00004.zip",
"Red Hat JBoss Enterprise Application Platform :com.microsoft.azure.azure-storage-8.6.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.microsoft.azure.azure-storage-8.6.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.squareup.protoparser-4.0.3.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.activation.jakarta.activation-1.2.2.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.activation.jakarta.activation-1.2.2.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.faces.jsf-impl-2.3.14.SP06-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.faces.jsf-impl-2.3.14.SP06-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.istack.istack-commons-runtime-3.0.10.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.istack.istack-commons-runtime-3.0.10.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.istack.istack-commons-tools-3.0.10.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.istack.istack-commons-tools-3.0.10.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.mail.jakarta.mail-1.6.5.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.mail.jakarta.mail-1.6.5.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.bind.external.relaxng-datatype-2.3.3.b02-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.bind.external.relaxng-datatype-2.3.3.b02-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.bind.external.rngom-2.3.3.b02-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.bind.external.rngom-2.3.3.b02-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.bind.jaxb.isorelax-20090621.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.fastinfoset.FastInfoset-1.2.13.redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.fastinfoset.FastInfoset-1.2.13.redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.messaging.saaj.saaj-impl-1.4.1.SP1-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.messaging.saaj.saaj-impl-1.4.1.SP1-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :commons-beanutils.commons-beanutils-1.9.4.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :commons-beanutils.commons-beanutils-1.9.4.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :commons-cli.commons-cli-1.2.0.redhat-10.pom",
"Red Hat JBoss Enterprise Application Platform :commons-cli.commons-cli-1.4.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :commons-cli.commons-cli-1.4.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :commons-codec.commons-codec-1.11.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :commons-codec.commons-codec-1.15.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :commons-codec.commons-codec-1.15.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :commons-collections.commons-collections-3.2.2.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :commons-collections.commons-collections-3.2.2.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :commons-io.commons-io-2.10.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :commons-io.commons-io-2.10.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :commons-io.commons-io-2.8.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :commons-lang.commons-lang-2.6.0.redhat-7.jar",
"Red Hat JBoss Enterprise Application Platform :commons-lang.commons-lang-2.6.0.redhat-7.pom",
"Red Hat JBoss Enterprise Application Platform :commons-logging.commons-logging-1.2.0.redhat-00004.pom",
"Red Hat JBoss Enterprise Application Platform :gnu.getopt.java-getopt-1.0.13.redhat-5.jar",
"Red Hat JBoss Enterprise Application Platform :gnu.getopt.java-getopt-1.0.13.redhat-5.pom",
"Red Hat JBoss Enterprise Application Platform :io.agroal.agroal-api-1.3.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.agroal.agroal-api-1.3.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.agroal.agroal-narayana-1.3.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.agroal.agroal-narayana-1.3.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.agroal.agroal-pool-1.3.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.agroal.agroal-pool-1.3.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-buffer-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-buffer-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-dns-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-dns-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-haproxy-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-haproxy-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-http-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-http-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-http2-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-http2-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-memcache-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-memcache-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-mqtt-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-mqtt-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-redis-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-redis-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-smtp-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-smtp-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-socks-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-socks-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-stomp-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-stomp-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-xml-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-xml-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-common-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-handler-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-handler-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-handler-proxy-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-handler-proxy-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-resolver-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-resolver-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-resolver-dns-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-resolver-dns-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-resolver-dns-classes-macos-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-resolver-dns-classes-macos-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-tcnative-classes-2.0.52.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-tcnative-classes-2.0.52.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-classes-epoll-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-classes-epoll-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-classes-kqueue-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-classes-kqueue-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-native-epoll-4.1.77.Final-redhat-00001-linux-x86_64.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-native-epoll-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-native-unix-common-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-native-unix-common-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-rxtx-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-rxtx-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-sctp-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-sctp-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-udt-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-udt-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.reactivex.rxjava2.rxjava-2.2.20.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.reactivex.rxjava3.rxjava-3.0.9.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.undertow.jastow.jastow-2.0.11.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.undertow.jastow.jastow-2.0.11.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.undertow.js.undertow-js-1.0.2.Final-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :io.undertow.js.undertow-js-1.0.2.Final-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :io.undertow.undertow-core-2.2.19.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.undertow.undertow-core-2.2.19.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.undertow.undertow-servlet-2.2.19.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.undertow.undertow-servlet-2.2.19.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.undertow.undertow-websockets-jsr-2.2.19.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.undertow.undertow-websockets-jsr-2.2.19.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :jakarta.enterprise.jakarta.enterprise.cdi-api-2.0.2.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :jakarta.enterprise.jakarta.enterprise.cdi-api-2.0.2.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :jakarta.inject.jakarta.inject-api-1.0.3.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :jakarta.inject.jakarta.inject-api-1.0.3.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :jakarta.json.bind.jakarta.json.bind-api-1.0.2.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :jakarta.json.bind.jakarta.json.bind-api-1.0.2.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :jakarta.json.jakarta.json-api-1.1.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :jakarta.json.jakarta.json-api-1.1.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :jakarta.persistence.jakarta.persistence-api-2.2.3.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :jakarta.persistence.jakarta.persistence-api-2.2.3.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :jakarta.security.enterprise.jakarta.security.enterprise-api-1.0.2.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :jakarta.security.enterprise.jakarta.security.enterprise-api-1.0.2.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :jakarta.validation.jakarta.validation-api-2.0.2.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :jakarta.validation.jakarta.validation-api-2.0.2.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :javax.jws.jsr181-api-1.0.0.MR1-redhat-8.jar",
"Red Hat JBoss Enterprise Application Platform :javax.jws.jsr181-api-1.0.0.MR1-redhat-8.pom",
"Red Hat JBoss Enterprise Application Platform :jaxen.jaxen-1.1.6.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :jaxen.jaxen-1.1.6.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :jboss.jaxbintros.jboss-jaxb-intros-1.0.3.GA-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :jboss.jaxbintros.jboss-jaxb-intros-1.0.3.GA-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :joda-time.joda-time-2.9.7.redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :joda-time.joda-time-2.9.7.redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :net.bytebuddy.byte-buddy-1.11.12.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :net.bytebuddy.byte-buddy-dep-1.11.12.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :net.java.dev.msv.msv-core-2013.6.1.pom",
"Red Hat JBoss Enterprise Application Platform :net.java.dev.msv.xsdlib-2013.6.1.pom",
"Red Hat JBoss Enterprise Application Platform :net.jcip.jcip-annotations-1.0.0.redhat-8.jar",
"Red Hat JBoss Enterprise Application Platform :net.jcip.jcip-annotations-1.0.0.redhat-8.pom",
"Red Hat JBoss Enterprise Application Platform :net.shibboleth.utilities.java-support-7.3.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :net.shibboleth.utilities.java-support-7.3.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.aesh.aesh-2.4.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.aesh.aesh-2.4.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.aesh.aesh-extensions-1.8.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.aesh.aesh-extensions-1.8.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.aesh.readline-2.2.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.aesh.readline-2.2.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.aesh.terminal-api-2.2.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.activemq-artemis-native-1.0.2.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.activemq-artemis-native-1.0.2.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-cli-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-cli-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-commons-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-commons-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-core-client-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-core-client-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-dto-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-dto-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-hornetq-protocol-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-hornetq-protocol-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-hqclient-protocol-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-hqclient-protocol-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-jdbc-store-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-jdbc-store-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-jms-client-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-jms-client-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-jms-server-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-jms-server-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-journal-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-journal-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-ra-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-ra-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-selector-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-selector-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-server-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-server-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-service-extensions-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-service-extensions-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-tools-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-tools-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.avro.avro-1.7.6.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.avro.avro-1.7.6.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.commons.commons-lang3-3.11.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.commons.commons-lang3-3.11.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-core-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-core-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-bindings-coloc-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-bindings-coloc-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-bindings-soap-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-bindings-soap-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-bindings-xml-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-bindings-xml-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-databinding-aegis-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-databinding-aegis-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-databinding-jaxb-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-databinding-jaxb-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-features-clustering-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-features-clustering-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-features-logging-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-features-logging-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-frontend-jaxws-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-frontend-jaxws-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-frontend-simple-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-frontend-simple-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-management-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-management-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-security-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-security-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-security-saml-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-security-saml-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-http-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-http-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-http-hc-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-http-hc-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-jms-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-jms-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-local-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-local-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-addr-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-addr-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-mex-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-mex-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-policy-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-policy-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-rm-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-rm-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-security-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-security-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-wsdl-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-wsdl-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-common-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-common-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-java2ws-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-java2ws-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-validator-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-validator-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-wsdlto-core-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-wsdlto-core-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-wsdlto-databinding-jaxb-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-wsdlto-databinding-jaxb-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-wsdlto-frontend-jaxws-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-wsdlto-frontend-jaxws-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.services.sts.cxf-services-sts-core-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.services.sts.cxf-services-sts-core-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.services.ws-discovery.cxf-services-ws-discovery-api-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.services.ws-discovery.cxf-services-ws-discovery-api-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjc-utils.cxf-xjc-runtime-3.3.1.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjc-utils.cxf-xjc-runtime-3.3.1.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-boolean-3.3.1.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-boolean-3.3.1.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-bug986-3.3.1.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-bug986-3.3.1.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-dv-3.3.1.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-dv-3.3.1.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-ts-3.3.1.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-ts-3.3.1.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpasyncclient-4.1.4.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpasyncclient-4.1.4.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpclient-4.5.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpclient-4.5.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpcore-4.4.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpcore-4.4.14.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpcore-4.4.14.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpcore-nio-4.4.14.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpcore-nio-4.4.14.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpmime-4.5.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpmime-4.5.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.james.apache-mime4j-0.6.0.redhat-7.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.james.apache-mime4j-0.6.0.redhat-7.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.logging.log4j.log4j-api-2.17.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.logging.log4j.log4j-api-2.17.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-analyzers-common-5.5.5.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-analyzers-common-5.5.5.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-backward-codecs-5.5.5.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-backward-codecs-5.5.5.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-core-5.5.5.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-core-5.5.5.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-facet-5.5.5.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-facet-5.5.5.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-misc-5.5.5.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-misc-5.5.5.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-queries-5.5.5.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-queries-5.5.5.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-queryparser-5.5.5.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-queryparser-5.5.5.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.neethi.neethi-3.1.1.redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.neethi.neethi-3.1.1.redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.santuario.xmlsec-2.1.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.santuario.xmlsec-2.1.7.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.sshd.sshd-common-2.7.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.sshd.sshd-common-2.7.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.sshd.sshd-core-2.7.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.sshd.sshd-core-2.7.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.taglibs.taglibs-standard-compat-1.2.6.RC1-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.taglibs.taglibs-standard-compat-1.2.6.RC1-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.taglibs.taglibs-standard-impl-1.2.6.RC1-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.taglibs.taglibs-standard-impl-1.2.6.RC1-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.taglibs.taglibs-standard-spec-1.2.6.RC1-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.taglibs.taglibs-standard-spec-1.2.6.RC1-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.velocity.velocity-engine-core-2.3.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.ws.xmlschema.xmlschema-core-2.2.5.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.ws.xmlschema.xmlschema-core-2.2.5.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-bindings-2.2.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-bindings-2.2.7.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-policy-2.2.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-policy-2.2.7.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-common-2.2.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-common-2.2.7.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-dom-2.2.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-dom-2.2.7.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-policy-stax-2.2.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-policy-stax-2.2.7.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-stax-2.2.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-stax-2.2.7.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.bitbucket.b_c.jose4j-0.7.5.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcmail-jdk15on-1.68.0.redhat-00005.jar",
"Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcmail-jdk15on-1.68.0.redhat-00005.pom",
"Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcpg-jdk15on-1.68.0.redhat-00005.jar",
"Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcpg-jdk15on-1.68.0.redhat-00005.pom",
"Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcpkix-jdk15on-1.68.0.redhat-00005.jar",
"Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcpkix-jdk15on-1.68.0.redhat-00005.pom",
"Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcprov-jdk15on-1.68.0.redhat-00005.jar",
"Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcprov-jdk15on-1.68.0.redhat-00005.pom",
"Red Hat JBoss Enterprise Application Platform :org.codehaus.jackson.jackson-core-asl-1.9.13.redhat-00007.jar",
"Red Hat JBoss Enterprise Application Platform :org.codehaus.jackson.jackson-jaxrs-1.9.13.redhat-00007.jar",
"Red Hat JBoss Enterprise Application Platform :org.codehaus.jackson.jackson-mapper-asl-1.9.13.redhat-00007.jar",
"Red Hat JBoss Enterprise Application Platform :org.codehaus.jackson.jackson-xc-1.9.13.redhat-00007.jar",
"Red Hat JBoss Enterprise Application Platform :org.codehaus.jettison.jettison-1.4.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.codehaus.jettison.jettison-1.4.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.codehaus.woodstox.stax2-api-4.2.1.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.codehaus.woodstox.stax2-api-4.2.1.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.cryptacular.cryptacular-1.2.4.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.cryptacular.cryptacular-1.2.4.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.dom4j.dom4j-2.1.3.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.dom4j.dom4j-2.1.3.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.eclipse.jdt.ecj-3.26.0.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.eclipse.jdt.ecj-3.26.0.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.eclipse.jgit.org.eclipse.jgit-5.13.0.202109080827-r-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.eclipse.jgit.org.eclipse.jgit-5.13.0.202109080827-r-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.eclipse.jgit.org.eclipse.jgit.ssh.apache-5.13.0.202109080827-r-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.eclipse.jgit.org.eclipse.jgit.ssh.apache-5.13.0.202109080827-r-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.eclipse.yasson-1.0.10.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.eclipse.yasson-1.0.10.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.fusesource.hawtjni.hawtjni-runtime-1.17.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.fusesource.jansi.jansi-1.18.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.fusesource.jansi.jansi-linux32-1.8.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.fusesource.jansi.jansi-linux64-1.8.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.fusesource.jansi.jansi-native-1.8.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jakarta.el-3.0.3.redhat-00007.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jakarta.el-3.0.3.redhat-00007.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jakarta.enterprise.concurrent-1.1.1.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jakarta.enterprise.concurrent-1.1.1.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jakarta.json-1.1.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jakarta.json-1.1.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.codemodel-2.3.3.b02-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.codemodel-2.3.3.b02-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.jaxb-jxc-2.3.3.b02-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.jaxb-jxc-2.3.3.b02-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.jaxb-runtime-2.3.3.b02-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.jaxb-runtime-2.3.3.b02-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.jaxb-xjc-2.3.3.b02-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.jaxb-xjc-2.3.3.b02-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.txw2-2.3.3.b02-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.txw2-2.3.3.b02-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.xsom-2.3.3.b02-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.xsom-2.3.3.b02-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.soteria.jakarta.security.enterprise-1.0.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.soteria.jakarta.security.enterprise-1.0.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.common.hibernate-commons-annotations-5.0.5.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-core-5.3.28.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-envers-5.3.28.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-backend-jms-5.10.7.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-backend-jms-5.10.7.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-engine-5.10.7.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-engine-5.10.7.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-orm-5.10.7.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-orm-5.10.7.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-serialization-avro-5.10.7.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-serialization-avro-5.10.7.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.validator.hibernate-validator-6.0.23.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.validator.hibernate-validator-6.0.23.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.validator.hibernate-validator-cdi-6.0.23.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.validator.hibernate-validator-cdi-6.0.23.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.hornetq.hornetq-commons-2.4.8.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hornetq.hornetq-commons-2.4.8.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.hornetq.hornetq-core-client-2.4.8.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hornetq.hornetq-core-client-2.4.8.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.hornetq.hornetq-jms-client-2.4.8.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hornetq.hornetq-jms-client-2.4.8.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-cachestore-jdbc-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-cachestore-jdbc-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-cachestore-remote-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-cachestore-remote-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-client-hotrod-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-client-hotrod-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-commons-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-commons-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-component-annotations-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-component-annotations-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-core-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-core-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-commons-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-commons-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-spi-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-spi-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-v51-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-v51-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-v53-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-v53-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.protostream.protostream-4.3.5.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.protostream.protostream-4.3.5.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jasypt.jasypt-1.9.3.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.jasypt.jasypt-1.9.3.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.javassist.javassist-3.26.0.GA-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.javassist.javassist-3.27.0.GA-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.javassist.javassist-3.27.0.GA-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jberet.jberet-core-1.3.9.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jberet.jberet-core-1.3.9.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.activemq.artemis.integration.artemis-wildfly-integration-1.0.4.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.activemq.artemis.integration.artemis-wildfly-integration-1.0.4.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.classfilewriter.jboss-classfilewriter-1.2.5.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.classfilewriter.jboss-classfilewriter-1.2.5.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.common.jboss-common-beans-2.0.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.common.jboss-common-beans-2.0.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-eclipselink-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-eclipselink-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate4-1-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate4-1-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate4-3-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate4-3-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate5-3-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate5-3-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate5-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate5-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-openjpa-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-openjpa-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-appclient-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-appclient-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-batch-jberet-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-batch-jberet-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-bean-validation-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-bean-validation-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-client-all-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-client-properties-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-client-properties-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-api-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-api-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-common-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-common-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-cache-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-cache-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-hotrod-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-hotrod-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-infinispan-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-infinispan-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ejb-infinispan-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ejb-infinispan-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ejb-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ejb-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-client-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-client-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-extension-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-extension-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-marshalling-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-marshalling-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-jgroups-api-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-jgroups-api-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-jgroups-extension-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-jgroups-extension-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-jgroups-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-jgroups-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-api-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-api-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-jboss-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-jboss-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-protostream-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-protostream-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-server-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-server-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-service-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-service-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-singleton-api-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-singleton-api-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-singleton-extension-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-singleton-extension-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-api-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-api-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-cache-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-cache-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-container-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-container-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-extension-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-extension-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-hotrod-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-hotrod-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-infinispan-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-infinispan-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-undertow-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-undertow-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-cmp-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-cmp-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-configadmin-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-configadmin-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-connector-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-connector-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-datasources-agroal-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-datasources-agroal-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ee-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ee-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ee-security-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ee-security-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ejb3-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ejb3-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-health-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-health-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-iiop-openjdk-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-iiop-openjdk-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jacorb-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jacorb-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jaxr-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jaxr-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jaxrs-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jaxrs-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jdr-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jdr-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jpa-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jpa-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jsf-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jsf-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jsf-injection-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jsf-injection-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jsr77-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jsr77-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-mail-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-mail-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-messaging-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-messaging-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-messaging-activemq-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-messaging-activemq-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-metrics-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-metrics-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-mod_cluster-extension-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-mod_cluster-extension-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-mod_cluster-undertow-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-mod_cluster-undertow-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-naming-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-naming-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ormtransformer-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ormtransformer-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-picketlink-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-picketlink-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-pojo-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-pojo-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-rts-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-rts-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-sar-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-sar-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-api-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-api-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-integration-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-integration-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-plugins-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-plugins-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-vault-tool-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-vault-tool-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-system-jmx-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-system-jmx-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-transactions-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-transactions-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-undertow-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-undertow-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-web-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-web-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-web-common-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-web-common-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-webservices-server-integration-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-webservices-server-integration-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-bean-validation-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-bean-validation-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-common-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-common-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-ejb-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-ejb-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-jpa-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-jpa-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-transactions-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-transactions-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-webservices-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-webservices-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-xts-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-xts-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ejb3.jboss-ejb3-ext-api-2.3.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ejb3.jboss-ejb3-ext-api-2.3.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.genericjms.generic-jms-ra-jar-2.0.9.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.genericjms.generic-jms-ra-jar-2.0.9.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.hal.hal-console-3.3.14.Final-redhat-00001-resources.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.hal.hal-console-3.3.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.invocation.jboss-invocation-1.6.3.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.invocation.jboss-invocation-1.6.3.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-common-api-1.5.3.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-common-api-1.5.3.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-common-impl-1.5.3.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-common-impl-1.5.3.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-common-spi-1.5.3.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-common-spi-1.5.3.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-core-api-1.5.3.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-core-api-1.5.3.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-core-impl-1.5.3.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-core-impl-1.5.3.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-deployers-common-1.5.3.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-deployers-common-1.5.3.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-jdbc-1.5.3.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-jdbc-1.5.3.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-validator-1.5.3.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-validator-1.5.3.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jandex-2.4.2.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jandex-2.4.2.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-dmr-1.5.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-dmr-1.5.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-ejb-client-4.0.45.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-ejb-client-4.0.45.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-ejb-client-legacy-3.0.3.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-ejb-client-legacy-3.0.3.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-iiop-client-1.0.1.Final-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-iiop-client-1.0.1.Final-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-transaction-spi-7.6.0.Final-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-transaction-spi-7.6.0.Final-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-vfs-3.2.17.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-vfs-3.2.17.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logging.commons-logging-jboss-logging-1.0.0.Final-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logging.commons-logging-jboss-logging-1.0.0.Final-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logging.jboss-logging-3.4.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logging.jboss-logging-3.4.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logging.jul-to-slf4j-stub-1.0.1.Final-redhat-3.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logging.jul-to-slf4j-stub-1.0.1.Final-redhat-3.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logmanager.jboss-logmanager-2.1.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logmanager.jboss-logmanager-2.1.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logmanager.log4j-jboss-logmanager-1.2.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logmanager.log4j2-jboss-logmanager-1.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logmanager.log4j2-jboss-logmanager-1.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.marshalling.jboss-marshalling-2.0.12.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.marshalling.jboss-marshalling-2.0.12.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.marshalling.jboss-marshalling-river-2.0.12.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.marshalling.jboss-marshalling-river-2.0.12.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-appclient-13.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-appclient-13.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-common-13.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-common-13.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-ear-13.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-ear-13.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-ejb-13.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-ejb-13.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-web-13.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-web-13.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-cli-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-cli-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-core-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-core-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap6.4-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap6.4-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap6.4-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap6.4-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.0-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.0-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.0-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.0-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.1-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.1-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.1-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.1-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.2-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.2-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.2-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.2-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.3-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.3-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.3-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.3-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.4-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.4-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.4-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.4-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly10.0-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly10.0-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly10.1-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly10.1-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly11.0-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly11.0-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly12.0-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly12.0-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly13.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly13.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly14.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly14.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly15.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly15.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly16.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly16.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly17.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly17.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly18.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly18.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly19.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly19.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly20.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly20.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly21.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly21.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly22.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly22.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly8.2-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly8.2-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly9.0-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly9.0-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.mod_cluster.mod_cluster-container-spi-1.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.mod_cluster.mod_cluster-container-spi-1.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.mod_cluster.mod_cluster-core-1.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.mod_cluster.mod_cluster-core-1.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.mod_cluster.mod_cluster-load-spi-1.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.mod_cluster.mod_cluster-load-spi-1.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.modules.jboss-modules-1.12.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.modules.jboss-modules-1.12.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.msc.jboss-msc-1.4.12.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.msc.jboss-msc-1.4.12.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.arjunacore.arjuna-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.arjunacore.txoj-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.common-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.compensations.compensations-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.compensations.compensations-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jbosstxbridge-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jbosstxbridge-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jta.cdi-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jta.jdbc-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jta.jms-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jta.jta-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jts.idlj-idl-jdk8-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jts.jtax-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jts.jts-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jts.narayana-jts-idlj-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jts.narayana-jts-integration-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jts.narayana-jts-integration-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jts.orbportability-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-api-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-api-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-bridge-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-bridge-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-integration-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-integration-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-util-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-util-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.txframework.txframework-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.txframework.txframework-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.bridge-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.jbossxts-5.11.4.Final-redhat-00001-api.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.jbossxts-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.recovery-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.service-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.ws-c11-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.ws-t11-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.wsas-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.wscf11-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.wstx11-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.openjdk-orb.openjdk-orb-8.1.4.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.openjdk-orb.openjdk-orb-8.1.4.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.remoting.jboss-remoting-5.0.25.SP1-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.remoting.jboss-remoting-5.0.25.SP1-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.remotingjmx.remoting-jmx-3.0.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.remotingjmx.remoting-jmx-3.0.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.jose-jwt-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.jose-jwt-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-atom-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-atom-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-cdi-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-cdi-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-client-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-client-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-crypto-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-crypto-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jackson-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jackson-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jackson2-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jackson2-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jaxb-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jaxb-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jaxrs-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jaxrs-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jettison-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jettison-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jsapi-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jsapi-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-json-binding-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-json-binding-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-json-p-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-json-p-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-multipart-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-multipart-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-rxjava2-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-rxjava2-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-spring-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-spring-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-validator-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-validator-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-yaml-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-yaml-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.seam.integration.jboss-seam-int-jbossas-7.0.0.GA-redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.seam.integration.jboss-seam-int-jbossas-7.0.0.GA-redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-common-3.0.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-common-3.0.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-extras-3.0.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-extras-3.0.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-ntlm-3.0.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-ntlm-3.0.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-spnego-3.0.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-spnego-3.0.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jbossxacml-2.0.8.Final-redhat-8.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.slf4j.slf4j-jboss-logmanager-1.1.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.slf4j.slf4j-jboss-logmanager-1.1.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.annotation.jboss-annotations-api_1.3_spec-2.0.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.annotation.jboss-annotations-api_1.3_spec-2.0.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.batch.jboss-batch-api_1.0_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.batch.jboss-batch-api_1.0_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.ejb.jboss-ejb-api_3.2_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.ejb.jboss-ejb-api_3.2_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.el.jboss-el-api_3.0_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.el.jboss-el-api_3.0_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.enterprise.concurrent.jboss-concurrency-api_1.0_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.enterprise.concurrent.jboss-concurrency-api_1.0_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.faces.jboss-jsf-api_2.3_spec-3.0.0.SP06-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.faces.jboss-jsf-api_2.3_spec-3.0.0.SP06-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.interceptor.jboss-interceptors-api_1.2_spec-2.0.0.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.interceptor.jboss-interceptors-api_1.2_spec-2.0.0.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.jms.jboss-jms-api_2.0_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.jms.jboss-jms-api_2.0_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.management.j2ee.jboss-j2eemgmt-api_1.1_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.management.j2ee.jboss-j2eemgmt-api_1.1_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.resource.jboss-connector-api_1.7_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.resource.jboss-connector-api_1.7_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.security.auth.message.jboss-jaspi-api_1.1_spec-2.0.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.security.auth.message.jboss-jaspi-api_1.1_spec-2.0.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.security.jacc.jboss-jacc-api_1.5_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.security.jacc.jboss-jacc-api_1.5_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.servlet.jboss-servlet-api_4.0_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.servlet.jboss-servlet-api_4.0_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.servlet.jsp.jboss-jsp-api_2.3_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.servlet.jsp.jboss-jsp-api_2.3_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.transaction.jboss-transaction-api_1.3_spec-2.0.0.Final-redhat-00005.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.transaction.jboss-transaction-api_1.3_spec-2.0.0.Final-redhat-00005.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.websocket.jboss-websocket-api_1.1_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.websocket.jboss-websocket-api_1.1_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.ws.rs.jboss-jaxrs-api_2.1_spec-2.0.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.ws.rs.jboss-jaxrs-api_2.1_spec-2.0.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.bind.jboss-jaxb-api_2.3_spec-2.0.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.bind.jboss-jaxb-api_2.3_spec-2.0.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.rpc.jboss-jaxrpc-api_1.1_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.rpc.jboss-jaxrpc-api_1.1_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.soap.jboss-saaj-api_1.3_spec-1.0.6.Final-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.soap.jboss-saaj-api_1.3_spec-1.0.6.Final-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.soap.jboss-saaj-api_1.4_spec-1.0.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.soap.jboss-saaj-api_1.4_spec-1.0.2.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.ws.jboss-jaxws-api_2.3_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.ws.jboss-jaxws-api_2.3_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.staxmapper-1.3.0.Final-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.staxmapper-1.3.0.Final-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.stdio.jboss-stdio-1.1.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.stdio.jboss-stdio-1.1.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.threads.jboss-threads-2.4.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.threads.jboss-threads-2.4.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-ejb-3.1.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-ejb-3.1.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-jsf-3.1.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-jsf-3.1.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-jta-3.1.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-jta-3.1.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-web-3.1.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-web-3.1.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.probe.weld-probe-core-3.1.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.probe.weld-probe-core-3.1.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.weld-api-3.1.0.SP3-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.weld-api-3.1.0.SP3-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.weld-core-impl-3.1.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.weld-core-impl-3.1.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.weld-spi-3.1.0.SP3-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.weld-spi-3.1.0.SP3-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-client-5.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-client-5.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-factories-5.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-factories-5.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-jaspi-5.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-jaspi-5.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-resources-5.4.4.Final-redhat-00001-wildfly2000.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-resources-5.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-server-5.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-server-5.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-transports-udp-5.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-transports-udp-5.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-transports-undertow-5.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-transports-undertow-5.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-api-1.1.2.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-api-1.1.2.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-common-3.3.3.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-common-3.3.3.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-common-tools-1.3.2.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-common-tools-1.3.2.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-spi-3.3.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-spi-3.3.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.projects.jaxws-undertow-httpspi-1.0.1.Final-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.projects.jaxws-undertow-httpspi-1.0.1.Final-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.xnio.netty.netty-xnio-transport-0.1.9.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.xnio.netty.netty-xnio-transport-0.1.9.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.xnio.xnio-api-3.8.7.SP1-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.xnio.xnio-api-3.8.7.SP1-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.xnio.xnio-nio-3.8.7.SP1-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.xnio.xnio-nio-3.8.7.SP1-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jctools.jctools-core-2.1.2.redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jctools.jctools-core-2.1.2.redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jctools.jctools-core-3.1.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jgroups.azure.jgroups-azure-1.3.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jgroups.azure.jgroups-azure-1.3.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jgroups.jgroups-4.2.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jgroups.jgroups-4.2.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jgroups.kubernetes.jgroups-kubernetes-1.0.16.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jgroups.kubernetes.jgroups-kubernetes-1.0.16.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jsoup.jsoup-1.14.2.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.jsoup.jsoup-1.14.2.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.jvnet.staxex.stax-ex-1.8.3.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.jvnet.staxex.stax-ex-1.8.3.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-core-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-core-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-profile-api-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-profile-api-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-saml-api-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-saml-api-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-saml-impl-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-saml-impl-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-security-api-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-security-api-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-security-impl-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-security-impl-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-soap-api-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-soap-api-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-api-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-api-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-impl-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-impl-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-saml-api-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-saml-api-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-saml-impl-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-saml-impl-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xmlsec-api-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xmlsec-api-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xmlsec-impl-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xmlsec-impl-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.ow2.asm.asm-9.1.0.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.ow2.asm.asm-util-9.1.0.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.acl-spi-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.authorization-spi-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.common-spi-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.identity-spi-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.jboss-security-spi-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.jbosssx-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.jbosssx-bare-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-5.0.3.Final-redhat-00009.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-acl-impl-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-bare-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-commons-1.0.0.final-redhat-5.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-commons-1.0.0.final-redhat-5.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-identity-impl-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-infinispan-5.0.3.Final-redhat-00009.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-infinispan-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-spi-bare-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.distribution.picketlink-wildfly8-2.5.5.SP12-redhat-00014.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-api-2.5.5.SP12-redhat-00011.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-api-2.5.5.SP12-redhat-00011.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-common-2.5.5.SP12-redhat-00011.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-common-2.5.5.SP12-redhat-00011.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-config-2.5.5.SP12-redhat-00011.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-config-2.5.5.SP12-redhat-00011.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-federation-2.5.5.SP12-redhat-00011.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-federation-2.5.5.SP12-redhat-00011.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-idm-api-2.5.5.SP12-redhat-00011.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-idm-api-2.5.5.SP12-redhat-00011.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-idm-impl-2.5.5.SP12-redhat-00011.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-idm-impl-2.5.5.SP12-redhat-00011.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-idm-simple-schema-2.5.5.SP12-redhat-00011.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-idm-simple-schema-2.5.5.SP12-redhat-00011.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-impl-2.5.5.SP12-redhat-00011.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-impl-2.5.5.SP12-redhat-00011.pom",
"Red Hat JBoss Enterprise Application Platform :org.projectodd.vdx.vdx-core-1.1.6.redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.projectodd.vdx.vdx-core-1.1.6.redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.projectodd.vdx.vdx-wildfly-1.1.6.redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.projectodd.vdx.vdx-wildfly-1.1.6.redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.reactivestreams.reactive-streams-1.0.3.redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.slf4j.jcl-over-slf4j-1.7.30.redhat-00004.pom",
"Red Hat JBoss Enterprise Application Platform :org.slf4j.slf4j-api-1.7.22.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.slf4j.slf4j-api-1.7.22.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.slf4j.slf4j-api-1.7.30.redhat-00004.pom",
"Red Hat JBoss Enterprise Application Platform :org.slf4j.slf4j-ext-1.7.22.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.slf4j.slf4j-ext-1.7.22.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.client.wildfly-client-config-1.0.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.client.wildfly-client-config-1.0.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.common.wildfly-common-1.5.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.common.wildfly-common-1.5.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-cli-15.0.18.Final-redhat-00001-client.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-cli-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-cli-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-controller-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-controller-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-controller-client-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-controller-client-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-management-client-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-management-client-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-management-subsystem-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-management-subsystem-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-security-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-security-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-security-api-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-security-api-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-deployment-repository-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-deployment-repository-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-deployment-scanner-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-deployment-scanner-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-discovery-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-discovery-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-domain-http-error-context-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-domain-http-error-context-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-domain-http-interface-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-domain-http-interface-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-domain-management-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-domain-management-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-elytron-integration-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-elytron-integration-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-elytron-tool-wrapper-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-elytron-tool-wrapper-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-embedded-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-embedded-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-event-logger-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-event-logger-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-host-controller-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-host-controller-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-io-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-io-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-jmx-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-jmx-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-launcher-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-launcher-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-logging-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-logging-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-management-client-content-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-management-client-content-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-network-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-network-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-patching-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-patching-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-platform-mbean-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-platform-mbean-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-process-controller-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-process-controller-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-protocol-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-protocol-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-remoting-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-remoting-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-request-controller-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-request-controller-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-security-manager-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-security-manager-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-server-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-server-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-threads-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-threads-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-version-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-version-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.discovery.wildfly-discovery-client-1.2.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.discovery.wildfly-discovery-client-1.2.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-java-2.2.3.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-java-2.2.3.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-ppc64le-2.2.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-ppc64le-2.2.2.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel6-x86_64-2.2.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel6-x86_64-2.2.2.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel7-x86_64-2.2.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel7-x86_64-2.2.2.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel8-x86_64-2.2.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel8-x86_64-2.2.2.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel9-x86_64-2.2.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel9-x86_64-2.2.2.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-s390x-2.2.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-s390x-2.2.2.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-windows-x86_64-2.2.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.elytron-web.undertow-server-1.9.2.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.elytron-web.undertow-server-1.9.2.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.elytron-web.undertow-server-servlet-1.9.2.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.elytron-web.undertow-server-servlet-1.9.2.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-asn1-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-asn1-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-audit-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-audit-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-deprecated-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-deprecated-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-http-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-http-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-sasl-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-sasl-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-util-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-util-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-base-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-base-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-client-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-client-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-source-deprecated-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-source-deprecated-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-source-impl-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-source-impl-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-store-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-store-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-digest-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-digest-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-encryption-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-encryption-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-basic-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-basic-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-bearer-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-bearer-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-cert-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-cert-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-deprecated-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-deprecated-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-digest-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-digest-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-external-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-external-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-form-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-form-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-oidc-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-spnego-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-spnego-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-sso-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-sso-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-stateful-basic-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-stateful-basic-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-util-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-util-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-jacc-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-jacc-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-jaspi-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-jaspi-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-jose-jwk-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-jose-util-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-json-util-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-json-util-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-keystore-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-keystore-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-digest-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-digest-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-gssapi-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-gssapi-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-http-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-http-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-oauth2-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-oauth2-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-scram-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-scram-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-password-impl-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-password-impl-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-permission-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-permission-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-provider-util-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-provider-util-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-jdbc-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-jdbc-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-ldap-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-ldap-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-token-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-token-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-anonymous-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-anonymous-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-auth-util-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-auth-util-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-deprecated-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-deprecated-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-digest-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-digest-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-entity-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-entity-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-external-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-external-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-gs2-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-gs2-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-gssapi-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-gssapi-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-localuser-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-localuser-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-oauth2-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-oauth2-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-otp-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-otp-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-plain-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-plain-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-scram-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-scram-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-security-manager-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-security-manager-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-security-manager-action-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-security-manager-action-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-ssl-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-ssl-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-tool-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-tool-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-util-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-util-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-cert-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-cert-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-cert-acme-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-cert-acme-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-cert-util-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-cert-util-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-deprecated-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-deprecated-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-principal-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-principal-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.transaction.wildfly-transaction-client-1.1.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.transaction.wildfly-transaction-client-1.1.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-client-common-1.1.13.SP1-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-client-common-1.1.13.SP1-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-ejb-client-1.1.13.SP1-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-ejb-client-1.1.13.SP1-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-naming-client-1.1.13.SP1-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-naming-client-1.1.13.SP1-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-transaction-client-1.1.13.SP1-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-transaction-client-1.1.13.SP1-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-naming-client-1.0.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-naming-client-1.0.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.yaml.snakeyaml-1.31.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :wsdl4j.wsdl4j-1.6.3.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :wsdl4j.wsdl4j-1.6.3.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :xalan.serializer-2.7.1.redhat-00013.jar",
"Red Hat JBoss Enterprise Application Platform :xalan.serializer-2.7.1.redhat-00013.pom",
"Red Hat JBoss Enterprise Application Platform :xalan.xalan-2.7.1.redhat-00013.jar",
"Red Hat JBoss Enterprise Application Platform :xalan.xalan-2.7.1.redhat-00013.pom",
"Red Hat JBoss Enterprise Application Platform :xerces.xercesImpl-2.12.0.SP04-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :xerces.xercesImpl-2.12.0.SP04-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :xml-resolver.xml-resolver-1.2.0.redhat-12.jar",
"Red Hat JBoss Enterprise Application Platform :xml-resolver.xml-resolver-1.2.0.redhat-12.pom",
"Red Hat JBoss Enterprise Application Platform :xom.xom-1.3.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :xom.xom-1.3.7.redhat-00001.pom"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2126789"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Denial of Service due to missing nested depth limitation for collections",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For RHEL-8 it\u0027s downgraded to moderate because \"snakeyaml\" itself in RHEL 8 or RHEL-9 isn\u0027t shipped and \"prometheus-jmx-exporter\" is needed as build dependency. And it\u0027s not directly exploitable, hence severity marked as moderate.\nRed Hat Integration and AMQ products are not vulnerable to this flaw, so their severity has been lowered to moderate.\nRed Hat Single Sign-On uses snakeyaml from liquibase-core and is only used when performing migrations and would require administrator privileges to execute, hence severity marked as Low.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be present soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform :org.yaml.snakeyaml-1.31.0.redhat-00001.jar"
],
"known_not_affected": [
"Red Hat JBoss Enterprise Application Platform :@babel.code-frame-7.0.0",
"Red Hat JBoss Enterprise Application Platform :@babel.core-7.4.5",
"Red Hat JBoss Enterprise Application Platform :@babel.generator-7.4.4",
"Red Hat JBoss Enterprise Application Platform :@babel.helper-function-name-7.1.0",
"Red Hat JBoss Enterprise Application Platform :@babel.helper-get-function-arity-7.0.0",
"Red Hat JBoss Enterprise Application Platform :@babel.helper-split-export-declaration-7.4.4",
"Red Hat JBoss Enterprise Application Platform :@babel.helpers-7.4.4",
"Red Hat JBoss Enterprise Application Platform :@babel.highlight-7.0.0",
"Red Hat JBoss Enterprise Application Platform :@babel.parser-7.4.5",
"Red Hat JBoss Enterprise Application Platform :@babel.template-7.4.4",
"Red Hat JBoss Enterprise Application Platform :@babel.traverse-7.4.5",
"Red Hat JBoss Enterprise Application Platform :@babel.types-7.4.4",
"Red Hat JBoss Enterprise Application Platform :@mrmlnc.readdir-enhanced-2.2.1",
"Red Hat JBoss Enterprise Application Platform :@nodelib.fs.stat-1.1.3",
"Red Hat JBoss Enterprise Application Platform :@types.c3-0.6.0",
"Red Hat JBoss Enterprise Application Platform :@types.d3-4.13.0",
"Red Hat JBoss Enterprise Application Platform :@types.d3-array-1.2.1",
"Red Hat JBoss Enterprise Application Platform :@types.d3-axis-1.0.10",
"Red Hat JBoss Enterprise Application Platform :@types.d3-brush-1.0.8",
"Red Hat JBoss Enterprise Application Platform :@types.d3-chord-1.0.7",
"Red Hat JBoss Enterprise Application Platform :@types.d3-collection-1.0.7",
"Red Hat JBoss Enterprise Application Platform :@types.d3-color-1.2.1",
"Red Hat JBoss Enterprise Application Platform :@types.d3-dispatch-1.0.6",
"Red Hat JBoss Enterprise Application Platform :@types.d3-drag-1.2.1",
"Red Hat JBoss Enterprise Application Platform :@types.d3-dsv-1.0.33",
"Red Hat JBoss Enterprise Application Platform :@types.d3-ease-1.0.7",
"Red Hat JBoss Enterprise Application Platform :@types.d3-force-1.1.1",
"Red Hat JBoss Enterprise Application Platform :@types.d3-format-1.3.0",
"Red Hat JBoss Enterprise Application Platform :@types.d3-geo-1.10.3",
"Red Hat JBoss Enterprise Application Platform :@types.d3-hierarchy-1.1.2",
"Red Hat JBoss Enterprise Application Platform :@types.d3-interpolate-1.2.0",
"Red Hat JBoss Enterprise Application Platform :@types.d3-path-1.0.7",
"Red Hat JBoss Enterprise Application Platform :@types.d3-polygon-1.0.6",
"Red Hat JBoss Enterprise Application Platform :@types.d3-quadtree-1.0.5",
"Red Hat JBoss Enterprise Application Platform :@types.d3-queue-3.0.6",
"Red Hat JBoss Enterprise Application Platform :@types.d3-random-1.1.1",
"Red Hat JBoss Enterprise Application Platform :@types.d3-request-1.0.2",
"Red Hat JBoss Enterprise Application Platform :@types.d3-scale-1.0.13",
"Red Hat JBoss Enterprise Application Platform :@types.d3-selection-1.3.1",
"Red Hat JBoss Enterprise Application Platform :@types.d3-shape-1.2.3",
"Red Hat JBoss Enterprise Application Platform :@types.d3-time-1.0.8",
"Red Hat JBoss Enterprise Application Platform :@types.d3-time-format-2.1.0",
"Red Hat JBoss Enterprise Application Platform :@types.d3-timer-1.0.7",
"Red Hat JBoss Enterprise Application Platform :@types.d3-transition-1.1.1",
"Red Hat JBoss Enterprise Application Platform :@types.d3-voronoi-1.1.7",
"Red Hat JBoss Enterprise Application Platform :@types.d3-zoom-1.7.1",
"Red Hat JBoss Enterprise Application Platform :@types.events-3.0.0",
"Red Hat JBoss Enterprise Application Platform :@types.geojson-7946.0.3",
"Red Hat JBoss Enterprise Application Platform :@types.glob-7.1.1",
"Red Hat JBoss Enterprise Application Platform :@types.minimatch-3.0.3",
"Red Hat JBoss Enterprise Application Platform :@types.node-12.0.10",
"Red Hat JBoss Enterprise Application Platform :@types.unist-2.0.3",
"Red Hat JBoss Enterprise Application Platform :@types.vfile-3.0.2",
"Red Hat JBoss Enterprise Application Platform :@types.vfile-message-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.abab-1.0.4",
"Red Hat JBoss Enterprise Application Platform :None.abbrev-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.abstract-leveldown-6.0.3",
"Red Hat JBoss Enterprise Application Platform :None.ace-builds-1.4.5",
"Red Hat JBoss Enterprise Application Platform :None.acorn-2.7.0",
"Red Hat JBoss Enterprise Application Platform :None.acorn-globals-1.0.9",
"Red Hat JBoss Enterprise Application Platform :None.ajv-6.10.0",
"Red Hat JBoss Enterprise Application Platform :None.amdefine-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.ansi-regex-2.1.1",
"Red Hat JBoss Enterprise Application Platform :None.ansi-regex-4.1.0",
"Red Hat JBoss Enterprise Application Platform :None.ansi-styles-2.2.1",
"Red Hat JBoss Enterprise Application Platform :None.ansi-styles-3.2.1",
"Red Hat JBoss Enterprise Application Platform :None.aproba-1.2.0",
"Red Hat JBoss Enterprise Application Platform :None.are-we-there-yet-1.1.5",
"Red Hat JBoss Enterprise Application Platform :None.argparse-1.0.10",
"Red Hat JBoss Enterprise Application Platform :None.argsarray-0.0.1",
"Red Hat JBoss Enterprise Application Platform :None.arr-diff-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.arr-flatten-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.arr-union-3.1.0",
"Red Hat JBoss Enterprise Application Platform :None.array-each-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.array-find-index-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.array-slice-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.array-union-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.array-uniq-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.array-unique-0.3.2",
"Red Hat JBoss Enterprise Application Platform :None.arrify-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.artemis-service.exe-None",
"Red Hat JBoss Enterprise Application Platform :None.asap-2.0.6",
"Red Hat JBoss Enterprise Application Platform :None.asn1-0.2.4",
"Red Hat JBoss Enterprise Application Platform :None.assert-plus-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.assign-symbols-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.astral-regex-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.async-1.5.2",
"Red Hat JBoss Enterprise Application Platform :None.async-2.6.2",
"Red Hat JBoss Enterprise Application Platform :None.asynckit-0.4.0",
"Red Hat JBoss Enterprise Application Platform :None.atob-2.1.2",
"Red Hat JBoss Enterprise Application Platform :None.autocompleter-4.0.2",
"Red Hat JBoss Enterprise Application Platform :None.autoprefixer-9.6.0",
"Red Hat JBoss Enterprise Application Platform :None.aws-sign2-0.7.0",
"Red Hat JBoss Enterprise Application Platform :None.aws4-1.8.0",
"Red Hat JBoss Enterprise Application Platform :None.babel-code-frame-6.26.0",
"Red Hat JBoss Enterprise Application Platform :None.babel-generator-6.26.1",
"Red Hat JBoss Enterprise Application Platform :None.babel-messages-6.23.0",
"Red Hat JBoss Enterprise Application Platform :None.babel-runtime-6.26.0",
"Red Hat JBoss Enterprise Application Platform :None.babel-traverse-6.26.0",
"Red Hat JBoss Enterprise Application Platform :None.babel-types-6.26.0",
"Red Hat JBoss Enterprise Application Platform :None.babylon-6.18.0",
"Red Hat JBoss Enterprise Application Platform :None.bail-1.0.4",
"Red Hat JBoss Enterprise Application Platform :None.balanced-match-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.base-0.11.2",
"Red Hat JBoss Enterprise Application Platform :None.bcrypt-pbkdf-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.body-5.1.0",
"Red Hat JBoss Enterprise Application Platform :None.boolbase-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-3.3.7",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-3.4.1",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-datepicker-1.8.0",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-datepicker-1.9.0",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-sass-3.4.1",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-select-1.12.2",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-select-1.13.10",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-slider-10.6.1",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-slider-9.10.0",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-switch-3.3.4",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-switch-3.3.5",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-touchspin-3.1.1",
"Red Hat JBoss Enterprise Application Platform :None.brace-expansion-1.1.11",
"Red Hat JBoss Enterprise Application Platform :None.braces-2.3.2",
"Red Hat JBoss Enterprise Application Platform :None.braces-3.0.2",
"Red Hat JBoss Enterprise Application Platform :None.browserslist-4.6.3",
"Red Hat JBoss Enterprise Application Platform :None.buffer-from-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.bytes-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.c3-0.4.23",
"Red Hat JBoss Enterprise Application Platform :None.c3-0.7.1",
"Red Hat JBoss Enterprise Application Platform :None.cache-base-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.call-me-maybe-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.caller-callsite-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.caller-path-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.callsites-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.camelcase-2.1.1",
"Red Hat JBoss Enterprise Application Platform :None.camelcase-4.1.0",
"Red Hat JBoss Enterprise Application Platform :None.camelcase-keys-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.camelcase-keys-4.2.0",
"Red Hat JBoss Enterprise Application Platform :None.caniuse-lite-1.0.30000978",
"Red Hat JBoss Enterprise Application Platform :None.caseless-0.12.0",
"Red Hat JBoss Enterprise Application Platform :None.ccount-1.0.4",
"Red Hat JBoss Enterprise Application Platform :None.chalk-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.chalk-2.4.2",
"Red Hat JBoss Enterprise Application Platform :None.character-entities-1.2.3",
"Red Hat JBoss Enterprise Application Platform :None.character-entities-html4-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.character-entities-legacy-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.character-reference-invalid-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.cheerio-0.20.0",
"Red Hat JBoss Enterprise Application Platform :None.cheerio-1.0.0-rc.2",
"Red Hat JBoss Enterprise Application Platform :None.chownr-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.class-utils-0.3.6",
"Red Hat JBoss Enterprise Application Platform :None.clean-css-4.2.1",
"Red Hat JBoss Enterprise Application Platform :None.clipboard-2.0.11",
"Red Hat JBoss Enterprise Application Platform :None.clone-2.1.2",
"Red Hat JBoss Enterprise Application Platform :None.clone-buffer-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.clone-regexp-2.2.0",
"Red Hat JBoss Enterprise Application Platform :None.code-point-at-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.coffeescript-1.10.0",
"Red Hat JBoss Enterprise Application Platform :None.collapse-white-space-1.0.5",
"Red Hat JBoss Enterprise Application Platform :None.collection-visit-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.color-convert-1.9.3",
"Red Hat JBoss Enterprise Application Platform :None.color-logger-0.0.3",
"Red Hat JBoss Enterprise Application Platform :None.color-logger-0.0.6",
"Red Hat JBoss Enterprise Application Platform :None.color-name-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.colors-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.combined-stream-1.0.8",
"Red Hat JBoss Enterprise Application Platform :None.commander-2.20.0",
"Red Hat JBoss Enterprise Application Platform :None.component-emitter-1.3.0",
"Red Hat JBoss Enterprise Application Platform :None.concat-map-0.0.1",
"Red Hat JBoss Enterprise Application Platform :None.console-control-strings-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.continuable-cache-0.3.1",
"Red Hat JBoss Enterprise Application Platform :None.convert-source-map-1.6.0",
"Red Hat JBoss Enterprise Application Platform :None.copy-descriptor-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.core-js-0.9.18",
"Red Hat JBoss Enterprise Application Platform :None.core-js-2.6.9",
"Red Hat JBoss Enterprise Application Platform :None.core-util-is-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.cosmiconfig-5.2.1",
"Red Hat JBoss Enterprise Application Platform :None.css-2.2.4",
"Red Hat JBoss Enterprise Application Platform :None.css-parse-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.css-select-1.2.0",
"Red Hat JBoss Enterprise Application Platform :None.css-unit-converter-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.css-what-2.1.3",
"Red Hat JBoss Enterprise Application Platform :None.cssom-0.3.6",
"Red Hat JBoss Enterprise Application Platform :None.cssstyle-0.2.37",
"Red Hat JBoss Enterprise Application Platform :None.currently-unhandled-0.4.1",
"Red Hat JBoss Enterprise Application Platform :None.d3-3.5.17",
"Red Hat JBoss Enterprise Application Platform :None.d3-5.9.2",
"Red Hat JBoss Enterprise Application Platform :None.d3-array-1.2.4",
"Red Hat JBoss Enterprise Application Platform :None.d3-axis-1.0.12",
"Red Hat JBoss Enterprise Application Platform :None.d3-brush-1.0.6",
"Red Hat JBoss Enterprise Application Platform :None.d3-chord-1.0.6",
"Red Hat JBoss Enterprise Application Platform :None.d3-collection-1.0.7",
"Red Hat JBoss Enterprise Application Platform :None.d3-color-1.2.3",
"Red Hat JBoss Enterprise Application Platform :None.d3-contour-1.3.2",
"Red Hat JBoss Enterprise Application Platform :None.d3-dispatch-1.0.5",
"Red Hat JBoss Enterprise Application Platform :None.d3-drag-1.2.3",
"Red Hat JBoss Enterprise Application Platform :None.d3-dsv-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.d3-ease-1.0.5",
"Red Hat JBoss Enterprise Application Platform :None.d3-fetch-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.d3-force-1.2.1",
"Red Hat JBoss Enterprise Application Platform :None.d3-format-1.3.2",
"Red Hat JBoss Enterprise Application Platform :None.d3-geo-1.11.6",
"Red Hat JBoss Enterprise Application Platform :None.d3-hierarchy-1.1.8",
"Red Hat JBoss Enterprise Application Platform :None.d3-interpolate-1.3.2",
"Red Hat JBoss Enterprise Application Platform :None.d3-path-1.0.7",
"Red Hat JBoss Enterprise Application Platform :None.d3-polygon-1.0.5",
"Red Hat JBoss Enterprise Application Platform :None.d3-quadtree-1.0.6",
"Red Hat JBoss Enterprise Application Platform :None.d3-random-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.d3-scale-2.2.2",
"Red Hat JBoss Enterprise Application Platform :None.d3-scale-chromatic-1.3.3",
"Red Hat JBoss Enterprise Application Platform :None.d3-selection-1.4.0",
"Red Hat JBoss Enterprise Application Platform :None.d3-shape-1.3.5",
"Red Hat JBoss Enterprise Application Platform :None.d3-time-1.0.11",
"Red Hat JBoss Enterprise Application Platform :None.d3-time-format-2.1.3",
"Red Hat JBoss Enterprise Application Platform :None.d3-timer-1.0.9",
"Red Hat JBoss Enterprise Application Platform :None.d3-transition-1.2.0",
"Red Hat JBoss Enterprise Application Platform :None.d3-voronoi-1.1.4",
"Red Hat JBoss Enterprise Application Platform :None.d3-zoom-1.7.3",
"Red Hat JBoss Enterprise Application Platform :None.dashdash-1.14.1",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-1.10.16",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-1.10.19",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-bs-1.10.16",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-buttons-1.5.6",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-colreorder-1.4.1",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-colreorder-bs-1.3.3",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-keytable-2.5.0",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-select-1.2.7",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-select-1.3.0",
"Red Hat JBoss Enterprise Application Platform :None.dateformat-1.0.12",
"Red Hat JBoss Enterprise Application Platform :None.debug-2.6.9",
"Red Hat JBoss Enterprise Application Platform :None.debug-3.2.6",
"Red Hat JBoss Enterprise Application Platform :None.debug-4.1.1",
"Red Hat JBoss Enterprise Application Platform :None.decamelize-1.2.0",
"Red Hat JBoss Enterprise Application Platform :None.decamelize-keys-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.decode-uri-component-0.2.0",
"Red Hat JBoss Enterprise Application Platform :None.deep-is-0.1.3",
"Red Hat JBoss Enterprise Application Platform :None.deferred-leveldown-5.0.1",
"Red Hat JBoss Enterprise Application Platform :None.define-property-0.2.5",
"Red Hat JBoss Enterprise Application Platform :None.define-property-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.define-property-2.0.2",
"Red Hat JBoss Enterprise Application Platform :None.delayed-stream-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.delegate-3.2.0",
"Red Hat JBoss Enterprise Application Platform :None.delegates-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.detect-file-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.detect-indent-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.diff-3.5.0",
"Red Hat JBoss Enterprise Application Platform :None.dir-glob-2.2.2",
"Red Hat JBoss Enterprise Application Platform :None.dom-serializer-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.domelementtype-1.3.1",
"Red Hat JBoss Enterprise Application Platform :None.domhandler-2.3.0",
"Red Hat JBoss Enterprise Application Platform :None.domhandler-2.4.2",
"Red Hat JBoss Enterprise Application Platform :None.domutils-1.5.1",
"Red Hat JBoss Enterprise Application Platform :None.dot-prop-4.2.0",
"Red Hat JBoss Enterprise Application Platform :None.double-ended-queue-2.1.0-0",
"Red Hat JBoss Enterprise Application Platform :None.drmonty-datatables-colvis-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.duplexer-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.ecc-jsbn-0.1.2",
"Red Hat JBoss Enterprise Application Platform :None.electron-to-chromium-1.3.174",
"Red Hat JBoss Enterprise Application Platform :None.emoji-regex-7.0.3",
"Red Hat JBoss Enterprise Application Platform :None.emoji-regex-8.0.0",
"Red Hat JBoss Enterprise Application Platform :None.encoding-down-6.1.0",
"Red Hat JBoss Enterprise Application Platform :None.end-stream-0.1.0",
"Red Hat JBoss Enterprise Application Platform :None.entities-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.entities-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.env-paths-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.eonasdan-bootstrap-datetimepicker-4.17.47",
"Red Hat JBoss Enterprise Application Platform :None.errno-0.1.7",
"Red Hat JBoss Enterprise Application Platform :None.error-7.0.2",
"Red Hat JBoss Enterprise Application Platform :None.error-ex-1.3.2",
"Red Hat JBoss Enterprise Application Platform :None.es6-denodeify-0.1.5",
"Red Hat JBoss Enterprise Application Platform :None.escape-html-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.escape-html-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.escape-string-regexp-1.0.5",
"Red Hat JBoss Enterprise Application Platform :None.escodegen-1.11.1",
"Red Hat JBoss Enterprise Application Platform :None.escodegen-1.7.0",
"Red Hat JBoss Enterprise Application Platform :None.esdoc-0.4.8",
"Red Hat JBoss Enterprise Application Platform :None.esdoc-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.espree-2.2.0",
"Red Hat JBoss Enterprise Application Platform :None.esprima-1.2.5",
"Red Hat JBoss Enterprise Application Platform :None.esprima-3.1.3",
"Red Hat JBoss Enterprise Application Platform :None.esprima-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.estraverse-1.9.3",
"Red Hat JBoss Enterprise Application Platform :None.estraverse-4.1.0",
"Red Hat JBoss Enterprise Application Platform :None.estraverse-4.2.0",
"Red Hat JBoss Enterprise Application Platform :None.esutils-2.0.2",
"Red Hat JBoss Enterprise Application Platform :None.eventemitter2-0.4.14",
"Red Hat JBoss Enterprise Application Platform :None.execall-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.exit-0.1.2",
"Red Hat JBoss Enterprise Application Platform :None.expand-brackets-2.1.4",
"Red Hat JBoss Enterprise Application Platform :None.expand-tilde-2.0.2",
"Red Hat JBoss Enterprise Application Platform :None.extend-3.0.2",
"Red Hat JBoss Enterprise Application Platform :None.extend-shallow-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.extend-shallow-3.0.2",
"Red Hat JBoss Enterprise Application Platform :None.extglob-2.0.4",
"Red Hat JBoss Enterprise Application Platform :None.extsprintf-1.3.0",
"Red Hat JBoss Enterprise Application Platform :None.fast-deep-equal-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.fast-future-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.fast-glob-2.2.7",
"Red Hat JBoss Enterprise Application Platform :None.fast-json-stable-stringify-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.fast-levenshtein-1.0.7",
"Red Hat JBoss Enterprise Application Platform :None.fast-levenshtein-2.0.6",
"Red Hat JBoss Enterprise Application Platform :None.faye-websocket-0.10.0",
"Red Hat JBoss Enterprise Application Platform :None.fetch-cookie-0.7.0",
"Red Hat JBoss Enterprise Application Platform :None.figures-1.7.0",
"Red Hat JBoss Enterprise Application Platform :None.file-entry-cache-5.0.1",
"Red Hat JBoss Enterprise Application Platform :None.file-sync-cmp-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.fill-range-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.fill-range-7.0.1",
"Red Hat JBoss Enterprise Application Platform :None.find-up-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.find-up-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.findup-sync-0.3.0",
"Red Hat JBoss Enterprise Application Platform :None.findup-sync-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.fined-1.2.0",
"Red Hat JBoss Enterprise Application Platform :None.flagged-respawn-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.flat-cache-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.flatted-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.font-awesome-4.7.0",
"Red Hat JBoss Enterprise Application Platform :None.font-awesome-sass-4.7.0",
"Red Hat JBoss Enterprise Application Platform :None.for-in-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.for-own-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.forever-agent-0.6.1",
"Red Hat JBoss Enterprise Application Platform :None.form-data-2.3.3",
"Red Hat JBoss Enterprise Application Platform :None.fragment-cache-0.2.1",
"Red Hat JBoss Enterprise Application Platform :None.fs-extra-0.26.5",
"Red Hat JBoss Enterprise Application Platform :None.fs-extra-5.0.0",
"Red Hat JBoss Enterprise Application Platform :None.fs-minipass-1.2.6",
"Red Hat JBoss Enterprise Application Platform :None.fs.realpath-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.gauge-2.7.4",
"Red Hat JBoss Enterprise Application Platform :None.gaze-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.get-stdin-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.get-stdin-7.0.0",
"Red Hat JBoss Enterprise Application Platform :None.get-value-2.0.6",
"Red Hat JBoss Enterprise Application Platform :None.getobject-0.1.0",
"Red Hat JBoss Enterprise Application Platform :None.getpass-0.1.7",
"Red Hat JBoss Enterprise Application Platform :None.glob-5.0.15",
"Red Hat JBoss Enterprise Application Platform :None.glob-7.0.6",
"Red Hat JBoss Enterprise Application Platform :None.glob-7.1.4",
"Red Hat JBoss Enterprise Application Platform :None.glob-parent-3.1.0",
"Red Hat JBoss Enterprise Application Platform :None.glob-to-regexp-0.3.0",
"Red Hat JBoss Enterprise Application Platform :None.global-modules-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.global-modules-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.global-prefix-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.global-prefix-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.globals-11.12.0",
"Red Hat JBoss Enterprise Application Platform :None.globals-9.18.0",
"Red Hat JBoss Enterprise Application Platform :None.globby-9.2.0",
"Red Hat JBoss Enterprise Application Platform :None.globjoin-0.1.4",
"Red Hat JBoss Enterprise Application Platform :None.globule-1.2.1",
"Red Hat JBoss Enterprise Application Platform :None.gonzales-pe-4.2.4",
"Red Hat JBoss Enterprise Application Platform :None.good-listener-1.2.2",
"Red Hat JBoss Enterprise Application Platform :None.google-code-prettify-1.0.5",
"Red Hat JBoss Enterprise Application Platform :None.graceful-fs-4.1.15",
"Red Hat JBoss Enterprise Application Platform :None.grunt-1.0.4",
"Red Hat JBoss Enterprise Application Platform :None.grunt-cli-1.2.0",
"Red Hat JBoss Enterprise Application Platform :None.grunt-cli-1.3.2",
"Red Hat JBoss Enterprise Application Platform :None.grunt-contrib-clean-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.grunt-contrib-concat-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.grunt-contrib-copy-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.grunt-contrib-cssmin-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.grunt-contrib-less-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.grunt-contrib-watch-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.grunt-css-count-0.3.2",
"Red Hat JBoss Enterprise Application Platform :None.grunt-esdoc-0.0.4",
"Red Hat JBoss Enterprise Application Platform :None.grunt-known-options-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.grunt-legacy-log-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.grunt-legacy-log-utils-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.grunt-legacy-util-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.grunt-postcss-0.9.0",
"Red Hat JBoss Enterprise Application Platform :None.grunt-stylelint-0.11.0",
"Red Hat JBoss Enterprise Application Platform :None.gzip-size-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.har-schema-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.har-validator-5.1.3",
"Red Hat JBoss Enterprise Application Platform :None.has-ansi-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.has-flag-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.has-unicode-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.has-value-0.3.1",
"Red Hat JBoss Enterprise Application Platform :None.has-value-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.has-values-0.1.4",
"Red Hat JBoss Enterprise Application Platform :None.has-values-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.homedir-polyfill-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.hooker-0.2.3",
"Red Hat JBoss Enterprise Application Platform :None.hosted-git-info-2.7.1",
"Red Hat JBoss Enterprise Application Platform :None.html-tags-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.htmlparser2-3.10.1",
"Red Hat JBoss Enterprise Application Platform :None.htmlparser2-3.8.3",
"Red Hat JBoss Enterprise Application Platform :None.http-parser-js-0.4.10",
"Red Hat JBoss Enterprise Application Platform :None.http-signature-1.2.0",
"Red Hat JBoss Enterprise Application Platform :None.ice-cap-0.0.4",
"Red Hat JBoss Enterprise Application Platform :None.iconv-lite-0.4.24",
"Red Hat JBoss Enterprise Application Platform :None.ignore-4.0.6",
"Red Hat JBoss Enterprise Application Platform :None.ignore-5.1.2",
"Red Hat JBoss Enterprise Application Platform :None.image-size-0.5.5",
"Red Hat JBoss Enterprise Application Platform :None.immediate-3.0.6",
"Red Hat JBoss Enterprise Application Platform :None.immediate-3.2.3",
"Red Hat JBoss Enterprise Application Platform :None.import-fresh-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.import-lazy-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.imurmurhash-0.1.4",
"Red Hat JBoss Enterprise Application Platform :None.indent-string-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.indent-string-3.2.0",
"Red Hat JBoss Enterprise Application Platform :None.indexes-of-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.inflight-1.0.6",
"Red Hat JBoss Enterprise Application Platform :None.inherits-2.0.3",
"Red Hat JBoss Enterprise Application Platform :None.ini-1.3.5",
"Red Hat JBoss Enterprise Application Platform :None.interpret-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.invariant-2.2.4",
"Red Hat JBoss Enterprise Application Platform :None.is-absolute-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-accessor-descriptor-0.1.6",
"Red Hat JBoss Enterprise Application Platform :None.is-accessor-descriptor-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-alphabetical-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.is-alphanumeric-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-alphanumerical-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.is-arrayish-0.2.1",
"Red Hat JBoss Enterprise Application Platform :None.is-buffer-1.1.6",
"Red Hat JBoss Enterprise Application Platform :None.is-buffer-2.0.3",
"Red Hat JBoss Enterprise Application Platform :None.is-data-descriptor-0.1.4",
"Red Hat JBoss Enterprise Application Platform :None.is-data-descriptor-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-decimal-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.is-descriptor-0.1.6",
"Red Hat JBoss Enterprise Application Platform :None.is-descriptor-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.is-directory-0.3.1",
"Red Hat JBoss Enterprise Application Platform :None.is-extendable-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.is-extendable-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.is-extglob-2.1.1",
"Red Hat JBoss Enterprise Application Platform :None.is-finite-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.is-fullwidth-code-point-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-fullwidth-code-point-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-fullwidth-code-point-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-glob-3.1.0",
"Red Hat JBoss Enterprise Application Platform :None.is-glob-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.is-hexadecimal-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.is-number-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-number-7.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-obj-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.is-plain-obj-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.is-plain-object-2.0.4",
"Red Hat JBoss Enterprise Application Platform :None.is-regexp-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.is-relative-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-typedarray-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-unc-path-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-utf8-0.2.1",
"Red Hat JBoss Enterprise Application Platform :None.is-whitespace-character-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.is-windows-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.is-word-character-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.isarray-0.0.1",
"Red Hat JBoss Enterprise Application Platform :None.isarray-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.isexe-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.isobject-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.isobject-3.0.1",
"Red Hat JBoss Enterprise Application Platform :None.isstream-0.1.2",
"Red Hat JBoss Enterprise Application Platform :None.jansi.dll-None",
"Red Hat JBoss Enterprise Application Platform :None.jboss-eap-7.4.7-runtime-maven-repository.zip-None",
"Red Hat JBoss Enterprise Application Platform :None.jquery-3.2.1",
"Red Hat JBoss Enterprise Application Platform :None.jquery-3.4.1",
"Red Hat JBoss Enterprise Application Platform :None.jquery-match-height-0.7.2",
"Red Hat JBoss Enterprise Application Platform :None.js-cookie-2.2.0",
"Red Hat JBoss Enterprise Application Platform :None.js-tokens-3.0.2",
"Red Hat JBoss Enterprise Application Platform :None.js-tokens-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.js-yaml-3.13.1",
"Red Hat JBoss Enterprise Application Platform :None.jsbn-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.jsdom-7.2.2",
"Red Hat JBoss Enterprise Application Platform :None.jsesc-1.3.0",
"Red Hat JBoss Enterprise Application Platform :None.jsesc-2.5.2",
"Red Hat JBoss Enterprise Application Platform :None.json-parse-better-errors-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.json-schema-0.2.3",
"Red Hat JBoss Enterprise Application Platform :None.json-schema-traverse-0.4.1",
"Red Hat JBoss Enterprise Application Platform :None.json-stringify-safe-5.0.1",
"Red Hat JBoss Enterprise Application Platform :None.json5-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.jsonfile-2.4.0",
"Red Hat JBoss Enterprise Application Platform :None.jsonfile-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.jsprim-1.4.1",
"Red Hat JBoss Enterprise Application Platform :None.jstree-3.3.8",
"Red Hat JBoss Enterprise Application Platform :None.kind-of-3.2.2",
"Red Hat JBoss Enterprise Application Platform :None.kind-of-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.kind-of-5.1.0",
"Red Hat JBoss Enterprise Application Platform :None.kind-of-6.0.2",
"Red Hat JBoss Enterprise Application Platform :None.klaw-1.3.1",
"Red Hat JBoss Enterprise Application Platform :None.known-css-properties-0.14.0",
"Red Hat JBoss Enterprise Application Platform :None.less-3.9.0",
"Red Hat JBoss Enterprise Application Platform :None.level-5.0.1",
"Red Hat JBoss Enterprise Application Platform :None.level-codec-9.0.1",
"Red Hat JBoss Enterprise Application Platform :None.level-concat-iterator-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.level-errors-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.level-iterator-stream-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.level-js-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.level-packager-5.0.2",
"Red Hat JBoss Enterprise Application Platform :None.level-write-stream-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.leveldown-5.0.2",
"Red Hat JBoss Enterprise Application Platform :None.levelup-4.0.2",
"Red Hat JBoss Enterprise Application Platform :None.leven-3.1.0",
"Red Hat JBoss Enterprise Application Platform :None.levn-0.2.5",
"Red Hat JBoss Enterprise Application Platform :None.levn-0.3.0",
"Red Hat JBoss Enterprise Application Platform :None.libjansi.so-None",
"Red Hat JBoss Enterprise Application Platform :None.libnetty_transport_native_epoll_x86_64.so-None",
"Red Hat JBoss Enterprise Application Platform :None.liftoff-2.5.0",
"Red Hat JBoss Enterprise Application Platform :None.livereload-js-2.4.0",
"Red Hat JBoss Enterprise Application Platform :None.load-json-file-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.load-json-file-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.locate-path-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.lodash-4.17.11",
"Red Hat JBoss Enterprise Application Platform :None.log-symbols-2.2.0",
"Red Hat JBoss Enterprise Application Platform :None.log-symbols-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.longest-streak-2.0.3",
"Red Hat JBoss Enterprise Application Platform :None.loose-envify-1.4.0",
"Red Hat JBoss Enterprise Application Platform :None.loud-rejection-1.6.0",
"Red Hat JBoss Enterprise Application Platform :None.ltgt-2.2.1",
"Red Hat JBoss Enterprise Application Platform :None.make-iterator-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.map-cache-0.2.2",
"Red Hat JBoss Enterprise Application Platform :None.map-obj-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.map-obj-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.map-visit-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.markdown-escapes-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.markdown-table-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.marked-0.3.19",
"Red Hat JBoss Enterprise Application Platform :None.marked-0.3.5",
"Red Hat JBoss Enterprise Application Platform :None.marked-0.7.0",
"Red Hat JBoss Enterprise Application Platform :None.matchdep-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.mathml-tag-names-2.1.1",
"Red Hat JBoss Enterprise Application Platform :None.maxmin-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.mdast-util-compact-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.meow-3.7.0",
"Red Hat JBoss Enterprise Application Platform :None.meow-5.0.0",
"Red Hat JBoss Enterprise Application Platform :None.merge2-1.2.3",
"Red Hat JBoss Enterprise Application Platform :None.micromatch-3.1.10",
"Red Hat JBoss Enterprise Application Platform :None.micromatch-4.0.2",
"Red Hat JBoss Enterprise Application Platform :None.mime-1.6.0",
"Red Hat JBoss Enterprise Application Platform :None.mime-db-1.40.0",
"Red Hat JBoss Enterprise Application Platform :None.mime-types-2.1.24",
"Red Hat JBoss Enterprise Application Platform :None.minimatch-3.0.4",
"Red Hat JBoss Enterprise Application Platform :None.minimist-0.0.8",
"Red Hat JBoss Enterprise Application Platform :None.minimist-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.minimist-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.minimist-1.2.6",
"Red Hat JBoss Enterprise Application Platform :None.minimist-options-3.0.2",
"Red Hat JBoss Enterprise Application Platform :None.minipass-2.3.5",
"Red Hat JBoss Enterprise Application Platform :None.minizlib-1.2.1",
"Red Hat JBoss Enterprise Application Platform :None.mixin-deep-1.3.2",
"Red Hat JBoss Enterprise Application Platform :None.mkdirp-0.5.1",
"Red Hat JBoss Enterprise Application Platform :None.moment-2.29.4",
"Red Hat JBoss Enterprise Application Platform :None.moment-timezone-0.4.1",
"Red Hat JBoss Enterprise Application Platform :None.ms-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.ms-2.1.2",
"Red Hat JBoss Enterprise Application Platform :None.nanomatch-1.2.13",
"Red Hat JBoss Enterprise Application Platform :None.napi-macros-1.8.2",
"Red Hat JBoss Enterprise Application Platform :None.node-fetch-2.4.1",
"Red Hat JBoss Enterprise Application Platform :None.node-gyp-5.0.1",
"Red Hat JBoss Enterprise Application Platform :None.node-gyp-build-3.8.0",
"Red Hat JBoss Enterprise Application Platform :None.node-releases-1.1.23",
"Red Hat JBoss Enterprise Application Platform :None.nopt-3.0.6",
"Red Hat JBoss Enterprise Application Platform :None.nopt-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.normalize-package-data-2.5.0",
"Red Hat JBoss Enterprise Application Platform :None.normalize-range-0.1.2",
"Red Hat JBoss Enterprise Application Platform :None.normalize-selector-0.2.0",
"Red Hat JBoss Enterprise Application Platform :None.npmlog-4.1.2",
"Red Hat JBoss Enterprise Application Platform :None.nth-check-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.num2fraction-1.2.2",
"Red Hat JBoss Enterprise Application Platform :None.number-is-nan-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.nwmatcher-1.4.4",
"Red Hat JBoss Enterprise Application Platform :None.oauth-sign-0.9.0",
"Red Hat JBoss Enterprise Application Platform :None.object-assign-4.1.1",
"Red Hat JBoss Enterprise Application Platform :None.object-copy-0.1.0",
"Red Hat JBoss Enterprise Application Platform :None.object-visit-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.object.defaults-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.object.map-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.object.pick-1.3.0",
"Red Hat JBoss Enterprise Application Platform :None.once-1.4.0",
"Red Hat JBoss Enterprise Application Platform :None.opencollective-postinstall-2.0.2",
"Red Hat JBoss Enterprise Application Platform :None.optionator-0.5.0",
"Red Hat JBoss Enterprise Application Platform :None.optionator-0.8.2",
"Red Hat JBoss Enterprise Application Platform :None.os-homedir-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.os-tmpdir-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.osenv-0.1.5",
"Red Hat JBoss Enterprise Application Platform :None.p-limit-1.3.0",
"Red Hat JBoss Enterprise Application Platform :None.p-locate-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.p-try-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.parse-entities-1.2.2",
"Red Hat JBoss Enterprise Application Platform :None.parse-filepath-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.parse-json-2.2.0",
"Red Hat JBoss Enterprise Application Platform :None.parse-json-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.parse-passwd-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.parse5-1.5.1",
"Red Hat JBoss Enterprise Application Platform :None.parse5-3.0.3",
"Red Hat JBoss Enterprise Application Platform :None.pascalcase-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.path-dirname-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.path-exists-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.path-exists-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.path-is-absolute-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.path-parse-1.0.6",
"Red Hat JBoss Enterprise Application Platform :None.path-root-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.path-root-regex-0.1.2",
"Red Hat JBoss Enterprise Application Platform :None.path-type-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.path-type-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.patternfly-3.59.2",
"Red Hat JBoss Enterprise Application Platform :None.patternfly-bootstrap-combobox-1.1.7",
"Red Hat JBoss Enterprise Application Platform :None.patternfly-bootstrap-treeview-2.1.5",
"Red Hat JBoss Enterprise Application Platform :None.performance-now-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.picomatch-2.0.7",
"Red Hat JBoss Enterprise Application Platform :None.pify-2.3.0",
"Red Hat JBoss Enterprise Application Platform :None.pify-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.pify-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.pinkie-2.0.4",
"Red Hat JBoss Enterprise Application Platform :None.pinkie-promise-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.pixrem-5.0.0",
"Red Hat JBoss Enterprise Application Platform :None.pom.xml-None",
"Red Hat JBoss Enterprise Application Platform :None.posix-character-classes-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.postcss-6.0.23",
"Red Hat JBoss Enterprise Application Platform :None.postcss-7.0.17",
"Red Hat JBoss Enterprise Application Platform :None.postcss-html-0.36.0",
"Red Hat JBoss Enterprise Application Platform :None.postcss-jsx-0.36.1",
"Red Hat JBoss Enterprise Application Platform :None.postcss-less-3.1.4",
"Red Hat JBoss Enterprise Application Platform :None.postcss-markdown-0.36.0",
"Red Hat JBoss Enterprise Application Platform :None.postcss-media-query-parser-0.2.3",
"Red Hat JBoss Enterprise Application Platform :None.postcss-reporter-6.0.1",
"Red Hat JBoss Enterprise Application Platform :None.postcss-resolve-nested-selector-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.postcss-safe-parser-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.postcss-sass-0.3.5",
"Red Hat JBoss Enterprise Application Platform :None.postcss-scss-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.postcss-selector-parser-3.1.1",
"Red Hat JBoss Enterprise Application Platform :None.postcss-syntax-0.36.2",
"Red Hat JBoss Enterprise Application Platform :None.postcss-value-parser-3.3.1",
"Red Hat JBoss Enterprise Application Platform :None.pouchdb-7.1.1",
"Red Hat JBoss Enterprise Application Platform :None.prelude-ls-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.pretty-bytes-3.0.1",
"Red Hat JBoss Enterprise Application Platform :None.process-nextick-args-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.promise-7.3.1",
"Red Hat JBoss Enterprise Application Platform :None.promise-polyfill-8.1.3",
"Red Hat JBoss Enterprise Application Platform :None.prr-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.psl-1.1.33",
"Red Hat JBoss Enterprise Application Platform :None.punycode-1.4.1",
"Red Hat JBoss Enterprise Application Platform :None.punycode-2.1.1",
"Red Hat JBoss Enterprise Application Platform :None.qs-6.5.2",
"Red Hat JBoss Enterprise Application Platform :None.quick-lru-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.raw-body-1.1.7",
"Red Hat JBoss Enterprise Application Platform :None.read-pkg-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.read-pkg-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.read-pkg-up-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.read-pkg-up-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.readable-stream-0.0.4",
"Red Hat JBoss Enterprise Application Platform :None.readable-stream-1.0.33",
"Red Hat JBoss Enterprise Application Platform :None.readable-stream-1.1.14",
"Red Hat JBoss Enterprise Application Platform :None.readable-stream-2.3.6",
"Red Hat JBoss Enterprise Application Platform :None.readable-stream-3.4.0",
"Red Hat JBoss Enterprise Application Platform :None.rechoir-0.6.2",
"Red Hat JBoss Enterprise Application Platform :None.redent-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.redent-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.reduce-css-calc-2.1.6",
"Red Hat JBoss Enterprise Application Platform :None.regenerator-runtime-0.11.1",
"Red Hat JBoss Enterprise Application Platform :None.regex-not-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.remark-10.0.1",
"Red Hat JBoss Enterprise Application Platform :None.remark-parse-6.0.3",
"Red Hat JBoss Enterprise Application Platform :None.remark-stringify-6.0.4",
"Red Hat JBoss Enterprise Application Platform :None.repeat-element-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.repeat-string-1.6.1",
"Red Hat JBoss Enterprise Application Platform :None.repeating-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.replace-ext-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.request-2.88.0",
"Red Hat JBoss Enterprise Application Platform :None.resolve-1.1.7",
"Red Hat JBoss Enterprise Application Platform :None.resolve-1.11.1",
"Red Hat JBoss Enterprise Application Platform :None.resolve-dir-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.resolve-from-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.resolve-from-5.0.0",
"Red Hat JBoss Enterprise Application Platform :None.resolve-url-0.2.1",
"Red Hat JBoss Enterprise Application Platform :None.ret-0.1.15",
"Red Hat JBoss Enterprise Application Platform :None.rimraf-2.6.3",
"Red Hat JBoss Enterprise Application Platform :None.rw-1.3.3",
"Red Hat JBoss Enterprise Application Platform :None.safe-buffer-5.1.2",
"Red Hat JBoss Enterprise Application Platform :None.safe-json-parse-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.safe-regex-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.safer-buffer-2.1.2",
"Red Hat JBoss Enterprise Application Platform :None.sax-1.2.4",
"Red Hat JBoss Enterprise Application Platform :None.select-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.semver-5.3.0",
"Red Hat JBoss Enterprise Application Platform :None.semver-5.7.0",
"Red Hat JBoss Enterprise Application Platform :None.set-blocking-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.set-value-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.signal-exit-3.0.2",
"Red Hat JBoss Enterprise Application Platform :None.slash-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.slash-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.slice-ansi-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.snapdragon-0.8.2",
"Red Hat JBoss Enterprise Application Platform :None.snapdragon-node-2.1.1",
"Red Hat JBoss Enterprise Application Platform :None.snapdragon-util-3.0.1",
"Red Hat JBoss Enterprise Application Platform :None.source-map-0.2.0",
"Red Hat JBoss Enterprise Application Platform :None.source-map-0.5.7",
"Red Hat JBoss Enterprise Application Platform :None.source-map-0.6.1",
"Red Hat JBoss Enterprise Application Platform :None.source-map-resolve-0.5.2",
"Red Hat JBoss Enterprise Application Platform :None.source-map-url-0.4.0",
"Red Hat JBoss Enterprise Application Platform :None.spark-md5-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.spdx-correct-3.1.0",
"Red Hat JBoss Enterprise Application Platform :None.spdx-exceptions-2.2.0",
"Red Hat JBoss Enterprise Application Platform :None.spdx-expression-parse-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.spdx-license-ids-3.0.4",
"Red Hat JBoss Enterprise Application Platform :None.specificity-0.4.1",
"Red Hat JBoss Enterprise Application Platform :None.split-string-3.1.0",
"Red Hat JBoss Enterprise Application Platform :None.sprintf-js-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.sprintf-js-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.sshpk-1.16.1",
"Red Hat JBoss Enterprise Application Platform :None.stack-trace-0.0.10",
"Red Hat JBoss Enterprise Application Platform :None.state-toggle-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.static-extend-0.1.2",
"Red Hat JBoss Enterprise Application Platform :None.string-template-0.2.1",
"Red Hat JBoss Enterprise Application Platform :None.string-width-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.string-width-3.1.0",
"Red Hat JBoss Enterprise Application Platform :None.string-width-4.1.0",
"Red Hat JBoss Enterprise Application Platform :None.string_decoder-0.10.31",
"Red Hat JBoss Enterprise Application Platform :None.string_decoder-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.stringify-entities-1.3.2",
"Red Hat JBoss Enterprise Application Platform :None.strip-ansi-3.0.1",
"Red Hat JBoss Enterprise Application Platform :None.strip-ansi-5.2.0",
"Red Hat JBoss Enterprise Application Platform :None.strip-bom-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.strip-bom-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.strip-indent-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.strip-indent-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.style-search-0.1.0",
"Red Hat JBoss Enterprise Application Platform :None.stylelint-10.1.0",
"Red Hat JBoss Enterprise Application Platform :None.sugarss-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.supports-color-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.supports-color-5.5.0",
"Red Hat JBoss Enterprise Application Platform :None.supports-color-6.1.0",
"Red Hat JBoss Enterprise Application Platform :None.svg-tags-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.symbol-tree-3.2.4",
"Red Hat JBoss Enterprise Application Platform :None.table-5.4.1",
"Red Hat JBoss Enterprise Application Platform :None.taffydb-2.7.2",
"Red Hat JBoss Enterprise Application Platform :None.taffydb-2.7.3",
"Red Hat JBoss Enterprise Application Platform :None.tar-4.4.10",
"Red Hat JBoss Enterprise Application Platform :None.through2-3.0.1",
"Red Hat JBoss Enterprise Application Platform :None.tiny-emitter-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.tiny-lr-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.to-fast-properties-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.to-fast-properties-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.to-object-path-0.3.0",
"Red Hat JBoss Enterprise Application Platform :None.to-regex-3.0.2",
"Red Hat JBoss Enterprise Application Platform :None.to-regex-range-2.1.1",
"Red Hat JBoss Enterprise Application Platform :None.to-regex-range-5.0.1",
"Red Hat JBoss Enterprise Application Platform :None.tough-cookie-2.4.3",
"Red Hat JBoss Enterprise Application Platform :None.tough-cookie-2.5.0",
"Red Hat JBoss Enterprise Application Platform :None.tr46-0.0.3",
"Red Hat JBoss Enterprise Application Platform :None.trim-0.0.1",
"Red Hat JBoss Enterprise Application Platform :None.trim-newlines-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.trim-newlines-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.trim-right-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.trim-trailing-lines-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.trough-1.0.4",
"Red Hat JBoss Enterprise Application Platform :None.tunnel-agent-0.6.0",
"Red Hat JBoss Enterprise Application Platform :None.tweetnacl-0.14.5",
"Red Hat JBoss Enterprise Application Platform :None.type-check-0.3.2",
"Red Hat JBoss Enterprise Application Platform :None.typedarray-to-buffer-3.1.5",
"Red Hat JBoss Enterprise Application Platform :None.unc-path-regex-0.1.2",
"Red Hat JBoss Enterprise Application Platform :None.underscore.string-3.3.5",
"Red Hat JBoss Enterprise Application Platform :None.unherit-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.unified-7.1.0",
"Red Hat JBoss Enterprise Application Platform :None.union-value-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.uniq-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.unist-util-find-all-after-1.0.4",
"Red Hat JBoss Enterprise Application Platform :None.unist-util-is-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.unist-util-remove-position-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.unist-util-stringify-position-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.unist-util-visit-1.4.1",
"Red Hat JBoss Enterprise Application Platform :None.unist-util-visit-parents-2.1.2",
"Red Hat JBoss Enterprise Application Platform :None.universalify-0.1.2",
"Red Hat JBoss Enterprise Application Platform :None.unset-value-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.uri-js-4.2.2",
"Red Hat JBoss Enterprise Application Platform :None.urix-0.1.0",
"Red Hat JBoss Enterprise Application Platform :None.use-3.1.1",
"Red Hat JBoss Enterprise Application Platform :None.util-deprecate-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.uuid-3.2.1",
"Red Hat JBoss Enterprise Application Platform :None.uuid-3.3.2",
"Red Hat JBoss Enterprise Application Platform :None.v8flags-3.1.3",
"Red Hat JBoss Enterprise Application Platform :None.validate-npm-package-license-3.0.4",
"Red Hat JBoss Enterprise Application Platform :None.verror-1.10.0",
"Red Hat JBoss Enterprise Application Platform :None.vfile-3.0.1",
"Red Hat JBoss Enterprise Application Platform :None.vfile-location-2.0.5",
"Red Hat JBoss Enterprise Application Platform :None.vfile-message-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.vuvuzela-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.webidl-conversions-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.websocket-driver-0.7.3",
"Red Hat JBoss Enterprise Application Platform :None.websocket-extensions-0.1.3",
"Red Hat JBoss Enterprise Application Platform :None.whatwg-fetch-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.whatwg-url-compat-0.6.5",
"Red Hat JBoss Enterprise Application Platform :None.which-1.3.1",
"Red Hat JBoss Enterprise Application Platform :None.wide-align-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.wordwrap-0.0.3",
"Red Hat JBoss Enterprise Application Platform :None.wordwrap-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.wrappy-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.write-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.write-stream-0.4.3",
"Red Hat JBoss Enterprise Application Platform :None.x-is-string-0.1.0",
"Red Hat JBoss Enterprise Application Platform :None.xml-name-validator-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.xtend-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.yallist-3.0.3",
"Red Hat JBoss Enterprise Application Platform :None.yargs-parser-10.1.0",
"Red Hat JBoss Enterprise Application Platform :antlr.antlr-2.7.7.redhat-7.jar",
"Red Hat JBoss Enterprise Application Platform :antlr.antlr-2.7.7.redhat-7.pom",
"Red Hat JBoss Enterprise Application Platform :ch.qos.cal10n.cal10n-api-0.8.1.redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :ch.qos.cal10n.cal10n-api-0.8.1.redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.classmate-1.5.1.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.classmate-1.5.1.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-annotations-2.11.3.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-annotations-2.12.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-annotations-2.12.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-core-2.11.3.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-core-2.12.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-core-2.12.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-databind-2.11.3.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-databind-2.12.6.1-redhat-00004.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-databind-2.12.6.1-redhat-00004.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.datatype.jackson-datatype-jdk8-2.12.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.datatype.jackson-datatype-jdk8-2.12.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.datatype.jackson-datatype-jsr310-2.12.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.datatype.jackson-datatype-jsr310-2.12.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.jaxrs.jackson-jaxrs-base-2.12.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.jaxrs.jackson-jaxrs-base-2.12.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.jaxrs.jackson-jaxrs-json-provider-2.12.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.jaxrs.jackson-jaxrs-json-provider-2.12.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.module.jackson-module-jaxb-annotations-2.12.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.module.jackson-module-jaxb-annotations-2.12.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.woodstox.woodstox-core-6.0.3.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.github.ben-manes.caffeine.caffeine-2.8.8.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.github.fge.btf-1.2.0.redhat-00007.jar",
"Red Hat JBoss Enterprise Application Platform :com.github.fge.jackson-coreutils-1.8.0.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :com.github.fge.json-patch-1.9.0.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :com.github.fge.msg-simple-1.1.0.redhat-00007.jar",
"Red Hat JBoss Enterprise Application Platform :com.github.spullara.mustache.java.compiler-0.9.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.github.spullara.mustache.java.compiler-0.9.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.google.code.gson.gson-2.8.5.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.google.code.gson.gson-2.8.9.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.google.code.gson.gson-2.8.9.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.google.guava.failureaccess-1.0.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :com.google.guava.failureaccess-1.0.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :com.google.guava.guava-30.1.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.google.guava.guava-30.1.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.google.protobuf.protobuf-java-3.12.2.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :com.googlecode.javaewah.JavaEWAH-1.1.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.googlecode.javaewah.JavaEWAH-1.1.7.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.h2database.h2-1.4.197.redhat-00004.jar",
"Red Hat JBoss Enterprise Application Platform :com.h2database.h2-1.4.197.redhat-00004.pom",
"Red Hat JBoss Enterprise Application Platform :com.h2database.h2-1.4.197.redhat-00004.zip",
"Red Hat JBoss Enterprise Application Platform :com.microsoft.azure.azure-storage-8.6.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.microsoft.azure.azure-storage-8.6.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.squareup.protoparser-4.0.3.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.activation.jakarta.activation-1.2.2.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.activation.jakarta.activation-1.2.2.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.faces.jsf-impl-2.3.14.SP06-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.faces.jsf-impl-2.3.14.SP06-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.istack.istack-commons-runtime-3.0.10.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.istack.istack-commons-runtime-3.0.10.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.istack.istack-commons-tools-3.0.10.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.istack.istack-commons-tools-3.0.10.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.mail.jakarta.mail-1.6.5.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.mail.jakarta.mail-1.6.5.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.bind.external.relaxng-datatype-2.3.3.b02-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.bind.external.relaxng-datatype-2.3.3.b02-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.bind.external.rngom-2.3.3.b02-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.bind.external.rngom-2.3.3.b02-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.bind.jaxb.isorelax-20090621.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.fastinfoset.FastInfoset-1.2.13.redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.fastinfoset.FastInfoset-1.2.13.redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.messaging.saaj.saaj-impl-1.4.1.SP1-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.messaging.saaj.saaj-impl-1.4.1.SP1-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :commons-beanutils.commons-beanutils-1.9.4.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :commons-beanutils.commons-beanutils-1.9.4.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :commons-cli.commons-cli-1.2.0.redhat-10.pom",
"Red Hat JBoss Enterprise Application Platform :commons-cli.commons-cli-1.4.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :commons-cli.commons-cli-1.4.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :commons-codec.commons-codec-1.11.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :commons-codec.commons-codec-1.15.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :commons-codec.commons-codec-1.15.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :commons-collections.commons-collections-3.2.2.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :commons-collections.commons-collections-3.2.2.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :commons-io.commons-io-2.10.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :commons-io.commons-io-2.10.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :commons-io.commons-io-2.8.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :commons-lang.commons-lang-2.6.0.redhat-7.jar",
"Red Hat JBoss Enterprise Application Platform :commons-lang.commons-lang-2.6.0.redhat-7.pom",
"Red Hat JBoss Enterprise Application Platform :commons-logging.commons-logging-1.2.0.redhat-00004.pom",
"Red Hat JBoss Enterprise Application Platform :gnu.getopt.java-getopt-1.0.13.redhat-5.jar",
"Red Hat JBoss Enterprise Application Platform :gnu.getopt.java-getopt-1.0.13.redhat-5.pom",
"Red Hat JBoss Enterprise Application Platform :io.agroal.agroal-api-1.3.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.agroal.agroal-api-1.3.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.agroal.agroal-narayana-1.3.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.agroal.agroal-narayana-1.3.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.agroal.agroal-pool-1.3.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.agroal.agroal-pool-1.3.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-buffer-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-buffer-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-dns-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-dns-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-haproxy-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-haproxy-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-http-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-http-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-http2-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-http2-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-memcache-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-memcache-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-mqtt-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-mqtt-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-redis-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-redis-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-smtp-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-smtp-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-socks-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-socks-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-stomp-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-stomp-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-xml-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-xml-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-common-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-handler-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-handler-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-handler-proxy-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-handler-proxy-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-resolver-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-resolver-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-resolver-dns-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-resolver-dns-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-resolver-dns-classes-macos-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-resolver-dns-classes-macos-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-tcnative-classes-2.0.52.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-tcnative-classes-2.0.52.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-classes-epoll-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-classes-epoll-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-classes-kqueue-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-classes-kqueue-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-native-epoll-4.1.77.Final-redhat-00001-linux-x86_64.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-native-epoll-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-native-unix-common-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-native-unix-common-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-rxtx-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-rxtx-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-sctp-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-sctp-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-udt-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-udt-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.reactivex.rxjava2.rxjava-2.2.20.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.reactivex.rxjava3.rxjava-3.0.9.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.undertow.jastow.jastow-2.0.11.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.undertow.jastow.jastow-2.0.11.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.undertow.js.undertow-js-1.0.2.Final-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :io.undertow.js.undertow-js-1.0.2.Final-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :io.undertow.undertow-core-2.2.19.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.undertow.undertow-core-2.2.19.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.undertow.undertow-servlet-2.2.19.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.undertow.undertow-servlet-2.2.19.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.undertow.undertow-websockets-jsr-2.2.19.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.undertow.undertow-websockets-jsr-2.2.19.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :jakarta.enterprise.jakarta.enterprise.cdi-api-2.0.2.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :jakarta.enterprise.jakarta.enterprise.cdi-api-2.0.2.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :jakarta.inject.jakarta.inject-api-1.0.3.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :jakarta.inject.jakarta.inject-api-1.0.3.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :jakarta.json.bind.jakarta.json.bind-api-1.0.2.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :jakarta.json.bind.jakarta.json.bind-api-1.0.2.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :jakarta.json.jakarta.json-api-1.1.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :jakarta.json.jakarta.json-api-1.1.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :jakarta.persistence.jakarta.persistence-api-2.2.3.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :jakarta.persistence.jakarta.persistence-api-2.2.3.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :jakarta.security.enterprise.jakarta.security.enterprise-api-1.0.2.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :jakarta.security.enterprise.jakarta.security.enterprise-api-1.0.2.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :jakarta.validation.jakarta.validation-api-2.0.2.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :jakarta.validation.jakarta.validation-api-2.0.2.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :javax.jws.jsr181-api-1.0.0.MR1-redhat-8.jar",
"Red Hat JBoss Enterprise Application Platform :javax.jws.jsr181-api-1.0.0.MR1-redhat-8.pom",
"Red Hat JBoss Enterprise Application Platform :jaxen.jaxen-1.1.6.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :jaxen.jaxen-1.1.6.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :jboss.jaxbintros.jboss-jaxb-intros-1.0.3.GA-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :jboss.jaxbintros.jboss-jaxb-intros-1.0.3.GA-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :joda-time.joda-time-2.9.7.redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :joda-time.joda-time-2.9.7.redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :net.bytebuddy.byte-buddy-1.11.12.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :net.bytebuddy.byte-buddy-dep-1.11.12.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :net.java.dev.msv.msv-core-2013.6.1.pom",
"Red Hat JBoss Enterprise Application Platform :net.java.dev.msv.xsdlib-2013.6.1.pom",
"Red Hat JBoss Enterprise Application Platform :net.jcip.jcip-annotations-1.0.0.redhat-8.jar",
"Red Hat JBoss Enterprise Application Platform :net.jcip.jcip-annotations-1.0.0.redhat-8.pom",
"Red Hat JBoss Enterprise Application Platform :net.shibboleth.utilities.java-support-7.3.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :net.shibboleth.utilities.java-support-7.3.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.aesh.aesh-2.4.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.aesh.aesh-2.4.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.aesh.aesh-extensions-1.8.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.aesh.aesh-extensions-1.8.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.aesh.readline-2.2.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.aesh.readline-2.2.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.aesh.terminal-api-2.2.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.activemq-artemis-native-1.0.2.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.activemq-artemis-native-1.0.2.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-cli-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-cli-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-commons-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-commons-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-core-client-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-core-client-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-dto-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-dto-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-hornetq-protocol-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-hornetq-protocol-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-hqclient-protocol-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-hqclient-protocol-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-jdbc-store-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-jdbc-store-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-jms-client-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-jms-client-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-jms-server-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-jms-server-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-journal-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-journal-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-ra-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-ra-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-selector-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-selector-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-server-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-server-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-service-extensions-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-service-extensions-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-tools-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-tools-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.avro.avro-1.7.6.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.avro.avro-1.7.6.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.commons.commons-lang3-3.11.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.commons.commons-lang3-3.11.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-core-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-core-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-bindings-coloc-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-bindings-coloc-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-bindings-soap-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-bindings-soap-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-bindings-xml-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-bindings-xml-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-databinding-aegis-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-databinding-aegis-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-databinding-jaxb-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-databinding-jaxb-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-features-clustering-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-features-clustering-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-features-logging-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-features-logging-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-frontend-jaxws-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-frontend-jaxws-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-frontend-simple-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-frontend-simple-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-management-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-management-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-security-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-security-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-security-saml-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-security-saml-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-http-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-http-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-http-hc-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-http-hc-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-jms-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-jms-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-local-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-local-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-addr-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-addr-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-mex-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-mex-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-policy-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-policy-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-rm-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-rm-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-security-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-security-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-wsdl-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-wsdl-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-common-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-common-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-java2ws-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-java2ws-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-validator-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-validator-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-wsdlto-core-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-wsdlto-core-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-wsdlto-databinding-jaxb-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-wsdlto-databinding-jaxb-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-wsdlto-frontend-jaxws-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-wsdlto-frontend-jaxws-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.services.sts.cxf-services-sts-core-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.services.sts.cxf-services-sts-core-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.services.ws-discovery.cxf-services-ws-discovery-api-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.services.ws-discovery.cxf-services-ws-discovery-api-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjc-utils.cxf-xjc-runtime-3.3.1.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjc-utils.cxf-xjc-runtime-3.3.1.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-boolean-3.3.1.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-boolean-3.3.1.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-bug986-3.3.1.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-bug986-3.3.1.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-dv-3.3.1.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-dv-3.3.1.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-ts-3.3.1.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-ts-3.3.1.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpasyncclient-4.1.4.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpasyncclient-4.1.4.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpclient-4.5.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpclient-4.5.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpcore-4.4.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpcore-4.4.14.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpcore-4.4.14.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpcore-nio-4.4.14.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpcore-nio-4.4.14.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpmime-4.5.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpmime-4.5.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.james.apache-mime4j-0.6.0.redhat-7.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.james.apache-mime4j-0.6.0.redhat-7.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.logging.log4j.log4j-api-2.17.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.logging.log4j.log4j-api-2.17.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-analyzers-common-5.5.5.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-analyzers-common-5.5.5.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-backward-codecs-5.5.5.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-backward-codecs-5.5.5.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-core-5.5.5.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-core-5.5.5.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-facet-5.5.5.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-facet-5.5.5.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-misc-5.5.5.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-misc-5.5.5.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-queries-5.5.5.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-queries-5.5.5.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-queryparser-5.5.5.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-queryparser-5.5.5.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.neethi.neethi-3.1.1.redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.neethi.neethi-3.1.1.redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.santuario.xmlsec-2.1.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.santuario.xmlsec-2.1.7.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.sshd.sshd-common-2.7.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.sshd.sshd-common-2.7.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.sshd.sshd-core-2.7.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.sshd.sshd-core-2.7.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.taglibs.taglibs-standard-compat-1.2.6.RC1-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.taglibs.taglibs-standard-compat-1.2.6.RC1-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.taglibs.taglibs-standard-impl-1.2.6.RC1-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.taglibs.taglibs-standard-impl-1.2.6.RC1-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.taglibs.taglibs-standard-spec-1.2.6.RC1-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.taglibs.taglibs-standard-spec-1.2.6.RC1-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.velocity.velocity-engine-core-2.3.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.ws.xmlschema.xmlschema-core-2.2.5.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.ws.xmlschema.xmlschema-core-2.2.5.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-bindings-2.2.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-bindings-2.2.7.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-policy-2.2.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-policy-2.2.7.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-common-2.2.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-common-2.2.7.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-dom-2.2.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-dom-2.2.7.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-policy-stax-2.2.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-policy-stax-2.2.7.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-stax-2.2.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-stax-2.2.7.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.bitbucket.b_c.jose4j-0.7.5.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcmail-jdk15on-1.68.0.redhat-00005.jar",
"Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcmail-jdk15on-1.68.0.redhat-00005.pom",
"Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcpg-jdk15on-1.68.0.redhat-00005.jar",
"Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcpg-jdk15on-1.68.0.redhat-00005.pom",
"Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcpkix-jdk15on-1.68.0.redhat-00005.jar",
"Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcpkix-jdk15on-1.68.0.redhat-00005.pom",
"Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcprov-jdk15on-1.68.0.redhat-00005.jar",
"Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcprov-jdk15on-1.68.0.redhat-00005.pom",
"Red Hat JBoss Enterprise Application Platform :org.codehaus.jackson.jackson-core-asl-1.9.13.redhat-00007.jar",
"Red Hat JBoss Enterprise Application Platform :org.codehaus.jackson.jackson-jaxrs-1.9.13.redhat-00007.jar",
"Red Hat JBoss Enterprise Application Platform :org.codehaus.jackson.jackson-mapper-asl-1.9.13.redhat-00007.jar",
"Red Hat JBoss Enterprise Application Platform :org.codehaus.jackson.jackson-xc-1.9.13.redhat-00007.jar",
"Red Hat JBoss Enterprise Application Platform :org.codehaus.jettison.jettison-1.4.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.codehaus.jettison.jettison-1.4.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.codehaus.woodstox.stax2-api-4.2.1.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.codehaus.woodstox.stax2-api-4.2.1.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.cryptacular.cryptacular-1.2.4.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.cryptacular.cryptacular-1.2.4.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.dom4j.dom4j-2.1.3.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.dom4j.dom4j-2.1.3.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.eclipse.jdt.ecj-3.26.0.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.eclipse.jdt.ecj-3.26.0.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.eclipse.jgit.org.eclipse.jgit-5.13.0.202109080827-r-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.eclipse.jgit.org.eclipse.jgit-5.13.0.202109080827-r-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.eclipse.jgit.org.eclipse.jgit.ssh.apache-5.13.0.202109080827-r-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.eclipse.jgit.org.eclipse.jgit.ssh.apache-5.13.0.202109080827-r-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.eclipse.yasson-1.0.10.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.eclipse.yasson-1.0.10.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.fusesource.hawtjni.hawtjni-runtime-1.17.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.fusesource.jansi.jansi-1.18.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.fusesource.jansi.jansi-linux32-1.8.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.fusesource.jansi.jansi-linux64-1.8.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.fusesource.jansi.jansi-native-1.8.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jakarta.el-3.0.3.redhat-00007.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jakarta.el-3.0.3.redhat-00007.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jakarta.enterprise.concurrent-1.1.1.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jakarta.enterprise.concurrent-1.1.1.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jakarta.json-1.1.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jakarta.json-1.1.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.codemodel-2.3.3.b02-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.codemodel-2.3.3.b02-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.jaxb-jxc-2.3.3.b02-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.jaxb-jxc-2.3.3.b02-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.jaxb-runtime-2.3.3.b02-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.jaxb-runtime-2.3.3.b02-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.jaxb-xjc-2.3.3.b02-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.jaxb-xjc-2.3.3.b02-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.txw2-2.3.3.b02-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.txw2-2.3.3.b02-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.xsom-2.3.3.b02-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.xsom-2.3.3.b02-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.soteria.jakarta.security.enterprise-1.0.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.soteria.jakarta.security.enterprise-1.0.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.common.hibernate-commons-annotations-5.0.5.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-core-5.3.28.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-envers-5.3.28.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-backend-jms-5.10.7.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-backend-jms-5.10.7.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-engine-5.10.7.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-engine-5.10.7.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-orm-5.10.7.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-orm-5.10.7.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-serialization-avro-5.10.7.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-serialization-avro-5.10.7.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.validator.hibernate-validator-6.0.23.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.validator.hibernate-validator-6.0.23.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.validator.hibernate-validator-cdi-6.0.23.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.validator.hibernate-validator-cdi-6.0.23.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.hornetq.hornetq-commons-2.4.8.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hornetq.hornetq-commons-2.4.8.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.hornetq.hornetq-core-client-2.4.8.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hornetq.hornetq-core-client-2.4.8.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.hornetq.hornetq-jms-client-2.4.8.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hornetq.hornetq-jms-client-2.4.8.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-cachestore-jdbc-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-cachestore-jdbc-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-cachestore-remote-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-cachestore-remote-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-client-hotrod-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-client-hotrod-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-commons-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-commons-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-component-annotations-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-component-annotations-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-core-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-core-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-commons-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-commons-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-spi-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-spi-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-v51-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-v51-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-v53-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-v53-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.protostream.protostream-4.3.5.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.protostream.protostream-4.3.5.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jasypt.jasypt-1.9.3.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.jasypt.jasypt-1.9.3.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.javassist.javassist-3.26.0.GA-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.javassist.javassist-3.27.0.GA-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.javassist.javassist-3.27.0.GA-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jberet.jberet-core-1.3.9.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jberet.jberet-core-1.3.9.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.activemq.artemis.integration.artemis-wildfly-integration-1.0.4.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.activemq.artemis.integration.artemis-wildfly-integration-1.0.4.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.classfilewriter.jboss-classfilewriter-1.2.5.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.classfilewriter.jboss-classfilewriter-1.2.5.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.common.jboss-common-beans-2.0.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.common.jboss-common-beans-2.0.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-eclipselink-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-eclipselink-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate4-1-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate4-1-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate4-3-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate4-3-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate5-3-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate5-3-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate5-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate5-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-openjpa-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-openjpa-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-appclient-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-appclient-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-batch-jberet-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-batch-jberet-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-bean-validation-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-bean-validation-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-client-all-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-client-properties-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-client-properties-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-api-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-api-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-common-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-common-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-cache-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-cache-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-hotrod-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-hotrod-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-infinispan-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-infinispan-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ejb-infinispan-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ejb-infinispan-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ejb-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ejb-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-client-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-client-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-extension-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-extension-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-marshalling-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-marshalling-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-jgroups-api-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-jgroups-api-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-jgroups-extension-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-jgroups-extension-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-jgroups-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-jgroups-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-api-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-api-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-jboss-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-jboss-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-protostream-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-protostream-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-server-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-server-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-service-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-service-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-singleton-api-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-singleton-api-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-singleton-extension-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-singleton-extension-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-api-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-api-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-cache-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-cache-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-container-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-container-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-extension-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-extension-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-hotrod-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-hotrod-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-infinispan-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-infinispan-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-undertow-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-undertow-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-cmp-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-cmp-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-configadmin-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-configadmin-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-connector-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-connector-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-datasources-agroal-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-datasources-agroal-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ee-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ee-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ee-security-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ee-security-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ejb3-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ejb3-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-health-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-health-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-iiop-openjdk-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-iiop-openjdk-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jacorb-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jacorb-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jaxr-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jaxr-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jaxrs-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jaxrs-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jdr-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jdr-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jpa-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jpa-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jsf-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jsf-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jsf-injection-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jsf-injection-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jsr77-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jsr77-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-mail-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-mail-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-messaging-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-messaging-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-messaging-activemq-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-messaging-activemq-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-metrics-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-metrics-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-mod_cluster-extension-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-mod_cluster-extension-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-mod_cluster-undertow-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-mod_cluster-undertow-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-naming-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-naming-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ormtransformer-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ormtransformer-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-picketlink-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-picketlink-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-pojo-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-pojo-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-rts-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-rts-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-sar-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-sar-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-api-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-api-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-integration-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-integration-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-plugins-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-plugins-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-vault-tool-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-vault-tool-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-system-jmx-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-system-jmx-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-transactions-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-transactions-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-undertow-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-undertow-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-web-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-web-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-web-common-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-web-common-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-webservices-server-integration-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-webservices-server-integration-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-bean-validation-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-bean-validation-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-common-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-common-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-ejb-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-ejb-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-jpa-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-jpa-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-transactions-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-transactions-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-webservices-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-webservices-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-xts-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-xts-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ejb3.jboss-ejb3-ext-api-2.3.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ejb3.jboss-ejb3-ext-api-2.3.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.genericjms.generic-jms-ra-jar-2.0.9.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.genericjms.generic-jms-ra-jar-2.0.9.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.hal.hal-console-3.3.14.Final-redhat-00001-resources.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.hal.hal-console-3.3.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.invocation.jboss-invocation-1.6.3.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.invocation.jboss-invocation-1.6.3.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-common-api-1.5.3.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-common-api-1.5.3.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-common-impl-1.5.3.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-common-impl-1.5.3.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-common-spi-1.5.3.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-common-spi-1.5.3.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-core-api-1.5.3.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-core-api-1.5.3.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-core-impl-1.5.3.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-core-impl-1.5.3.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-deployers-common-1.5.3.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-deployers-common-1.5.3.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-jdbc-1.5.3.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-jdbc-1.5.3.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-validator-1.5.3.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-validator-1.5.3.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jandex-2.4.2.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jandex-2.4.2.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-dmr-1.5.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-dmr-1.5.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-ejb-client-4.0.45.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-ejb-client-4.0.45.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-ejb-client-legacy-3.0.3.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-ejb-client-legacy-3.0.3.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-iiop-client-1.0.1.Final-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-iiop-client-1.0.1.Final-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-transaction-spi-7.6.0.Final-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-transaction-spi-7.6.0.Final-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-vfs-3.2.17.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-vfs-3.2.17.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logging.commons-logging-jboss-logging-1.0.0.Final-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logging.commons-logging-jboss-logging-1.0.0.Final-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logging.jboss-logging-3.4.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logging.jboss-logging-3.4.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logging.jul-to-slf4j-stub-1.0.1.Final-redhat-3.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logging.jul-to-slf4j-stub-1.0.1.Final-redhat-3.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logmanager.jboss-logmanager-2.1.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logmanager.jboss-logmanager-2.1.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logmanager.log4j-jboss-logmanager-1.2.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logmanager.log4j2-jboss-logmanager-1.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logmanager.log4j2-jboss-logmanager-1.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.marshalling.jboss-marshalling-2.0.12.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.marshalling.jboss-marshalling-2.0.12.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.marshalling.jboss-marshalling-river-2.0.12.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.marshalling.jboss-marshalling-river-2.0.12.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-appclient-13.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-appclient-13.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-common-13.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-common-13.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-ear-13.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-ear-13.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-ejb-13.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-ejb-13.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-web-13.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-web-13.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-cli-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-cli-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-core-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-core-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap6.4-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap6.4-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap6.4-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap6.4-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.0-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.0-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.0-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.0-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.1-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.1-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.1-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.1-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.2-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.2-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.2-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.2-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.3-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.3-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.3-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.3-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.4-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.4-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.4-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.4-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly10.0-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly10.0-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly10.1-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly10.1-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly11.0-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly11.0-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly12.0-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly12.0-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly13.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly13.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly14.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly14.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly15.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly15.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly16.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly16.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly17.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly17.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly18.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly18.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly19.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly19.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly20.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly20.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly21.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly21.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly22.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly22.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly8.2-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly8.2-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly9.0-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly9.0-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.mod_cluster.mod_cluster-container-spi-1.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.mod_cluster.mod_cluster-container-spi-1.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.mod_cluster.mod_cluster-core-1.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.mod_cluster.mod_cluster-core-1.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.mod_cluster.mod_cluster-load-spi-1.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.mod_cluster.mod_cluster-load-spi-1.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.modules.jboss-modules-1.12.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.modules.jboss-modules-1.12.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.msc.jboss-msc-1.4.12.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.msc.jboss-msc-1.4.12.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.arjunacore.arjuna-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.arjunacore.txoj-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.common-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.compensations.compensations-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.compensations.compensations-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jbosstxbridge-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jbosstxbridge-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jta.cdi-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jta.jdbc-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jta.jms-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jta.jta-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jts.idlj-idl-jdk8-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jts.jtax-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jts.jts-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jts.narayana-jts-idlj-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jts.narayana-jts-integration-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jts.narayana-jts-integration-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jts.orbportability-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-api-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-api-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-bridge-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-bridge-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-integration-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-integration-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-util-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-util-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.txframework.txframework-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.txframework.txframework-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.bridge-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.jbossxts-5.11.4.Final-redhat-00001-api.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.jbossxts-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.recovery-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.service-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.ws-c11-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.ws-t11-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.wsas-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.wscf11-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.wstx11-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.openjdk-orb.openjdk-orb-8.1.4.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.openjdk-orb.openjdk-orb-8.1.4.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.remoting.jboss-remoting-5.0.25.SP1-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.remoting.jboss-remoting-5.0.25.SP1-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.remotingjmx.remoting-jmx-3.0.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.remotingjmx.remoting-jmx-3.0.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.jose-jwt-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.jose-jwt-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-atom-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-atom-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-cdi-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-cdi-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-client-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-client-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-crypto-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-crypto-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jackson-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jackson-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jackson2-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jackson2-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jaxb-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jaxb-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jaxrs-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jaxrs-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jettison-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jettison-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jsapi-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jsapi-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-json-binding-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-json-binding-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-json-p-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-json-p-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-multipart-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-multipart-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-rxjava2-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-rxjava2-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-spring-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-spring-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-validator-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-validator-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-yaml-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-yaml-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.seam.integration.jboss-seam-int-jbossas-7.0.0.GA-redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.seam.integration.jboss-seam-int-jbossas-7.0.0.GA-redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-common-3.0.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-common-3.0.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-extras-3.0.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-extras-3.0.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-ntlm-3.0.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-ntlm-3.0.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-spnego-3.0.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-spnego-3.0.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jbossxacml-2.0.8.Final-redhat-8.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.slf4j.slf4j-jboss-logmanager-1.1.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.slf4j.slf4j-jboss-logmanager-1.1.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.annotation.jboss-annotations-api_1.3_spec-2.0.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.annotation.jboss-annotations-api_1.3_spec-2.0.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.batch.jboss-batch-api_1.0_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.batch.jboss-batch-api_1.0_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.ejb.jboss-ejb-api_3.2_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.ejb.jboss-ejb-api_3.2_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.el.jboss-el-api_3.0_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.el.jboss-el-api_3.0_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.enterprise.concurrent.jboss-concurrency-api_1.0_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.enterprise.concurrent.jboss-concurrency-api_1.0_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.faces.jboss-jsf-api_2.3_spec-3.0.0.SP06-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.faces.jboss-jsf-api_2.3_spec-3.0.0.SP06-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.interceptor.jboss-interceptors-api_1.2_spec-2.0.0.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.interceptor.jboss-interceptors-api_1.2_spec-2.0.0.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.jms.jboss-jms-api_2.0_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.jms.jboss-jms-api_2.0_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.management.j2ee.jboss-j2eemgmt-api_1.1_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.management.j2ee.jboss-j2eemgmt-api_1.1_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.resource.jboss-connector-api_1.7_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.resource.jboss-connector-api_1.7_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.security.auth.message.jboss-jaspi-api_1.1_spec-2.0.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.security.auth.message.jboss-jaspi-api_1.1_spec-2.0.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.security.jacc.jboss-jacc-api_1.5_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.security.jacc.jboss-jacc-api_1.5_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.servlet.jboss-servlet-api_4.0_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.servlet.jboss-servlet-api_4.0_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.servlet.jsp.jboss-jsp-api_2.3_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.servlet.jsp.jboss-jsp-api_2.3_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.transaction.jboss-transaction-api_1.3_spec-2.0.0.Final-redhat-00005.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.transaction.jboss-transaction-api_1.3_spec-2.0.0.Final-redhat-00005.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.websocket.jboss-websocket-api_1.1_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.websocket.jboss-websocket-api_1.1_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.ws.rs.jboss-jaxrs-api_2.1_spec-2.0.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.ws.rs.jboss-jaxrs-api_2.1_spec-2.0.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.bind.jboss-jaxb-api_2.3_spec-2.0.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.bind.jboss-jaxb-api_2.3_spec-2.0.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.rpc.jboss-jaxrpc-api_1.1_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.rpc.jboss-jaxrpc-api_1.1_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.soap.jboss-saaj-api_1.3_spec-1.0.6.Final-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.soap.jboss-saaj-api_1.3_spec-1.0.6.Final-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.soap.jboss-saaj-api_1.4_spec-1.0.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.soap.jboss-saaj-api_1.4_spec-1.0.2.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.ws.jboss-jaxws-api_2.3_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.ws.jboss-jaxws-api_2.3_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.staxmapper-1.3.0.Final-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.staxmapper-1.3.0.Final-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.stdio.jboss-stdio-1.1.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.stdio.jboss-stdio-1.1.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.threads.jboss-threads-2.4.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.threads.jboss-threads-2.4.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-ejb-3.1.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-ejb-3.1.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-jsf-3.1.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-jsf-3.1.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-jta-3.1.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-jta-3.1.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-web-3.1.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-web-3.1.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.probe.weld-probe-core-3.1.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.probe.weld-probe-core-3.1.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.weld-api-3.1.0.SP3-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.weld-api-3.1.0.SP3-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.weld-core-impl-3.1.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.weld-core-impl-3.1.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.weld-spi-3.1.0.SP3-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.weld-spi-3.1.0.SP3-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-client-5.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-client-5.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-factories-5.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-factories-5.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-jaspi-5.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-jaspi-5.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-resources-5.4.4.Final-redhat-00001-wildfly2000.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-resources-5.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-server-5.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-server-5.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-transports-udp-5.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-transports-udp-5.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-transports-undertow-5.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-transports-undertow-5.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-api-1.1.2.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-api-1.1.2.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-common-3.3.3.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-common-3.3.3.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-common-tools-1.3.2.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-common-tools-1.3.2.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-spi-3.3.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-spi-3.3.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.projects.jaxws-undertow-httpspi-1.0.1.Final-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.projects.jaxws-undertow-httpspi-1.0.1.Final-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.xnio.netty.netty-xnio-transport-0.1.9.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.xnio.netty.netty-xnio-transport-0.1.9.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.xnio.xnio-api-3.8.7.SP1-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.xnio.xnio-api-3.8.7.SP1-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.xnio.xnio-nio-3.8.7.SP1-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.xnio.xnio-nio-3.8.7.SP1-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jctools.jctools-core-2.1.2.redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jctools.jctools-core-2.1.2.redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jctools.jctools-core-3.1.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jgroups.azure.jgroups-azure-1.3.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jgroups.azure.jgroups-azure-1.3.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jgroups.jgroups-4.2.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jgroups.jgroups-4.2.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jgroups.kubernetes.jgroups-kubernetes-1.0.16.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jgroups.kubernetes.jgroups-kubernetes-1.0.16.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jsoup.jsoup-1.14.2.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.jsoup.jsoup-1.14.2.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.jvnet.staxex.stax-ex-1.8.3.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.jvnet.staxex.stax-ex-1.8.3.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-core-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-core-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-profile-api-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-profile-api-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-saml-api-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-saml-api-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-saml-impl-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-saml-impl-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-security-api-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-security-api-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-security-impl-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-security-impl-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-soap-api-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-soap-api-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-api-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-api-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-impl-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-impl-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-saml-api-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-saml-api-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-saml-impl-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-saml-impl-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xmlsec-api-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xmlsec-api-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xmlsec-impl-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xmlsec-impl-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.ow2.asm.asm-9.1.0.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.ow2.asm.asm-util-9.1.0.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.acl-spi-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.authorization-spi-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.common-spi-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.identity-spi-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.jboss-security-spi-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.jbosssx-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.jbosssx-bare-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-5.0.3.Final-redhat-00009.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-acl-impl-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-bare-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-commons-1.0.0.final-redhat-5.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-commons-1.0.0.final-redhat-5.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-identity-impl-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-infinispan-5.0.3.Final-redhat-00009.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-infinispan-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-spi-bare-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.distribution.picketlink-wildfly8-2.5.5.SP12-redhat-00014.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-api-2.5.5.SP12-redhat-00011.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-api-2.5.5.SP12-redhat-00011.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-common-2.5.5.SP12-redhat-00011.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-common-2.5.5.SP12-redhat-00011.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-config-2.5.5.SP12-redhat-00011.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-config-2.5.5.SP12-redhat-00011.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-federation-2.5.5.SP12-redhat-00011.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-federation-2.5.5.SP12-redhat-00011.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-idm-api-2.5.5.SP12-redhat-00011.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-idm-api-2.5.5.SP12-redhat-00011.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-idm-impl-2.5.5.SP12-redhat-00011.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-idm-impl-2.5.5.SP12-redhat-00011.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-idm-simple-schema-2.5.5.SP12-redhat-00011.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-idm-simple-schema-2.5.5.SP12-redhat-00011.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-impl-2.5.5.SP12-redhat-00011.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-impl-2.5.5.SP12-redhat-00011.pom",
"Red Hat JBoss Enterprise Application Platform :org.projectodd.vdx.vdx-core-1.1.6.redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.projectodd.vdx.vdx-core-1.1.6.redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.projectodd.vdx.vdx-wildfly-1.1.6.redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.projectodd.vdx.vdx-wildfly-1.1.6.redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.reactivestreams.reactive-streams-1.0.3.redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.slf4j.jcl-over-slf4j-1.7.30.redhat-00004.pom",
"Red Hat JBoss Enterprise Application Platform :org.slf4j.slf4j-api-1.7.22.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.slf4j.slf4j-api-1.7.22.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.slf4j.slf4j-api-1.7.30.redhat-00004.pom",
"Red Hat JBoss Enterprise Application Platform :org.slf4j.slf4j-ext-1.7.22.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.slf4j.slf4j-ext-1.7.22.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.client.wildfly-client-config-1.0.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.client.wildfly-client-config-1.0.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.common.wildfly-common-1.5.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.common.wildfly-common-1.5.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-cli-15.0.18.Final-redhat-00001-client.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-cli-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-cli-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-controller-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-controller-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-controller-client-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-controller-client-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-management-client-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-management-client-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-management-subsystem-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-management-subsystem-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-security-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-security-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-security-api-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-security-api-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-deployment-repository-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-deployment-repository-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-deployment-scanner-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-deployment-scanner-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-discovery-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-discovery-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-domain-http-error-context-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-domain-http-error-context-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-domain-http-interface-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-domain-http-interface-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-domain-management-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-domain-management-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-elytron-integration-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-elytron-integration-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-elytron-tool-wrapper-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-elytron-tool-wrapper-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-embedded-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-embedded-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-event-logger-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-event-logger-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-host-controller-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-host-controller-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-io-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-io-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-jmx-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-jmx-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-launcher-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-launcher-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-logging-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-logging-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-management-client-content-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-management-client-content-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-network-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-network-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-patching-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-patching-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-platform-mbean-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-platform-mbean-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-process-controller-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-process-controller-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-protocol-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-protocol-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-remoting-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-remoting-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-request-controller-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-request-controller-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-security-manager-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-security-manager-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-server-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-server-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-threads-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-threads-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-version-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-version-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.discovery.wildfly-discovery-client-1.2.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.discovery.wildfly-discovery-client-1.2.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-java-2.2.3.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-java-2.2.3.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-ppc64le-2.2.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-ppc64le-2.2.2.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel6-x86_64-2.2.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel6-x86_64-2.2.2.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel7-x86_64-2.2.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel7-x86_64-2.2.2.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel8-x86_64-2.2.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel8-x86_64-2.2.2.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel9-x86_64-2.2.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel9-x86_64-2.2.2.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-s390x-2.2.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-s390x-2.2.2.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-windows-x86_64-2.2.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.elytron-web.undertow-server-1.9.2.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.elytron-web.undertow-server-1.9.2.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.elytron-web.undertow-server-servlet-1.9.2.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.elytron-web.undertow-server-servlet-1.9.2.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-asn1-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-asn1-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-audit-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-audit-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-deprecated-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-deprecated-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-http-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-http-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-sasl-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-sasl-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-util-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-util-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-base-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-base-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-client-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-client-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-source-deprecated-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-source-deprecated-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-source-impl-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-source-impl-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-store-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-store-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-digest-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-digest-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-encryption-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-encryption-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-basic-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-basic-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-bearer-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-bearer-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-cert-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-cert-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-deprecated-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-deprecated-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-digest-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-digest-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-external-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-external-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-form-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-form-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-oidc-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-spnego-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-spnego-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-sso-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-sso-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-stateful-basic-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-stateful-basic-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-util-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-util-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-jacc-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-jacc-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-jaspi-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-jaspi-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-jose-jwk-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-jose-util-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-json-util-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-json-util-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-keystore-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-keystore-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-digest-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-digest-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-gssapi-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-gssapi-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-http-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-http-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-oauth2-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-oauth2-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-scram-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-scram-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-password-impl-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-password-impl-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-permission-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-permission-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-provider-util-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-provider-util-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-jdbc-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-jdbc-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-ldap-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-ldap-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-token-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-token-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-anonymous-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-anonymous-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-auth-util-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-auth-util-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-deprecated-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-deprecated-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-digest-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-digest-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-entity-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-entity-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-external-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-external-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-gs2-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-gs2-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-gssapi-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-gssapi-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-localuser-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-localuser-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-oauth2-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-oauth2-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-otp-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-otp-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-plain-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-plain-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-scram-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-scram-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-security-manager-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-security-manager-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-security-manager-action-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-security-manager-action-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-ssl-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-ssl-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-tool-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-tool-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-util-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-util-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-cert-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-cert-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-cert-acme-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-cert-acme-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-cert-util-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-cert-util-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-deprecated-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-deprecated-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-principal-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-principal-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.transaction.wildfly-transaction-client-1.1.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.transaction.wildfly-transaction-client-1.1.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-client-common-1.1.13.SP1-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-client-common-1.1.13.SP1-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-ejb-client-1.1.13.SP1-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-ejb-client-1.1.13.SP1-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-naming-client-1.1.13.SP1-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-naming-client-1.1.13.SP1-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-transaction-client-1.1.13.SP1-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-transaction-client-1.1.13.SP1-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-naming-client-1.0.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-naming-client-1.0.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.yaml.snakeyaml-1.31.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :wsdl4j.wsdl4j-1.6.3.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :wsdl4j.wsdl4j-1.6.3.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :xalan.serializer-2.7.1.redhat-00013.jar",
"Red Hat JBoss Enterprise Application Platform :xalan.serializer-2.7.1.redhat-00013.pom",
"Red Hat JBoss Enterprise Application Platform :xalan.xalan-2.7.1.redhat-00013.jar",
"Red Hat JBoss Enterprise Application Platform :xalan.xalan-2.7.1.redhat-00013.pom",
"Red Hat JBoss Enterprise Application Platform :xerces.xercesImpl-2.12.0.SP04-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :xerces.xercesImpl-2.12.0.SP04-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :xml-resolver.xml-resolver-1.2.0.redhat-12.jar",
"Red Hat JBoss Enterprise Application Platform :xml-resolver.xml-resolver-1.2.0.redhat-12.pom",
"Red Hat JBoss Enterprise Application Platform :xom.xom-1.3.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :xom.xom-1.3.7.redhat-00001.pom"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25857"
},
{
"category": "external",
"summary": "RHBZ#2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25857",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25857"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857"
},
{
"category": "external",
"summary": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525",
"url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525"
}
],
"release_date": "2022-08-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-05T16:46:28+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied. For details about how to apply this update, see: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform :org.yaml.snakeyaml-1.31.0.redhat-00001.jar"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6825"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform :@babel.code-frame-7.0.0",
"Red Hat JBoss Enterprise Application Platform :@babel.core-7.4.5",
"Red Hat JBoss Enterprise Application Platform :@babel.generator-7.4.4",
"Red Hat JBoss Enterprise Application Platform :@babel.helper-function-name-7.1.0",
"Red Hat JBoss Enterprise Application Platform :@babel.helper-get-function-arity-7.0.0",
"Red Hat JBoss Enterprise Application Platform :@babel.helper-split-export-declaration-7.4.4",
"Red Hat JBoss Enterprise Application Platform :@babel.helpers-7.4.4",
"Red Hat JBoss Enterprise Application Platform :@babel.highlight-7.0.0",
"Red Hat JBoss Enterprise Application Platform :@babel.parser-7.4.5",
"Red Hat JBoss Enterprise Application Platform :@babel.template-7.4.4",
"Red Hat JBoss Enterprise Application Platform :@babel.traverse-7.4.5",
"Red Hat JBoss Enterprise Application Platform :@babel.types-7.4.4",
"Red Hat JBoss Enterprise Application Platform :@mrmlnc.readdir-enhanced-2.2.1",
"Red Hat JBoss Enterprise Application Platform :@nodelib.fs.stat-1.1.3",
"Red Hat JBoss Enterprise Application Platform :@types.c3-0.6.0",
"Red Hat JBoss Enterprise Application Platform :@types.d3-4.13.0",
"Red Hat JBoss Enterprise Application Platform :@types.d3-array-1.2.1",
"Red Hat JBoss Enterprise Application Platform :@types.d3-axis-1.0.10",
"Red Hat JBoss Enterprise Application Platform :@types.d3-brush-1.0.8",
"Red Hat JBoss Enterprise Application Platform :@types.d3-chord-1.0.7",
"Red Hat JBoss Enterprise Application Platform :@types.d3-collection-1.0.7",
"Red Hat JBoss Enterprise Application Platform :@types.d3-color-1.2.1",
"Red Hat JBoss Enterprise Application Platform :@types.d3-dispatch-1.0.6",
"Red Hat JBoss Enterprise Application Platform :@types.d3-drag-1.2.1",
"Red Hat JBoss Enterprise Application Platform :@types.d3-dsv-1.0.33",
"Red Hat JBoss Enterprise Application Platform :@types.d3-ease-1.0.7",
"Red Hat JBoss Enterprise Application Platform :@types.d3-force-1.1.1",
"Red Hat JBoss Enterprise Application Platform :@types.d3-format-1.3.0",
"Red Hat JBoss Enterprise Application Platform :@types.d3-geo-1.10.3",
"Red Hat JBoss Enterprise Application Platform :@types.d3-hierarchy-1.1.2",
"Red Hat JBoss Enterprise Application Platform :@types.d3-interpolate-1.2.0",
"Red Hat JBoss Enterprise Application Platform :@types.d3-path-1.0.7",
"Red Hat JBoss Enterprise Application Platform :@types.d3-polygon-1.0.6",
"Red Hat JBoss Enterprise Application Platform :@types.d3-quadtree-1.0.5",
"Red Hat JBoss Enterprise Application Platform :@types.d3-queue-3.0.6",
"Red Hat JBoss Enterprise Application Platform :@types.d3-random-1.1.1",
"Red Hat JBoss Enterprise Application Platform :@types.d3-request-1.0.2",
"Red Hat JBoss Enterprise Application Platform :@types.d3-scale-1.0.13",
"Red Hat JBoss Enterprise Application Platform :@types.d3-selection-1.3.1",
"Red Hat JBoss Enterprise Application Platform :@types.d3-shape-1.2.3",
"Red Hat JBoss Enterprise Application Platform :@types.d3-time-1.0.8",
"Red Hat JBoss Enterprise Application Platform :@types.d3-time-format-2.1.0",
"Red Hat JBoss Enterprise Application Platform :@types.d3-timer-1.0.7",
"Red Hat JBoss Enterprise Application Platform :@types.d3-transition-1.1.1",
"Red Hat JBoss Enterprise Application Platform :@types.d3-voronoi-1.1.7",
"Red Hat JBoss Enterprise Application Platform :@types.d3-zoom-1.7.1",
"Red Hat JBoss Enterprise Application Platform :@types.events-3.0.0",
"Red Hat JBoss Enterprise Application Platform :@types.geojson-7946.0.3",
"Red Hat JBoss Enterprise Application Platform :@types.glob-7.1.1",
"Red Hat JBoss Enterprise Application Platform :@types.minimatch-3.0.3",
"Red Hat JBoss Enterprise Application Platform :@types.node-12.0.10",
"Red Hat JBoss Enterprise Application Platform :@types.unist-2.0.3",
"Red Hat JBoss Enterprise Application Platform :@types.vfile-3.0.2",
"Red Hat JBoss Enterprise Application Platform :@types.vfile-message-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.abab-1.0.4",
"Red Hat JBoss Enterprise Application Platform :None.abbrev-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.abstract-leveldown-6.0.3",
"Red Hat JBoss Enterprise Application Platform :None.ace-builds-1.4.5",
"Red Hat JBoss Enterprise Application Platform :None.acorn-2.7.0",
"Red Hat JBoss Enterprise Application Platform :None.acorn-globals-1.0.9",
"Red Hat JBoss Enterprise Application Platform :None.ajv-6.10.0",
"Red Hat JBoss Enterprise Application Platform :None.amdefine-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.ansi-regex-2.1.1",
"Red Hat JBoss Enterprise Application Platform :None.ansi-regex-4.1.0",
"Red Hat JBoss Enterprise Application Platform :None.ansi-styles-2.2.1",
"Red Hat JBoss Enterprise Application Platform :None.ansi-styles-3.2.1",
"Red Hat JBoss Enterprise Application Platform :None.aproba-1.2.0",
"Red Hat JBoss Enterprise Application Platform :None.are-we-there-yet-1.1.5",
"Red Hat JBoss Enterprise Application Platform :None.argparse-1.0.10",
"Red Hat JBoss Enterprise Application Platform :None.argsarray-0.0.1",
"Red Hat JBoss Enterprise Application Platform :None.arr-diff-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.arr-flatten-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.arr-union-3.1.0",
"Red Hat JBoss Enterprise Application Platform :None.array-each-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.array-find-index-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.array-slice-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.array-union-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.array-uniq-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.array-unique-0.3.2",
"Red Hat JBoss Enterprise Application Platform :None.arrify-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.artemis-service.exe-None",
"Red Hat JBoss Enterprise Application Platform :None.asap-2.0.6",
"Red Hat JBoss Enterprise Application Platform :None.asn1-0.2.4",
"Red Hat JBoss Enterprise Application Platform :None.assert-plus-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.assign-symbols-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.astral-regex-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.async-1.5.2",
"Red Hat JBoss Enterprise Application Platform :None.async-2.6.2",
"Red Hat JBoss Enterprise Application Platform :None.asynckit-0.4.0",
"Red Hat JBoss Enterprise Application Platform :None.atob-2.1.2",
"Red Hat JBoss Enterprise Application Platform :None.autocompleter-4.0.2",
"Red Hat JBoss Enterprise Application Platform :None.autoprefixer-9.6.0",
"Red Hat JBoss Enterprise Application Platform :None.aws-sign2-0.7.0",
"Red Hat JBoss Enterprise Application Platform :None.aws4-1.8.0",
"Red Hat JBoss Enterprise Application Platform :None.babel-code-frame-6.26.0",
"Red Hat JBoss Enterprise Application Platform :None.babel-generator-6.26.1",
"Red Hat JBoss Enterprise Application Platform :None.babel-messages-6.23.0",
"Red Hat JBoss Enterprise Application Platform :None.babel-runtime-6.26.0",
"Red Hat JBoss Enterprise Application Platform :None.babel-traverse-6.26.0",
"Red Hat JBoss Enterprise Application Platform :None.babel-types-6.26.0",
"Red Hat JBoss Enterprise Application Platform :None.babylon-6.18.0",
"Red Hat JBoss Enterprise Application Platform :None.bail-1.0.4",
"Red Hat JBoss Enterprise Application Platform :None.balanced-match-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.base-0.11.2",
"Red Hat JBoss Enterprise Application Platform :None.bcrypt-pbkdf-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.body-5.1.0",
"Red Hat JBoss Enterprise Application Platform :None.boolbase-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-3.3.7",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-3.4.1",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-datepicker-1.8.0",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-datepicker-1.9.0",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-sass-3.4.1",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-select-1.12.2",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-select-1.13.10",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-slider-10.6.1",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-slider-9.10.0",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-switch-3.3.4",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-switch-3.3.5",
"Red Hat JBoss Enterprise Application Platform :None.bootstrap-touchspin-3.1.1",
"Red Hat JBoss Enterprise Application Platform :None.brace-expansion-1.1.11",
"Red Hat JBoss Enterprise Application Platform :None.braces-2.3.2",
"Red Hat JBoss Enterprise Application Platform :None.braces-3.0.2",
"Red Hat JBoss Enterprise Application Platform :None.browserslist-4.6.3",
"Red Hat JBoss Enterprise Application Platform :None.buffer-from-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.bytes-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.c3-0.4.23",
"Red Hat JBoss Enterprise Application Platform :None.c3-0.7.1",
"Red Hat JBoss Enterprise Application Platform :None.cache-base-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.call-me-maybe-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.caller-callsite-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.caller-path-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.callsites-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.camelcase-2.1.1",
"Red Hat JBoss Enterprise Application Platform :None.camelcase-4.1.0",
"Red Hat JBoss Enterprise Application Platform :None.camelcase-keys-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.camelcase-keys-4.2.0",
"Red Hat JBoss Enterprise Application Platform :None.caniuse-lite-1.0.30000978",
"Red Hat JBoss Enterprise Application Platform :None.caseless-0.12.0",
"Red Hat JBoss Enterprise Application Platform :None.ccount-1.0.4",
"Red Hat JBoss Enterprise Application Platform :None.chalk-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.chalk-2.4.2",
"Red Hat JBoss Enterprise Application Platform :None.character-entities-1.2.3",
"Red Hat JBoss Enterprise Application Platform :None.character-entities-html4-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.character-entities-legacy-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.character-reference-invalid-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.cheerio-0.20.0",
"Red Hat JBoss Enterprise Application Platform :None.cheerio-1.0.0-rc.2",
"Red Hat JBoss Enterprise Application Platform :None.chownr-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.class-utils-0.3.6",
"Red Hat JBoss Enterprise Application Platform :None.clean-css-4.2.1",
"Red Hat JBoss Enterprise Application Platform :None.clipboard-2.0.11",
"Red Hat JBoss Enterprise Application Platform :None.clone-2.1.2",
"Red Hat JBoss Enterprise Application Platform :None.clone-buffer-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.clone-regexp-2.2.0",
"Red Hat JBoss Enterprise Application Platform :None.code-point-at-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.coffeescript-1.10.0",
"Red Hat JBoss Enterprise Application Platform :None.collapse-white-space-1.0.5",
"Red Hat JBoss Enterprise Application Platform :None.collection-visit-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.color-convert-1.9.3",
"Red Hat JBoss Enterprise Application Platform :None.color-logger-0.0.3",
"Red Hat JBoss Enterprise Application Platform :None.color-logger-0.0.6",
"Red Hat JBoss Enterprise Application Platform :None.color-name-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.colors-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.combined-stream-1.0.8",
"Red Hat JBoss Enterprise Application Platform :None.commander-2.20.0",
"Red Hat JBoss Enterprise Application Platform :None.component-emitter-1.3.0",
"Red Hat JBoss Enterprise Application Platform :None.concat-map-0.0.1",
"Red Hat JBoss Enterprise Application Platform :None.console-control-strings-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.continuable-cache-0.3.1",
"Red Hat JBoss Enterprise Application Platform :None.convert-source-map-1.6.0",
"Red Hat JBoss Enterprise Application Platform :None.copy-descriptor-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.core-js-0.9.18",
"Red Hat JBoss Enterprise Application Platform :None.core-js-2.6.9",
"Red Hat JBoss Enterprise Application Platform :None.core-util-is-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.cosmiconfig-5.2.1",
"Red Hat JBoss Enterprise Application Platform :None.css-2.2.4",
"Red Hat JBoss Enterprise Application Platform :None.css-parse-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.css-select-1.2.0",
"Red Hat JBoss Enterprise Application Platform :None.css-unit-converter-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.css-what-2.1.3",
"Red Hat JBoss Enterprise Application Platform :None.cssom-0.3.6",
"Red Hat JBoss Enterprise Application Platform :None.cssstyle-0.2.37",
"Red Hat JBoss Enterprise Application Platform :None.currently-unhandled-0.4.1",
"Red Hat JBoss Enterprise Application Platform :None.d3-3.5.17",
"Red Hat JBoss Enterprise Application Platform :None.d3-5.9.2",
"Red Hat JBoss Enterprise Application Platform :None.d3-array-1.2.4",
"Red Hat JBoss Enterprise Application Platform :None.d3-axis-1.0.12",
"Red Hat JBoss Enterprise Application Platform :None.d3-brush-1.0.6",
"Red Hat JBoss Enterprise Application Platform :None.d3-chord-1.0.6",
"Red Hat JBoss Enterprise Application Platform :None.d3-collection-1.0.7",
"Red Hat JBoss Enterprise Application Platform :None.d3-color-1.2.3",
"Red Hat JBoss Enterprise Application Platform :None.d3-contour-1.3.2",
"Red Hat JBoss Enterprise Application Platform :None.d3-dispatch-1.0.5",
"Red Hat JBoss Enterprise Application Platform :None.d3-drag-1.2.3",
"Red Hat JBoss Enterprise Application Platform :None.d3-dsv-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.d3-ease-1.0.5",
"Red Hat JBoss Enterprise Application Platform :None.d3-fetch-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.d3-force-1.2.1",
"Red Hat JBoss Enterprise Application Platform :None.d3-format-1.3.2",
"Red Hat JBoss Enterprise Application Platform :None.d3-geo-1.11.6",
"Red Hat JBoss Enterprise Application Platform :None.d3-hierarchy-1.1.8",
"Red Hat JBoss Enterprise Application Platform :None.d3-interpolate-1.3.2",
"Red Hat JBoss Enterprise Application Platform :None.d3-path-1.0.7",
"Red Hat JBoss Enterprise Application Platform :None.d3-polygon-1.0.5",
"Red Hat JBoss Enterprise Application Platform :None.d3-quadtree-1.0.6",
"Red Hat JBoss Enterprise Application Platform :None.d3-random-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.d3-scale-2.2.2",
"Red Hat JBoss Enterprise Application Platform :None.d3-scale-chromatic-1.3.3",
"Red Hat JBoss Enterprise Application Platform :None.d3-selection-1.4.0",
"Red Hat JBoss Enterprise Application Platform :None.d3-shape-1.3.5",
"Red Hat JBoss Enterprise Application Platform :None.d3-time-1.0.11",
"Red Hat JBoss Enterprise Application Platform :None.d3-time-format-2.1.3",
"Red Hat JBoss Enterprise Application Platform :None.d3-timer-1.0.9",
"Red Hat JBoss Enterprise Application Platform :None.d3-transition-1.2.0",
"Red Hat JBoss Enterprise Application Platform :None.d3-voronoi-1.1.4",
"Red Hat JBoss Enterprise Application Platform :None.d3-zoom-1.7.3",
"Red Hat JBoss Enterprise Application Platform :None.dashdash-1.14.1",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-1.10.16",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-1.10.19",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-bs-1.10.16",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-buttons-1.5.6",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-colreorder-1.4.1",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-colreorder-bs-1.3.3",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-keytable-2.5.0",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-select-1.2.7",
"Red Hat JBoss Enterprise Application Platform :None.datatables.net-select-1.3.0",
"Red Hat JBoss Enterprise Application Platform :None.dateformat-1.0.12",
"Red Hat JBoss Enterprise Application Platform :None.debug-2.6.9",
"Red Hat JBoss Enterprise Application Platform :None.debug-3.2.6",
"Red Hat JBoss Enterprise Application Platform :None.debug-4.1.1",
"Red Hat JBoss Enterprise Application Platform :None.decamelize-1.2.0",
"Red Hat JBoss Enterprise Application Platform :None.decamelize-keys-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.decode-uri-component-0.2.0",
"Red Hat JBoss Enterprise Application Platform :None.deep-is-0.1.3",
"Red Hat JBoss Enterprise Application Platform :None.deferred-leveldown-5.0.1",
"Red Hat JBoss Enterprise Application Platform :None.define-property-0.2.5",
"Red Hat JBoss Enterprise Application Platform :None.define-property-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.define-property-2.0.2",
"Red Hat JBoss Enterprise Application Platform :None.delayed-stream-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.delegate-3.2.0",
"Red Hat JBoss Enterprise Application Platform :None.delegates-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.detect-file-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.detect-indent-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.diff-3.5.0",
"Red Hat JBoss Enterprise Application Platform :None.dir-glob-2.2.2",
"Red Hat JBoss Enterprise Application Platform :None.dom-serializer-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.domelementtype-1.3.1",
"Red Hat JBoss Enterprise Application Platform :None.domhandler-2.3.0",
"Red Hat JBoss Enterprise Application Platform :None.domhandler-2.4.2",
"Red Hat JBoss Enterprise Application Platform :None.domutils-1.5.1",
"Red Hat JBoss Enterprise Application Platform :None.dot-prop-4.2.0",
"Red Hat JBoss Enterprise Application Platform :None.double-ended-queue-2.1.0-0",
"Red Hat JBoss Enterprise Application Platform :None.drmonty-datatables-colvis-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.duplexer-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.ecc-jsbn-0.1.2",
"Red Hat JBoss Enterprise Application Platform :None.electron-to-chromium-1.3.174",
"Red Hat JBoss Enterprise Application Platform :None.emoji-regex-7.0.3",
"Red Hat JBoss Enterprise Application Platform :None.emoji-regex-8.0.0",
"Red Hat JBoss Enterprise Application Platform :None.encoding-down-6.1.0",
"Red Hat JBoss Enterprise Application Platform :None.end-stream-0.1.0",
"Red Hat JBoss Enterprise Application Platform :None.entities-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.entities-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.env-paths-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.eonasdan-bootstrap-datetimepicker-4.17.47",
"Red Hat JBoss Enterprise Application Platform :None.errno-0.1.7",
"Red Hat JBoss Enterprise Application Platform :None.error-7.0.2",
"Red Hat JBoss Enterprise Application Platform :None.error-ex-1.3.2",
"Red Hat JBoss Enterprise Application Platform :None.es6-denodeify-0.1.5",
"Red Hat JBoss Enterprise Application Platform :None.escape-html-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.escape-html-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.escape-string-regexp-1.0.5",
"Red Hat JBoss Enterprise Application Platform :None.escodegen-1.11.1",
"Red Hat JBoss Enterprise Application Platform :None.escodegen-1.7.0",
"Red Hat JBoss Enterprise Application Platform :None.esdoc-0.4.8",
"Red Hat JBoss Enterprise Application Platform :None.esdoc-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.espree-2.2.0",
"Red Hat JBoss Enterprise Application Platform :None.esprima-1.2.5",
"Red Hat JBoss Enterprise Application Platform :None.esprima-3.1.3",
"Red Hat JBoss Enterprise Application Platform :None.esprima-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.estraverse-1.9.3",
"Red Hat JBoss Enterprise Application Platform :None.estraverse-4.1.0",
"Red Hat JBoss Enterprise Application Platform :None.estraverse-4.2.0",
"Red Hat JBoss Enterprise Application Platform :None.esutils-2.0.2",
"Red Hat JBoss Enterprise Application Platform :None.eventemitter2-0.4.14",
"Red Hat JBoss Enterprise Application Platform :None.execall-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.exit-0.1.2",
"Red Hat JBoss Enterprise Application Platform :None.expand-brackets-2.1.4",
"Red Hat JBoss Enterprise Application Platform :None.expand-tilde-2.0.2",
"Red Hat JBoss Enterprise Application Platform :None.extend-3.0.2",
"Red Hat JBoss Enterprise Application Platform :None.extend-shallow-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.extend-shallow-3.0.2",
"Red Hat JBoss Enterprise Application Platform :None.extglob-2.0.4",
"Red Hat JBoss Enterprise Application Platform :None.extsprintf-1.3.0",
"Red Hat JBoss Enterprise Application Platform :None.fast-deep-equal-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.fast-future-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.fast-glob-2.2.7",
"Red Hat JBoss Enterprise Application Platform :None.fast-json-stable-stringify-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.fast-levenshtein-1.0.7",
"Red Hat JBoss Enterprise Application Platform :None.fast-levenshtein-2.0.6",
"Red Hat JBoss Enterprise Application Platform :None.faye-websocket-0.10.0",
"Red Hat JBoss Enterprise Application Platform :None.fetch-cookie-0.7.0",
"Red Hat JBoss Enterprise Application Platform :None.figures-1.7.0",
"Red Hat JBoss Enterprise Application Platform :None.file-entry-cache-5.0.1",
"Red Hat JBoss Enterprise Application Platform :None.file-sync-cmp-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.fill-range-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.fill-range-7.0.1",
"Red Hat JBoss Enterprise Application Platform :None.find-up-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.find-up-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.findup-sync-0.3.0",
"Red Hat JBoss Enterprise Application Platform :None.findup-sync-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.fined-1.2.0",
"Red Hat JBoss Enterprise Application Platform :None.flagged-respawn-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.flat-cache-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.flatted-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.font-awesome-4.7.0",
"Red Hat JBoss Enterprise Application Platform :None.font-awesome-sass-4.7.0",
"Red Hat JBoss Enterprise Application Platform :None.for-in-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.for-own-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.forever-agent-0.6.1",
"Red Hat JBoss Enterprise Application Platform :None.form-data-2.3.3",
"Red Hat JBoss Enterprise Application Platform :None.fragment-cache-0.2.1",
"Red Hat JBoss Enterprise Application Platform :None.fs-extra-0.26.5",
"Red Hat JBoss Enterprise Application Platform :None.fs-extra-5.0.0",
"Red Hat JBoss Enterprise Application Platform :None.fs-minipass-1.2.6",
"Red Hat JBoss Enterprise Application Platform :None.fs.realpath-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.gauge-2.7.4",
"Red Hat JBoss Enterprise Application Platform :None.gaze-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.get-stdin-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.get-stdin-7.0.0",
"Red Hat JBoss Enterprise Application Platform :None.get-value-2.0.6",
"Red Hat JBoss Enterprise Application Platform :None.getobject-0.1.0",
"Red Hat JBoss Enterprise Application Platform :None.getpass-0.1.7",
"Red Hat JBoss Enterprise Application Platform :None.glob-5.0.15",
"Red Hat JBoss Enterprise Application Platform :None.glob-7.0.6",
"Red Hat JBoss Enterprise Application Platform :None.glob-7.1.4",
"Red Hat JBoss Enterprise Application Platform :None.glob-parent-3.1.0",
"Red Hat JBoss Enterprise Application Platform :None.glob-to-regexp-0.3.0",
"Red Hat JBoss Enterprise Application Platform :None.global-modules-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.global-modules-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.global-prefix-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.global-prefix-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.globals-11.12.0",
"Red Hat JBoss Enterprise Application Platform :None.globals-9.18.0",
"Red Hat JBoss Enterprise Application Platform :None.globby-9.2.0",
"Red Hat JBoss Enterprise Application Platform :None.globjoin-0.1.4",
"Red Hat JBoss Enterprise Application Platform :None.globule-1.2.1",
"Red Hat JBoss Enterprise Application Platform :None.gonzales-pe-4.2.4",
"Red Hat JBoss Enterprise Application Platform :None.good-listener-1.2.2",
"Red Hat JBoss Enterprise Application Platform :None.google-code-prettify-1.0.5",
"Red Hat JBoss Enterprise Application Platform :None.graceful-fs-4.1.15",
"Red Hat JBoss Enterprise Application Platform :None.grunt-1.0.4",
"Red Hat JBoss Enterprise Application Platform :None.grunt-cli-1.2.0",
"Red Hat JBoss Enterprise Application Platform :None.grunt-cli-1.3.2",
"Red Hat JBoss Enterprise Application Platform :None.grunt-contrib-clean-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.grunt-contrib-concat-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.grunt-contrib-copy-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.grunt-contrib-cssmin-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.grunt-contrib-less-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.grunt-contrib-watch-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.grunt-css-count-0.3.2",
"Red Hat JBoss Enterprise Application Platform :None.grunt-esdoc-0.0.4",
"Red Hat JBoss Enterprise Application Platform :None.grunt-known-options-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.grunt-legacy-log-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.grunt-legacy-log-utils-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.grunt-legacy-util-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.grunt-postcss-0.9.0",
"Red Hat JBoss Enterprise Application Platform :None.grunt-stylelint-0.11.0",
"Red Hat JBoss Enterprise Application Platform :None.gzip-size-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.har-schema-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.har-validator-5.1.3",
"Red Hat JBoss Enterprise Application Platform :None.has-ansi-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.has-flag-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.has-unicode-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.has-value-0.3.1",
"Red Hat JBoss Enterprise Application Platform :None.has-value-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.has-values-0.1.4",
"Red Hat JBoss Enterprise Application Platform :None.has-values-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.homedir-polyfill-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.hooker-0.2.3",
"Red Hat JBoss Enterprise Application Platform :None.hosted-git-info-2.7.1",
"Red Hat JBoss Enterprise Application Platform :None.html-tags-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.htmlparser2-3.10.1",
"Red Hat JBoss Enterprise Application Platform :None.htmlparser2-3.8.3",
"Red Hat JBoss Enterprise Application Platform :None.http-parser-js-0.4.10",
"Red Hat JBoss Enterprise Application Platform :None.http-signature-1.2.0",
"Red Hat JBoss Enterprise Application Platform :None.ice-cap-0.0.4",
"Red Hat JBoss Enterprise Application Platform :None.iconv-lite-0.4.24",
"Red Hat JBoss Enterprise Application Platform :None.ignore-4.0.6",
"Red Hat JBoss Enterprise Application Platform :None.ignore-5.1.2",
"Red Hat JBoss Enterprise Application Platform :None.image-size-0.5.5",
"Red Hat JBoss Enterprise Application Platform :None.immediate-3.0.6",
"Red Hat JBoss Enterprise Application Platform :None.immediate-3.2.3",
"Red Hat JBoss Enterprise Application Platform :None.import-fresh-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.import-lazy-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.imurmurhash-0.1.4",
"Red Hat JBoss Enterprise Application Platform :None.indent-string-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.indent-string-3.2.0",
"Red Hat JBoss Enterprise Application Platform :None.indexes-of-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.inflight-1.0.6",
"Red Hat JBoss Enterprise Application Platform :None.inherits-2.0.3",
"Red Hat JBoss Enterprise Application Platform :None.ini-1.3.5",
"Red Hat JBoss Enterprise Application Platform :None.interpret-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.invariant-2.2.4",
"Red Hat JBoss Enterprise Application Platform :None.is-absolute-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-accessor-descriptor-0.1.6",
"Red Hat JBoss Enterprise Application Platform :None.is-accessor-descriptor-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-alphabetical-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.is-alphanumeric-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-alphanumerical-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.is-arrayish-0.2.1",
"Red Hat JBoss Enterprise Application Platform :None.is-buffer-1.1.6",
"Red Hat JBoss Enterprise Application Platform :None.is-buffer-2.0.3",
"Red Hat JBoss Enterprise Application Platform :None.is-data-descriptor-0.1.4",
"Red Hat JBoss Enterprise Application Platform :None.is-data-descriptor-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-decimal-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.is-descriptor-0.1.6",
"Red Hat JBoss Enterprise Application Platform :None.is-descriptor-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.is-directory-0.3.1",
"Red Hat JBoss Enterprise Application Platform :None.is-extendable-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.is-extendable-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.is-extglob-2.1.1",
"Red Hat JBoss Enterprise Application Platform :None.is-finite-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.is-fullwidth-code-point-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-fullwidth-code-point-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-fullwidth-code-point-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-glob-3.1.0",
"Red Hat JBoss Enterprise Application Platform :None.is-glob-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.is-hexadecimal-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.is-number-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-number-7.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-obj-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.is-plain-obj-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.is-plain-object-2.0.4",
"Red Hat JBoss Enterprise Application Platform :None.is-regexp-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.is-relative-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-typedarray-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-unc-path-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.is-utf8-0.2.1",
"Red Hat JBoss Enterprise Application Platform :None.is-whitespace-character-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.is-windows-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.is-word-character-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.isarray-0.0.1",
"Red Hat JBoss Enterprise Application Platform :None.isarray-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.isexe-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.isobject-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.isobject-3.0.1",
"Red Hat JBoss Enterprise Application Platform :None.isstream-0.1.2",
"Red Hat JBoss Enterprise Application Platform :None.jansi.dll-None",
"Red Hat JBoss Enterprise Application Platform :None.jboss-eap-7.4.7-runtime-maven-repository.zip-None",
"Red Hat JBoss Enterprise Application Platform :None.jquery-3.2.1",
"Red Hat JBoss Enterprise Application Platform :None.jquery-3.4.1",
"Red Hat JBoss Enterprise Application Platform :None.jquery-match-height-0.7.2",
"Red Hat JBoss Enterprise Application Platform :None.js-cookie-2.2.0",
"Red Hat JBoss Enterprise Application Platform :None.js-tokens-3.0.2",
"Red Hat JBoss Enterprise Application Platform :None.js-tokens-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.js-yaml-3.13.1",
"Red Hat JBoss Enterprise Application Platform :None.jsbn-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.jsdom-7.2.2",
"Red Hat JBoss Enterprise Application Platform :None.jsesc-1.3.0",
"Red Hat JBoss Enterprise Application Platform :None.jsesc-2.5.2",
"Red Hat JBoss Enterprise Application Platform :None.json-parse-better-errors-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.json-schema-0.2.3",
"Red Hat JBoss Enterprise Application Platform :None.json-schema-traverse-0.4.1",
"Red Hat JBoss Enterprise Application Platform :None.json-stringify-safe-5.0.1",
"Red Hat JBoss Enterprise Application Platform :None.json5-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.jsonfile-2.4.0",
"Red Hat JBoss Enterprise Application Platform :None.jsonfile-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.jsprim-1.4.1",
"Red Hat JBoss Enterprise Application Platform :None.jstree-3.3.8",
"Red Hat JBoss Enterprise Application Platform :None.kind-of-3.2.2",
"Red Hat JBoss Enterprise Application Platform :None.kind-of-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.kind-of-5.1.0",
"Red Hat JBoss Enterprise Application Platform :None.kind-of-6.0.2",
"Red Hat JBoss Enterprise Application Platform :None.klaw-1.3.1",
"Red Hat JBoss Enterprise Application Platform :None.known-css-properties-0.14.0",
"Red Hat JBoss Enterprise Application Platform :None.less-3.9.0",
"Red Hat JBoss Enterprise Application Platform :None.level-5.0.1",
"Red Hat JBoss Enterprise Application Platform :None.level-codec-9.0.1",
"Red Hat JBoss Enterprise Application Platform :None.level-concat-iterator-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.level-errors-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.level-iterator-stream-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.level-js-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.level-packager-5.0.2",
"Red Hat JBoss Enterprise Application Platform :None.level-write-stream-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.leveldown-5.0.2",
"Red Hat JBoss Enterprise Application Platform :None.levelup-4.0.2",
"Red Hat JBoss Enterprise Application Platform :None.leven-3.1.0",
"Red Hat JBoss Enterprise Application Platform :None.levn-0.2.5",
"Red Hat JBoss Enterprise Application Platform :None.levn-0.3.0",
"Red Hat JBoss Enterprise Application Platform :None.libjansi.so-None",
"Red Hat JBoss Enterprise Application Platform :None.libnetty_transport_native_epoll_x86_64.so-None",
"Red Hat JBoss Enterprise Application Platform :None.liftoff-2.5.0",
"Red Hat JBoss Enterprise Application Platform :None.livereload-js-2.4.0",
"Red Hat JBoss Enterprise Application Platform :None.load-json-file-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.load-json-file-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.locate-path-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.lodash-4.17.11",
"Red Hat JBoss Enterprise Application Platform :None.log-symbols-2.2.0",
"Red Hat JBoss Enterprise Application Platform :None.log-symbols-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.longest-streak-2.0.3",
"Red Hat JBoss Enterprise Application Platform :None.loose-envify-1.4.0",
"Red Hat JBoss Enterprise Application Platform :None.loud-rejection-1.6.0",
"Red Hat JBoss Enterprise Application Platform :None.ltgt-2.2.1",
"Red Hat JBoss Enterprise Application Platform :None.make-iterator-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.map-cache-0.2.2",
"Red Hat JBoss Enterprise Application Platform :None.map-obj-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.map-obj-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.map-visit-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.markdown-escapes-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.markdown-table-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.marked-0.3.19",
"Red Hat JBoss Enterprise Application Platform :None.marked-0.3.5",
"Red Hat JBoss Enterprise Application Platform :None.marked-0.7.0",
"Red Hat JBoss Enterprise Application Platform :None.matchdep-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.mathml-tag-names-2.1.1",
"Red Hat JBoss Enterprise Application Platform :None.maxmin-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.mdast-util-compact-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.meow-3.7.0",
"Red Hat JBoss Enterprise Application Platform :None.meow-5.0.0",
"Red Hat JBoss Enterprise Application Platform :None.merge2-1.2.3",
"Red Hat JBoss Enterprise Application Platform :None.micromatch-3.1.10",
"Red Hat JBoss Enterprise Application Platform :None.micromatch-4.0.2",
"Red Hat JBoss Enterprise Application Platform :None.mime-1.6.0",
"Red Hat JBoss Enterprise Application Platform :None.mime-db-1.40.0",
"Red Hat JBoss Enterprise Application Platform :None.mime-types-2.1.24",
"Red Hat JBoss Enterprise Application Platform :None.minimatch-3.0.4",
"Red Hat JBoss Enterprise Application Platform :None.minimist-0.0.8",
"Red Hat JBoss Enterprise Application Platform :None.minimist-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.minimist-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.minimist-1.2.6",
"Red Hat JBoss Enterprise Application Platform :None.minimist-options-3.0.2",
"Red Hat JBoss Enterprise Application Platform :None.minipass-2.3.5",
"Red Hat JBoss Enterprise Application Platform :None.minizlib-1.2.1",
"Red Hat JBoss Enterprise Application Platform :None.mixin-deep-1.3.2",
"Red Hat JBoss Enterprise Application Platform :None.mkdirp-0.5.1",
"Red Hat JBoss Enterprise Application Platform :None.moment-2.29.4",
"Red Hat JBoss Enterprise Application Platform :None.moment-timezone-0.4.1",
"Red Hat JBoss Enterprise Application Platform :None.ms-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.ms-2.1.2",
"Red Hat JBoss Enterprise Application Platform :None.nanomatch-1.2.13",
"Red Hat JBoss Enterprise Application Platform :None.napi-macros-1.8.2",
"Red Hat JBoss Enterprise Application Platform :None.node-fetch-2.4.1",
"Red Hat JBoss Enterprise Application Platform :None.node-gyp-5.0.1",
"Red Hat JBoss Enterprise Application Platform :None.node-gyp-build-3.8.0",
"Red Hat JBoss Enterprise Application Platform :None.node-releases-1.1.23",
"Red Hat JBoss Enterprise Application Platform :None.nopt-3.0.6",
"Red Hat JBoss Enterprise Application Platform :None.nopt-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.normalize-package-data-2.5.0",
"Red Hat JBoss Enterprise Application Platform :None.normalize-range-0.1.2",
"Red Hat JBoss Enterprise Application Platform :None.normalize-selector-0.2.0",
"Red Hat JBoss Enterprise Application Platform :None.npmlog-4.1.2",
"Red Hat JBoss Enterprise Application Platform :None.nth-check-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.num2fraction-1.2.2",
"Red Hat JBoss Enterprise Application Platform :None.number-is-nan-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.nwmatcher-1.4.4",
"Red Hat JBoss Enterprise Application Platform :None.oauth-sign-0.9.0",
"Red Hat JBoss Enterprise Application Platform :None.object-assign-4.1.1",
"Red Hat JBoss Enterprise Application Platform :None.object-copy-0.1.0",
"Red Hat JBoss Enterprise Application Platform :None.object-visit-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.object.defaults-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.object.map-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.object.pick-1.3.0",
"Red Hat JBoss Enterprise Application Platform :None.once-1.4.0",
"Red Hat JBoss Enterprise Application Platform :None.opencollective-postinstall-2.0.2",
"Red Hat JBoss Enterprise Application Platform :None.optionator-0.5.0",
"Red Hat JBoss Enterprise Application Platform :None.optionator-0.8.2",
"Red Hat JBoss Enterprise Application Platform :None.os-homedir-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.os-tmpdir-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.osenv-0.1.5",
"Red Hat JBoss Enterprise Application Platform :None.p-limit-1.3.0",
"Red Hat JBoss Enterprise Application Platform :None.p-locate-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.p-try-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.parse-entities-1.2.2",
"Red Hat JBoss Enterprise Application Platform :None.parse-filepath-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.parse-json-2.2.0",
"Red Hat JBoss Enterprise Application Platform :None.parse-json-4.0.0",
"Red Hat JBoss Enterprise Application Platform :None.parse-passwd-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.parse5-1.5.1",
"Red Hat JBoss Enterprise Application Platform :None.parse5-3.0.3",
"Red Hat JBoss Enterprise Application Platform :None.pascalcase-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.path-dirname-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.path-exists-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.path-exists-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.path-is-absolute-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.path-parse-1.0.6",
"Red Hat JBoss Enterprise Application Platform :None.path-root-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.path-root-regex-0.1.2",
"Red Hat JBoss Enterprise Application Platform :None.path-type-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.path-type-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.patternfly-3.59.2",
"Red Hat JBoss Enterprise Application Platform :None.patternfly-bootstrap-combobox-1.1.7",
"Red Hat JBoss Enterprise Application Platform :None.patternfly-bootstrap-treeview-2.1.5",
"Red Hat JBoss Enterprise Application Platform :None.performance-now-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.picomatch-2.0.7",
"Red Hat JBoss Enterprise Application Platform :None.pify-2.3.0",
"Red Hat JBoss Enterprise Application Platform :None.pify-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.pify-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.pinkie-2.0.4",
"Red Hat JBoss Enterprise Application Platform :None.pinkie-promise-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.pixrem-5.0.0",
"Red Hat JBoss Enterprise Application Platform :None.pom.xml-None",
"Red Hat JBoss Enterprise Application Platform :None.posix-character-classes-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.postcss-6.0.23",
"Red Hat JBoss Enterprise Application Platform :None.postcss-7.0.17",
"Red Hat JBoss Enterprise Application Platform :None.postcss-html-0.36.0",
"Red Hat JBoss Enterprise Application Platform :None.postcss-jsx-0.36.1",
"Red Hat JBoss Enterprise Application Platform :None.postcss-less-3.1.4",
"Red Hat JBoss Enterprise Application Platform :None.postcss-markdown-0.36.0",
"Red Hat JBoss Enterprise Application Platform :None.postcss-media-query-parser-0.2.3",
"Red Hat JBoss Enterprise Application Platform :None.postcss-reporter-6.0.1",
"Red Hat JBoss Enterprise Application Platform :None.postcss-resolve-nested-selector-0.1.1",
"Red Hat JBoss Enterprise Application Platform :None.postcss-safe-parser-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.postcss-sass-0.3.5",
"Red Hat JBoss Enterprise Application Platform :None.postcss-scss-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.postcss-selector-parser-3.1.1",
"Red Hat JBoss Enterprise Application Platform :None.postcss-syntax-0.36.2",
"Red Hat JBoss Enterprise Application Platform :None.postcss-value-parser-3.3.1",
"Red Hat JBoss Enterprise Application Platform :None.pouchdb-7.1.1",
"Red Hat JBoss Enterprise Application Platform :None.prelude-ls-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.pretty-bytes-3.0.1",
"Red Hat JBoss Enterprise Application Platform :None.process-nextick-args-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.promise-7.3.1",
"Red Hat JBoss Enterprise Application Platform :None.promise-polyfill-8.1.3",
"Red Hat JBoss Enterprise Application Platform :None.prr-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.psl-1.1.33",
"Red Hat JBoss Enterprise Application Platform :None.punycode-1.4.1",
"Red Hat JBoss Enterprise Application Platform :None.punycode-2.1.1",
"Red Hat JBoss Enterprise Application Platform :None.qs-6.5.2",
"Red Hat JBoss Enterprise Application Platform :None.quick-lru-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.raw-body-1.1.7",
"Red Hat JBoss Enterprise Application Platform :None.read-pkg-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.read-pkg-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.read-pkg-up-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.read-pkg-up-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.readable-stream-0.0.4",
"Red Hat JBoss Enterprise Application Platform :None.readable-stream-1.0.33",
"Red Hat JBoss Enterprise Application Platform :None.readable-stream-1.1.14",
"Red Hat JBoss Enterprise Application Platform :None.readable-stream-2.3.6",
"Red Hat JBoss Enterprise Application Platform :None.readable-stream-3.4.0",
"Red Hat JBoss Enterprise Application Platform :None.rechoir-0.6.2",
"Red Hat JBoss Enterprise Application Platform :None.redent-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.redent-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.reduce-css-calc-2.1.6",
"Red Hat JBoss Enterprise Application Platform :None.regenerator-runtime-0.11.1",
"Red Hat JBoss Enterprise Application Platform :None.regex-not-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.remark-10.0.1",
"Red Hat JBoss Enterprise Application Platform :None.remark-parse-6.0.3",
"Red Hat JBoss Enterprise Application Platform :None.remark-stringify-6.0.4",
"Red Hat JBoss Enterprise Application Platform :None.repeat-element-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.repeat-string-1.6.1",
"Red Hat JBoss Enterprise Application Platform :None.repeating-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.replace-ext-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.request-2.88.0",
"Red Hat JBoss Enterprise Application Platform :None.resolve-1.1.7",
"Red Hat JBoss Enterprise Application Platform :None.resolve-1.11.1",
"Red Hat JBoss Enterprise Application Platform :None.resolve-dir-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.resolve-from-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.resolve-from-5.0.0",
"Red Hat JBoss Enterprise Application Platform :None.resolve-url-0.2.1",
"Red Hat JBoss Enterprise Application Platform :None.ret-0.1.15",
"Red Hat JBoss Enterprise Application Platform :None.rimraf-2.6.3",
"Red Hat JBoss Enterprise Application Platform :None.rw-1.3.3",
"Red Hat JBoss Enterprise Application Platform :None.safe-buffer-5.1.2",
"Red Hat JBoss Enterprise Application Platform :None.safe-json-parse-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.safe-regex-1.1.0",
"Red Hat JBoss Enterprise Application Platform :None.safer-buffer-2.1.2",
"Red Hat JBoss Enterprise Application Platform :None.sax-1.2.4",
"Red Hat JBoss Enterprise Application Platform :None.select-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.semver-5.3.0",
"Red Hat JBoss Enterprise Application Platform :None.semver-5.7.0",
"Red Hat JBoss Enterprise Application Platform :None.set-blocking-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.set-value-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.signal-exit-3.0.2",
"Red Hat JBoss Enterprise Application Platform :None.slash-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.slash-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.slice-ansi-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.snapdragon-0.8.2",
"Red Hat JBoss Enterprise Application Platform :None.snapdragon-node-2.1.1",
"Red Hat JBoss Enterprise Application Platform :None.snapdragon-util-3.0.1",
"Red Hat JBoss Enterprise Application Platform :None.source-map-0.2.0",
"Red Hat JBoss Enterprise Application Platform :None.source-map-0.5.7",
"Red Hat JBoss Enterprise Application Platform :None.source-map-0.6.1",
"Red Hat JBoss Enterprise Application Platform :None.source-map-resolve-0.5.2",
"Red Hat JBoss Enterprise Application Platform :None.source-map-url-0.4.0",
"Red Hat JBoss Enterprise Application Platform :None.spark-md5-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.spdx-correct-3.1.0",
"Red Hat JBoss Enterprise Application Platform :None.spdx-exceptions-2.2.0",
"Red Hat JBoss Enterprise Application Platform :None.spdx-expression-parse-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.spdx-license-ids-3.0.4",
"Red Hat JBoss Enterprise Application Platform :None.specificity-0.4.1",
"Red Hat JBoss Enterprise Application Platform :None.split-string-3.1.0",
"Red Hat JBoss Enterprise Application Platform :None.sprintf-js-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.sprintf-js-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.sshpk-1.16.1",
"Red Hat JBoss Enterprise Application Platform :None.stack-trace-0.0.10",
"Red Hat JBoss Enterprise Application Platform :None.state-toggle-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.static-extend-0.1.2",
"Red Hat JBoss Enterprise Application Platform :None.string-template-0.2.1",
"Red Hat JBoss Enterprise Application Platform :None.string-width-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.string-width-3.1.0",
"Red Hat JBoss Enterprise Application Platform :None.string-width-4.1.0",
"Red Hat JBoss Enterprise Application Platform :None.string_decoder-0.10.31",
"Red Hat JBoss Enterprise Application Platform :None.string_decoder-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.stringify-entities-1.3.2",
"Red Hat JBoss Enterprise Application Platform :None.strip-ansi-3.0.1",
"Red Hat JBoss Enterprise Application Platform :None.strip-ansi-5.2.0",
"Red Hat JBoss Enterprise Application Platform :None.strip-bom-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.strip-bom-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.strip-indent-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.strip-indent-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.style-search-0.1.0",
"Red Hat JBoss Enterprise Application Platform :None.stylelint-10.1.0",
"Red Hat JBoss Enterprise Application Platform :None.sugarss-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.supports-color-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.supports-color-5.5.0",
"Red Hat JBoss Enterprise Application Platform :None.supports-color-6.1.0",
"Red Hat JBoss Enterprise Application Platform :None.svg-tags-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.symbol-tree-3.2.4",
"Red Hat JBoss Enterprise Application Platform :None.table-5.4.1",
"Red Hat JBoss Enterprise Application Platform :None.taffydb-2.7.2",
"Red Hat JBoss Enterprise Application Platform :None.taffydb-2.7.3",
"Red Hat JBoss Enterprise Application Platform :None.tar-4.4.10",
"Red Hat JBoss Enterprise Application Platform :None.through2-3.0.1",
"Red Hat JBoss Enterprise Application Platform :None.tiny-emitter-2.1.0",
"Red Hat JBoss Enterprise Application Platform :None.tiny-lr-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.to-fast-properties-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.to-fast-properties-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.to-object-path-0.3.0",
"Red Hat JBoss Enterprise Application Platform :None.to-regex-3.0.2",
"Red Hat JBoss Enterprise Application Platform :None.to-regex-range-2.1.1",
"Red Hat JBoss Enterprise Application Platform :None.to-regex-range-5.0.1",
"Red Hat JBoss Enterprise Application Platform :None.tough-cookie-2.4.3",
"Red Hat JBoss Enterprise Application Platform :None.tough-cookie-2.5.0",
"Red Hat JBoss Enterprise Application Platform :None.tr46-0.0.3",
"Red Hat JBoss Enterprise Application Platform :None.trim-0.0.1",
"Red Hat JBoss Enterprise Application Platform :None.trim-newlines-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.trim-newlines-2.0.0",
"Red Hat JBoss Enterprise Application Platform :None.trim-right-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.trim-trailing-lines-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.trough-1.0.4",
"Red Hat JBoss Enterprise Application Platform :None.tunnel-agent-0.6.0",
"Red Hat JBoss Enterprise Application Platform :None.tweetnacl-0.14.5",
"Red Hat JBoss Enterprise Application Platform :None.type-check-0.3.2",
"Red Hat JBoss Enterprise Application Platform :None.typedarray-to-buffer-3.1.5",
"Red Hat JBoss Enterprise Application Platform :None.unc-path-regex-0.1.2",
"Red Hat JBoss Enterprise Application Platform :None.underscore.string-3.3.5",
"Red Hat JBoss Enterprise Application Platform :None.unherit-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.unified-7.1.0",
"Red Hat JBoss Enterprise Application Platform :None.union-value-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.uniq-1.0.1",
"Red Hat JBoss Enterprise Application Platform :None.unist-util-find-all-after-1.0.4",
"Red Hat JBoss Enterprise Application Platform :None.unist-util-is-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.unist-util-remove-position-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.unist-util-stringify-position-1.1.2",
"Red Hat JBoss Enterprise Application Platform :None.unist-util-visit-1.4.1",
"Red Hat JBoss Enterprise Application Platform :None.unist-util-visit-parents-2.1.2",
"Red Hat JBoss Enterprise Application Platform :None.universalify-0.1.2",
"Red Hat JBoss Enterprise Application Platform :None.unset-value-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.uri-js-4.2.2",
"Red Hat JBoss Enterprise Application Platform :None.urix-0.1.0",
"Red Hat JBoss Enterprise Application Platform :None.use-3.1.1",
"Red Hat JBoss Enterprise Application Platform :None.util-deprecate-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.uuid-3.2.1",
"Red Hat JBoss Enterprise Application Platform :None.uuid-3.3.2",
"Red Hat JBoss Enterprise Application Platform :None.v8flags-3.1.3",
"Red Hat JBoss Enterprise Application Platform :None.validate-npm-package-license-3.0.4",
"Red Hat JBoss Enterprise Application Platform :None.verror-1.10.0",
"Red Hat JBoss Enterprise Application Platform :None.vfile-3.0.1",
"Red Hat JBoss Enterprise Application Platform :None.vfile-location-2.0.5",
"Red Hat JBoss Enterprise Application Platform :None.vfile-message-1.1.1",
"Red Hat JBoss Enterprise Application Platform :None.vuvuzela-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.webidl-conversions-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.websocket-driver-0.7.3",
"Red Hat JBoss Enterprise Application Platform :None.websocket-extensions-0.1.3",
"Red Hat JBoss Enterprise Application Platform :None.whatwg-fetch-3.0.0",
"Red Hat JBoss Enterprise Application Platform :None.whatwg-url-compat-0.6.5",
"Red Hat JBoss Enterprise Application Platform :None.which-1.3.1",
"Red Hat JBoss Enterprise Application Platform :None.wide-align-1.1.3",
"Red Hat JBoss Enterprise Application Platform :None.wordwrap-0.0.3",
"Red Hat JBoss Enterprise Application Platform :None.wordwrap-1.0.0",
"Red Hat JBoss Enterprise Application Platform :None.wrappy-1.0.2",
"Red Hat JBoss Enterprise Application Platform :None.write-1.0.3",
"Red Hat JBoss Enterprise Application Platform :None.write-stream-0.4.3",
"Red Hat JBoss Enterprise Application Platform :None.x-is-string-0.1.0",
"Red Hat JBoss Enterprise Application Platform :None.xml-name-validator-2.0.1",
"Red Hat JBoss Enterprise Application Platform :None.xtend-4.0.1",
"Red Hat JBoss Enterprise Application Platform :None.yallist-3.0.3",
"Red Hat JBoss Enterprise Application Platform :None.yargs-parser-10.1.0",
"Red Hat JBoss Enterprise Application Platform :antlr.antlr-2.7.7.redhat-7.jar",
"Red Hat JBoss Enterprise Application Platform :antlr.antlr-2.7.7.redhat-7.pom",
"Red Hat JBoss Enterprise Application Platform :ch.qos.cal10n.cal10n-api-0.8.1.redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :ch.qos.cal10n.cal10n-api-0.8.1.redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.classmate-1.5.1.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.classmate-1.5.1.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-annotations-2.11.3.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-annotations-2.12.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-annotations-2.12.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-core-2.11.3.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-core-2.12.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-core-2.12.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-databind-2.11.3.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-databind-2.12.6.1-redhat-00004.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.core.jackson-databind-2.12.6.1-redhat-00004.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.datatype.jackson-datatype-jdk8-2.12.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.datatype.jackson-datatype-jdk8-2.12.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.datatype.jackson-datatype-jsr310-2.12.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.datatype.jackson-datatype-jsr310-2.12.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.jaxrs.jackson-jaxrs-base-2.12.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.jaxrs.jackson-jaxrs-base-2.12.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.jaxrs.jackson-jaxrs-json-provider-2.12.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.jaxrs.jackson-jaxrs-json-provider-2.12.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.module.jackson-module-jaxb-annotations-2.12.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.jackson.module.jackson-module-jaxb-annotations-2.12.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.fasterxml.woodstox.woodstox-core-6.0.3.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.github.ben-manes.caffeine.caffeine-2.8.8.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.github.fge.btf-1.2.0.redhat-00007.jar",
"Red Hat JBoss Enterprise Application Platform :com.github.fge.jackson-coreutils-1.8.0.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :com.github.fge.json-patch-1.9.0.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :com.github.fge.msg-simple-1.1.0.redhat-00007.jar",
"Red Hat JBoss Enterprise Application Platform :com.github.spullara.mustache.java.compiler-0.9.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.github.spullara.mustache.java.compiler-0.9.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.google.code.gson.gson-2.8.5.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.google.code.gson.gson-2.8.9.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.google.code.gson.gson-2.8.9.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.google.guava.failureaccess-1.0.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :com.google.guava.failureaccess-1.0.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :com.google.guava.guava-30.1.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.google.guava.guava-30.1.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.google.protobuf.protobuf-java-3.12.2.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :com.googlecode.javaewah.JavaEWAH-1.1.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.googlecode.javaewah.JavaEWAH-1.1.7.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.h2database.h2-1.4.197.redhat-00004.jar",
"Red Hat JBoss Enterprise Application Platform :com.h2database.h2-1.4.197.redhat-00004.pom",
"Red Hat JBoss Enterprise Application Platform :com.h2database.h2-1.4.197.redhat-00004.zip",
"Red Hat JBoss Enterprise Application Platform :com.microsoft.azure.azure-storage-8.6.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.microsoft.azure.azure-storage-8.6.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.squareup.protoparser-4.0.3.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.activation.jakarta.activation-1.2.2.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.activation.jakarta.activation-1.2.2.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.faces.jsf-impl-2.3.14.SP06-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.faces.jsf-impl-2.3.14.SP06-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.istack.istack-commons-runtime-3.0.10.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.istack.istack-commons-runtime-3.0.10.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.istack.istack-commons-tools-3.0.10.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.istack.istack-commons-tools-3.0.10.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.mail.jakarta.mail-1.6.5.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.mail.jakarta.mail-1.6.5.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.bind.external.relaxng-datatype-2.3.3.b02-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.bind.external.relaxng-datatype-2.3.3.b02-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.bind.external.rngom-2.3.3.b02-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.bind.external.rngom-2.3.3.b02-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.bind.jaxb.isorelax-20090621.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.fastinfoset.FastInfoset-1.2.13.redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.fastinfoset.FastInfoset-1.2.13.redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.messaging.saaj.saaj-impl-1.4.1.SP1-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :com.sun.xml.messaging.saaj.saaj-impl-1.4.1.SP1-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :commons-beanutils.commons-beanutils-1.9.4.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :commons-beanutils.commons-beanutils-1.9.4.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :commons-cli.commons-cli-1.2.0.redhat-10.pom",
"Red Hat JBoss Enterprise Application Platform :commons-cli.commons-cli-1.4.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :commons-cli.commons-cli-1.4.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :commons-codec.commons-codec-1.11.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :commons-codec.commons-codec-1.15.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :commons-codec.commons-codec-1.15.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :commons-collections.commons-collections-3.2.2.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :commons-collections.commons-collections-3.2.2.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :commons-io.commons-io-2.10.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :commons-io.commons-io-2.10.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :commons-io.commons-io-2.8.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :commons-lang.commons-lang-2.6.0.redhat-7.jar",
"Red Hat JBoss Enterprise Application Platform :commons-lang.commons-lang-2.6.0.redhat-7.pom",
"Red Hat JBoss Enterprise Application Platform :commons-logging.commons-logging-1.2.0.redhat-00004.pom",
"Red Hat JBoss Enterprise Application Platform :gnu.getopt.java-getopt-1.0.13.redhat-5.jar",
"Red Hat JBoss Enterprise Application Platform :gnu.getopt.java-getopt-1.0.13.redhat-5.pom",
"Red Hat JBoss Enterprise Application Platform :io.agroal.agroal-api-1.3.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.agroal.agroal-api-1.3.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.agroal.agroal-narayana-1.3.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.agroal.agroal-narayana-1.3.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.agroal.agroal-pool-1.3.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.agroal.agroal-pool-1.3.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-buffer-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-buffer-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-dns-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-dns-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-haproxy-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-haproxy-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-http-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-http-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-http2-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-http2-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-memcache-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-memcache-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-mqtt-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-mqtt-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-redis-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-redis-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-smtp-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-smtp-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-socks-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-socks-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-stomp-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-stomp-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-xml-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-codec-xml-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-common-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-handler-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-handler-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-handler-proxy-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-handler-proxy-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-resolver-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-resolver-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-resolver-dns-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-resolver-dns-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-resolver-dns-classes-macos-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-resolver-dns-classes-macos-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-tcnative-classes-2.0.52.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-tcnative-classes-2.0.52.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-classes-epoll-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-classes-epoll-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-classes-kqueue-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-classes-kqueue-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-native-epoll-4.1.77.Final-redhat-00001-linux-x86_64.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-native-epoll-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-native-unix-common-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-native-unix-common-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-rxtx-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-rxtx-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-sctp-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-sctp-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-udt-4.1.77.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.netty.netty-transport-udt-4.1.77.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.reactivex.rxjava2.rxjava-2.2.20.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.reactivex.rxjava3.rxjava-3.0.9.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.undertow.jastow.jastow-2.0.11.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.undertow.jastow.jastow-2.0.11.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.undertow.js.undertow-js-1.0.2.Final-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :io.undertow.js.undertow-js-1.0.2.Final-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :io.undertow.undertow-core-2.2.19.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.undertow.undertow-core-2.2.19.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.undertow.undertow-servlet-2.2.19.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.undertow.undertow-servlet-2.2.19.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :io.undertow.undertow-websockets-jsr-2.2.19.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :io.undertow.undertow-websockets-jsr-2.2.19.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :jakarta.enterprise.jakarta.enterprise.cdi-api-2.0.2.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :jakarta.enterprise.jakarta.enterprise.cdi-api-2.0.2.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :jakarta.inject.jakarta.inject-api-1.0.3.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :jakarta.inject.jakarta.inject-api-1.0.3.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :jakarta.json.bind.jakarta.json.bind-api-1.0.2.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :jakarta.json.bind.jakarta.json.bind-api-1.0.2.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :jakarta.json.jakarta.json-api-1.1.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :jakarta.json.jakarta.json-api-1.1.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :jakarta.persistence.jakarta.persistence-api-2.2.3.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :jakarta.persistence.jakarta.persistence-api-2.2.3.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :jakarta.security.enterprise.jakarta.security.enterprise-api-1.0.2.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :jakarta.security.enterprise.jakarta.security.enterprise-api-1.0.2.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :jakarta.validation.jakarta.validation-api-2.0.2.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :jakarta.validation.jakarta.validation-api-2.0.2.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :javax.jws.jsr181-api-1.0.0.MR1-redhat-8.jar",
"Red Hat JBoss Enterprise Application Platform :javax.jws.jsr181-api-1.0.0.MR1-redhat-8.pom",
"Red Hat JBoss Enterprise Application Platform :jaxen.jaxen-1.1.6.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :jaxen.jaxen-1.1.6.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :jboss.jaxbintros.jboss-jaxb-intros-1.0.3.GA-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :jboss.jaxbintros.jboss-jaxb-intros-1.0.3.GA-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :joda-time.joda-time-2.9.7.redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :joda-time.joda-time-2.9.7.redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :net.bytebuddy.byte-buddy-1.11.12.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :net.bytebuddy.byte-buddy-dep-1.11.12.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :net.java.dev.msv.msv-core-2013.6.1.pom",
"Red Hat JBoss Enterprise Application Platform :net.java.dev.msv.xsdlib-2013.6.1.pom",
"Red Hat JBoss Enterprise Application Platform :net.jcip.jcip-annotations-1.0.0.redhat-8.jar",
"Red Hat JBoss Enterprise Application Platform :net.jcip.jcip-annotations-1.0.0.redhat-8.pom",
"Red Hat JBoss Enterprise Application Platform :net.shibboleth.utilities.java-support-7.3.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :net.shibboleth.utilities.java-support-7.3.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.aesh.aesh-2.4.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.aesh.aesh-2.4.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.aesh.aesh-extensions-1.8.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.aesh.aesh-extensions-1.8.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.aesh.readline-2.2.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.aesh.readline-2.2.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.aesh.terminal-api-2.2.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.activemq-artemis-native-1.0.2.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.activemq-artemis-native-1.0.2.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-cli-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-cli-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-commons-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-commons-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-core-client-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-core-client-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-dto-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-dto-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-hornetq-protocol-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-hornetq-protocol-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-hqclient-protocol-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-hqclient-protocol-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-jdbc-store-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-jdbc-store-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-jms-client-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-jms-client-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-jms-server-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-jms-server-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-journal-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-journal-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-ra-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-ra-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-selector-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-selector-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-server-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-server-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-service-extensions-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-service-extensions-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-tools-2.16.0.redhat-00045.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.activemq.artemis-tools-2.16.0.redhat-00045.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.avro.avro-1.7.6.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.avro.avro-1.7.6.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.commons.commons-lang3-3.11.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.commons.commons-lang3-3.11.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-core-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-core-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-bindings-coloc-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-bindings-coloc-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-bindings-soap-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-bindings-soap-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-bindings-xml-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-bindings-xml-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-databinding-aegis-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-databinding-aegis-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-databinding-jaxb-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-databinding-jaxb-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-features-clustering-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-features-clustering-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-features-logging-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-features-logging-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-frontend-jaxws-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-frontend-jaxws-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-frontend-simple-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-frontend-simple-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-management-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-management-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-security-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-security-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-security-saml-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-security-saml-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-http-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-http-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-http-hc-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-http-hc-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-jms-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-jms-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-local-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-transports-local-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-addr-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-addr-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-mex-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-mex-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-policy-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-policy-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-rm-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-rm-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-security-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-ws-security-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-wsdl-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-rt-wsdl-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-common-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-common-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-java2ws-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-java2ws-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-validator-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-validator-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-wsdlto-core-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-wsdlto-core-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-wsdlto-databinding-jaxb-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-wsdlto-databinding-jaxb-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-wsdlto-frontend-jaxws-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.cxf-tools-wsdlto-frontend-jaxws-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.services.sts.cxf-services-sts-core-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.services.sts.cxf-services-sts-core-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.services.ws-discovery.cxf-services-ws-discovery-api-3.3.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.services.ws-discovery.cxf-services-ws-discovery-api-3.3.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjc-utils.cxf-xjc-runtime-3.3.1.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjc-utils.cxf-xjc-runtime-3.3.1.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-boolean-3.3.1.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-boolean-3.3.1.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-bug986-3.3.1.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-bug986-3.3.1.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-dv-3.3.1.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-dv-3.3.1.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-ts-3.3.1.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.cxf.xjcplugins.cxf-xjc-ts-3.3.1.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpasyncclient-4.1.4.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpasyncclient-4.1.4.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpclient-4.5.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpclient-4.5.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpcore-4.4.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpcore-4.4.14.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpcore-4.4.14.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpcore-nio-4.4.14.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpcore-nio-4.4.14.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpmime-4.5.13.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.httpcomponents.httpmime-4.5.13.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.james.apache-mime4j-0.6.0.redhat-7.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.james.apache-mime4j-0.6.0.redhat-7.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.logging.log4j.log4j-api-2.17.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.logging.log4j.log4j-api-2.17.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-analyzers-common-5.5.5.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-analyzers-common-5.5.5.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-backward-codecs-5.5.5.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-backward-codecs-5.5.5.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-core-5.5.5.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-core-5.5.5.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-facet-5.5.5.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-facet-5.5.5.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-misc-5.5.5.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-misc-5.5.5.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-queries-5.5.5.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-queries-5.5.5.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-queryparser-5.5.5.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.lucene.lucene-queryparser-5.5.5.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.neethi.neethi-3.1.1.redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.neethi.neethi-3.1.1.redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.santuario.xmlsec-2.1.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.santuario.xmlsec-2.1.7.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.sshd.sshd-common-2.7.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.sshd.sshd-common-2.7.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.sshd.sshd-core-2.7.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.sshd.sshd-core-2.7.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.taglibs.taglibs-standard-compat-1.2.6.RC1-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.taglibs.taglibs-standard-compat-1.2.6.RC1-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.taglibs.taglibs-standard-impl-1.2.6.RC1-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.taglibs.taglibs-standard-impl-1.2.6.RC1-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.taglibs.taglibs-standard-spec-1.2.6.RC1-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.taglibs.taglibs-standard-spec-1.2.6.RC1-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.velocity.velocity-engine-core-2.3.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.ws.xmlschema.xmlschema-core-2.2.5.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.ws.xmlschema.xmlschema-core-2.2.5.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-bindings-2.2.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-bindings-2.2.7.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-policy-2.2.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-policy-2.2.7.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-common-2.2.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-common-2.2.7.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-dom-2.2.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-dom-2.2.7.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-policy-stax-2.2.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-policy-stax-2.2.7.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-stax-2.2.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.apache.wss4j.wss4j-ws-security-stax-2.2.7.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.bitbucket.b_c.jose4j-0.7.5.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcmail-jdk15on-1.68.0.redhat-00005.jar",
"Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcmail-jdk15on-1.68.0.redhat-00005.pom",
"Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcpg-jdk15on-1.68.0.redhat-00005.jar",
"Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcpg-jdk15on-1.68.0.redhat-00005.pom",
"Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcpkix-jdk15on-1.68.0.redhat-00005.jar",
"Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcpkix-jdk15on-1.68.0.redhat-00005.pom",
"Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcprov-jdk15on-1.68.0.redhat-00005.jar",
"Red Hat JBoss Enterprise Application Platform :org.bouncycastle.bcprov-jdk15on-1.68.0.redhat-00005.pom",
"Red Hat JBoss Enterprise Application Platform :org.codehaus.jackson.jackson-core-asl-1.9.13.redhat-00007.jar",
"Red Hat JBoss Enterprise Application Platform :org.codehaus.jackson.jackson-jaxrs-1.9.13.redhat-00007.jar",
"Red Hat JBoss Enterprise Application Platform :org.codehaus.jackson.jackson-mapper-asl-1.9.13.redhat-00007.jar",
"Red Hat JBoss Enterprise Application Platform :org.codehaus.jackson.jackson-xc-1.9.13.redhat-00007.jar",
"Red Hat JBoss Enterprise Application Platform :org.codehaus.jettison.jettison-1.4.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.codehaus.jettison.jettison-1.4.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.codehaus.woodstox.stax2-api-4.2.1.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.codehaus.woodstox.stax2-api-4.2.1.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.cryptacular.cryptacular-1.2.4.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.cryptacular.cryptacular-1.2.4.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.dom4j.dom4j-2.1.3.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.dom4j.dom4j-2.1.3.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.eclipse.jdt.ecj-3.26.0.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.eclipse.jdt.ecj-3.26.0.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.eclipse.jgit.org.eclipse.jgit-5.13.0.202109080827-r-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.eclipse.jgit.org.eclipse.jgit-5.13.0.202109080827-r-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.eclipse.jgit.org.eclipse.jgit.ssh.apache-5.13.0.202109080827-r-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.eclipse.jgit.org.eclipse.jgit.ssh.apache-5.13.0.202109080827-r-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.eclipse.yasson-1.0.10.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.eclipse.yasson-1.0.10.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.fusesource.hawtjni.hawtjni-runtime-1.17.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.fusesource.jansi.jansi-1.18.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.fusesource.jansi.jansi-linux32-1.8.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.fusesource.jansi.jansi-linux64-1.8.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.fusesource.jansi.jansi-native-1.8.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jakarta.el-3.0.3.redhat-00007.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jakarta.el-3.0.3.redhat-00007.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jakarta.enterprise.concurrent-1.1.1.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jakarta.enterprise.concurrent-1.1.1.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jakarta.json-1.1.6.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jakarta.json-1.1.6.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.codemodel-2.3.3.b02-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.codemodel-2.3.3.b02-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.jaxb-jxc-2.3.3.b02-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.jaxb-jxc-2.3.3.b02-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.jaxb-runtime-2.3.3.b02-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.jaxb-runtime-2.3.3.b02-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.jaxb-xjc-2.3.3.b02-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.jaxb-xjc-2.3.3.b02-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.txw2-2.3.3.b02-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.txw2-2.3.3.b02-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.xsom-2.3.3.b02-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.jaxb.xsom-2.3.3.b02-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.soteria.jakarta.security.enterprise-1.0.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.glassfish.soteria.jakarta.security.enterprise-1.0.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.common.hibernate-commons-annotations-5.0.5.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-core-5.3.28.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-envers-5.3.28.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-backend-jms-5.10.7.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-backend-jms-5.10.7.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-engine-5.10.7.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-engine-5.10.7.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-orm-5.10.7.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-orm-5.10.7.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-serialization-avro-5.10.7.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.hibernate-search-serialization-avro-5.10.7.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.validator.hibernate-validator-6.0.23.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.validator.hibernate-validator-6.0.23.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.validator.hibernate-validator-cdi-6.0.23.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hibernate.validator.hibernate-validator-cdi-6.0.23.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.hornetq.hornetq-commons-2.4.8.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hornetq.hornetq-commons-2.4.8.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.hornetq.hornetq-core-client-2.4.8.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hornetq.hornetq-core-client-2.4.8.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.hornetq.hornetq-jms-client-2.4.8.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.hornetq.hornetq-jms-client-2.4.8.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-cachestore-jdbc-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-cachestore-jdbc-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-cachestore-remote-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-cachestore-remote-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-client-hotrod-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-client-hotrod-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-commons-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-commons-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-component-annotations-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-component-annotations-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-core-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-core-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-commons-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-commons-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-spi-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-spi-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-v51-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-v51-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-v53-11.0.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.infinispan-hibernate-cache-v53-11.0.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.protostream.protostream-4.3.5.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.infinispan.protostream.protostream-4.3.5.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jasypt.jasypt-1.9.3.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.jasypt.jasypt-1.9.3.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.javassist.javassist-3.26.0.GA-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.javassist.javassist-3.27.0.GA-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.javassist.javassist-3.27.0.GA-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jberet.jberet-core-1.3.9.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jberet.jberet-core-1.3.9.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.activemq.artemis.integration.artemis-wildfly-integration-1.0.4.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.activemq.artemis.integration.artemis-wildfly-integration-1.0.4.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.classfilewriter.jboss-classfilewriter-1.2.5.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.classfilewriter.jboss-classfilewriter-1.2.5.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.common.jboss-common-beans-2.0.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.common.jboss-common-beans-2.0.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-eclipselink-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-eclipselink-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate4-1-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate4-1-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate4-3-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate4-3-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate5-3-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate5-3-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate5-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-hibernate5-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-openjpa-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-openjpa-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.jipijapa-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-appclient-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-appclient-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-batch-jberet-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-batch-jberet-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-bean-validation-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-bean-validation-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-client-all-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-client-properties-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-client-properties-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-api-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-api-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-common-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-common-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-cache-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-cache-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-hotrod-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-hotrod-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-infinispan-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-infinispan-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ee-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ejb-infinispan-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ejb-infinispan-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ejb-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-ejb-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-client-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-client-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-extension-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-extension-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-marshalling-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-marshalling-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-infinispan-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-jgroups-api-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-jgroups-api-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-jgroups-extension-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-jgroups-extension-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-jgroups-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-jgroups-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-api-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-api-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-jboss-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-jboss-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-protostream-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-protostream-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-marshalling-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-server-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-server-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-service-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-service-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-singleton-api-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-singleton-api-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-singleton-extension-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-singleton-extension-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-api-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-api-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-cache-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-cache-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-container-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-container-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-extension-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-extension-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-hotrod-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-hotrod-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-infinispan-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-infinispan-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-undertow-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-clustering-web-undertow-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-cmp-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-cmp-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-configadmin-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-configadmin-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-connector-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-connector-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-datasources-agroal-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-datasources-agroal-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ee-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ee-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ee-security-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ee-security-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ejb3-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ejb3-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-health-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-health-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-iiop-openjdk-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-iiop-openjdk-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jacorb-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jacorb-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jaxr-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jaxr-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jaxrs-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jaxrs-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jdr-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jdr-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jpa-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jpa-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jsf-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jsf-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jsf-injection-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jsf-injection-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jsr77-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-jsr77-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-mail-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-mail-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-messaging-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-messaging-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-messaging-activemq-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-messaging-activemq-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-metrics-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-metrics-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-mod_cluster-extension-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-mod_cluster-extension-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-mod_cluster-undertow-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-mod_cluster-undertow-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-naming-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-naming-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ormtransformer-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-ormtransformer-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-picketlink-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-picketlink-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-pojo-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-pojo-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-rts-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-rts-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-sar-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-sar-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-api-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-api-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-integration-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-integration-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-plugins-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-plugins-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-vault-tool-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-security-vault-tool-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-system-jmx-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-system-jmx-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-transactions-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-transactions-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-undertow-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-undertow-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-web-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-web-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-web-common-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-web-common-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-webservices-server-integration-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-webservices-server-integration-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-bean-validation-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-bean-validation-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-common-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-common-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-ejb-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-ejb-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-jpa-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-jpa-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-spi-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-spi-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-transactions-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-transactions-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-webservices-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-weld-webservices-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-xts-7.4.7.GA-redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.eap.wildfly-xts-7.4.7.GA-redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ejb3.jboss-ejb3-ext-api-2.3.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ejb3.jboss-ejb3-ext-api-2.3.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.genericjms.generic-jms-ra-jar-2.0.9.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.genericjms.generic-jms-ra-jar-2.0.9.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.hal.hal-console-3.3.14.Final-redhat-00001-resources.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.hal.hal-console-3.3.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.invocation.jboss-invocation-1.6.3.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.invocation.jboss-invocation-1.6.3.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-common-api-1.5.3.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-common-api-1.5.3.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-common-impl-1.5.3.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-common-impl-1.5.3.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-common-spi-1.5.3.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-common-spi-1.5.3.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-core-api-1.5.3.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-core-api-1.5.3.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-core-impl-1.5.3.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-core-impl-1.5.3.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-deployers-common-1.5.3.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-deployers-common-1.5.3.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-jdbc-1.5.3.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-jdbc-1.5.3.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-validator-1.5.3.SP2-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ironjacamar.ironjacamar-validator-1.5.3.SP2-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jandex-2.4.2.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jandex-2.4.2.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-dmr-1.5.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-dmr-1.5.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-ejb-client-4.0.45.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-ejb-client-4.0.45.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-ejb-client-legacy-3.0.3.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-ejb-client-legacy-3.0.3.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-iiop-client-1.0.1.Final-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-iiop-client-1.0.1.Final-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-transaction-spi-7.6.0.Final-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-transaction-spi-7.6.0.Final-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-vfs-3.2.17.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.jboss-vfs-3.2.17.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logging.commons-logging-jboss-logging-1.0.0.Final-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logging.commons-logging-jboss-logging-1.0.0.Final-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logging.jboss-logging-3.4.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logging.jboss-logging-3.4.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logging.jul-to-slf4j-stub-1.0.1.Final-redhat-3.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logging.jul-to-slf4j-stub-1.0.1.Final-redhat-3.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logmanager.jboss-logmanager-2.1.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logmanager.jboss-logmanager-2.1.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logmanager.log4j-jboss-logmanager-1.2.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logmanager.log4j2-jboss-logmanager-1.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.logmanager.log4j2-jboss-logmanager-1.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.marshalling.jboss-marshalling-2.0.12.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.marshalling.jboss-marshalling-2.0.12.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.marshalling.jboss-marshalling-river-2.0.12.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.marshalling.jboss-marshalling-river-2.0.12.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-appclient-13.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-appclient-13.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-common-13.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-common-13.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-ear-13.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-ear-13.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-ejb-13.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-ejb-13.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-web-13.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.metadata.jboss-metadata-web-13.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-cli-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-cli-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-core-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-core-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap6.4-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap6.4-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap6.4-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap6.4-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.0-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.0-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.0-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.0-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.1-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.1-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.1-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.1-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.2-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.2-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.2-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.2-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.3-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.3-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.3-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.3-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.4-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.4-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.4-to-eap7.4-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-eap7.4-to-eap7.4-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly10.0-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly10.0-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly10.1-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly10.1-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly11.0-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly11.0-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly12.0-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly12.0-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly13.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly13.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly14.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly14.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly15.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly15.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly16.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly16.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly17.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly17.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly18.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly18.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly19.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly19.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly20.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly20.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly21.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly21.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly22.0-server-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly22.0-server-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly8.2-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly8.2-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly9.0-1.10.0.Final-redhat-00019.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.migration.jboss-server-migration-wildfly9.0-1.10.0.Final-redhat-00019.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.mod_cluster.mod_cluster-container-spi-1.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.mod_cluster.mod_cluster-container-spi-1.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.mod_cluster.mod_cluster-core-1.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.mod_cluster.mod_cluster-core-1.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.mod_cluster.mod_cluster-load-spi-1.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.mod_cluster.mod_cluster-load-spi-1.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.modules.jboss-modules-1.12.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.modules.jboss-modules-1.12.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.msc.jboss-msc-1.4.12.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.msc.jboss-msc-1.4.12.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.arjunacore.arjuna-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.arjunacore.txoj-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.common-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.compensations.compensations-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.compensations.compensations-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jbosstxbridge-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jbosstxbridge-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jta.cdi-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jta.jdbc-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jta.jms-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jta.jta-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jts.idlj-idl-jdk8-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jts.jtax-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jts.jts-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jts.narayana-jts-idlj-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jts.narayana-jts-integration-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jts.narayana-jts-integration-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.jts.orbportability-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-api-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-api-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-bridge-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-bridge-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-integration-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-integration-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-util-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.rts.restat-util-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.txframework.txframework-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.txframework.txframework-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.bridge-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.jbossxts-5.11.4.Final-redhat-00001-api.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.jbossxts-5.11.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.recovery-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.service-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.ws-c11-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.ws-t11-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.wsas-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.wscf11-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.narayana.xts.wstx11-5.11.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.openjdk-orb.openjdk-orb-8.1.4.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.openjdk-orb.openjdk-orb-8.1.4.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.remoting.jboss-remoting-5.0.25.SP1-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.remoting.jboss-remoting-5.0.25.SP1-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.remotingjmx.remoting-jmx-3.0.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.remotingjmx.remoting-jmx-3.0.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.jose-jwt-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.jose-jwt-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-atom-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-atom-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-cdi-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-cdi-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-client-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-client-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-crypto-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-crypto-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jackson-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jackson-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jackson2-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jackson2-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jaxb-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jaxb-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jaxrs-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jaxrs-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jettison-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jettison-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jsapi-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-jsapi-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-json-binding-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-json-binding-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-json-p-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-json-p-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-multipart-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-multipart-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-rxjava2-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-rxjava2-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-spring-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-spring-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-validator-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-validator-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-yaml-provider-3.15.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.resteasy.resteasy-yaml-provider-3.15.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.seam.integration.jboss-seam-int-jbossas-7.0.0.GA-redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.seam.integration.jboss-seam-int-jbossas-7.0.0.GA-redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-common-3.0.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-common-3.0.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-extras-3.0.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-extras-3.0.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-ntlm-3.0.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-ntlm-3.0.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-spnego-3.0.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jboss-negotiation-spnego-3.0.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.security.jbossxacml-2.0.8.Final-redhat-8.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.slf4j.slf4j-jboss-logmanager-1.1.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.slf4j.slf4j-jboss-logmanager-1.1.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.annotation.jboss-annotations-api_1.3_spec-2.0.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.annotation.jboss-annotations-api_1.3_spec-2.0.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.batch.jboss-batch-api_1.0_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.batch.jboss-batch-api_1.0_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.ejb.jboss-ejb-api_3.2_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.ejb.jboss-ejb-api_3.2_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.el.jboss-el-api_3.0_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.el.jboss-el-api_3.0_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.enterprise.concurrent.jboss-concurrency-api_1.0_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.enterprise.concurrent.jboss-concurrency-api_1.0_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.faces.jboss-jsf-api_2.3_spec-3.0.0.SP06-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.faces.jboss-jsf-api_2.3_spec-3.0.0.SP06-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.interceptor.jboss-interceptors-api_1.2_spec-2.0.0.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.interceptor.jboss-interceptors-api_1.2_spec-2.0.0.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.jms.jboss-jms-api_2.0_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.jms.jboss-jms-api_2.0_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.management.j2ee.jboss-j2eemgmt-api_1.1_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.management.j2ee.jboss-j2eemgmt-api_1.1_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.resource.jboss-connector-api_1.7_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.resource.jboss-connector-api_1.7_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.security.auth.message.jboss-jaspi-api_1.1_spec-2.0.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.security.auth.message.jboss-jaspi-api_1.1_spec-2.0.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.security.jacc.jboss-jacc-api_1.5_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.security.jacc.jboss-jacc-api_1.5_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.servlet.jboss-servlet-api_4.0_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.servlet.jboss-servlet-api_4.0_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.servlet.jsp.jboss-jsp-api_2.3_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.servlet.jsp.jboss-jsp-api_2.3_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.transaction.jboss-transaction-api_1.3_spec-2.0.0.Final-redhat-00005.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.transaction.jboss-transaction-api_1.3_spec-2.0.0.Final-redhat-00005.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.websocket.jboss-websocket-api_1.1_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.websocket.jboss-websocket-api_1.1_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.ws.rs.jboss-jaxrs-api_2.1_spec-2.0.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.ws.rs.jboss-jaxrs-api_2.1_spec-2.0.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.bind.jboss-jaxb-api_2.3_spec-2.0.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.bind.jboss-jaxb-api_2.3_spec-2.0.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.rpc.jboss-jaxrpc-api_1.1_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.rpc.jboss-jaxrpc-api_1.1_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.soap.jboss-saaj-api_1.3_spec-1.0.6.Final-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.soap.jboss-saaj-api_1.3_spec-1.0.6.Final-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.soap.jboss-saaj-api_1.4_spec-1.0.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.soap.jboss-saaj-api_1.4_spec-1.0.2.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.ws.jboss-jaxws-api_2.3_spec-2.0.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.spec.javax.xml.ws.jboss-jaxws-api_2.3_spec-2.0.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.staxmapper-1.3.0.Final-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.staxmapper-1.3.0.Final-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.stdio.jboss-stdio-1.1.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.stdio.jboss-stdio-1.1.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.threads.jboss-threads-2.4.0.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.threads.jboss-threads-2.4.0.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-ejb-3.1.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-ejb-3.1.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-jsf-3.1.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-jsf-3.1.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-jta-3.1.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-jta-3.1.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-web-3.1.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.module.weld-web-3.1.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.probe.weld-probe-core-3.1.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.probe.weld-probe-core-3.1.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.weld-api-3.1.0.SP3-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.weld-api-3.1.0.SP3-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.weld-core-impl-3.1.6.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.weld-core-impl-3.1.6.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.weld-spi-3.1.0.SP3-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.weld.weld-spi-3.1.0.SP3-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-client-5.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-client-5.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-factories-5.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-factories-5.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-jaspi-5.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-jaspi-5.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-resources-5.4.4.Final-redhat-00001-wildfly2000.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-resources-5.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-server-5.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-server-5.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-transports-udp-5.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-transports-udp-5.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-transports-undertow-5.4.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.cxf.jbossws-cxf-transports-undertow-5.4.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-api-1.1.2.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-api-1.1.2.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-common-3.3.3.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-common-3.3.3.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-common-tools-1.3.2.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-common-tools-1.3.2.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-spi-3.3.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.jbossws-spi-3.3.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.projects.jaxws-undertow-httpspi-1.0.1.Final-redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.ws.projects.jaxws-undertow-httpspi-1.0.1.Final-redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.xnio.netty.netty-xnio-transport-0.1.9.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.xnio.netty.netty-xnio-transport-0.1.9.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.xnio.xnio-api-3.8.7.SP1-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.xnio.xnio-api-3.8.7.SP1-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jboss.xnio.xnio-nio-3.8.7.SP1-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jboss.xnio.xnio-nio-3.8.7.SP1-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jctools.jctools-core-2.1.2.redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.jctools.jctools-core-2.1.2.redhat-00003.pom",
"Red Hat JBoss Enterprise Application Platform :org.jctools.jctools-core-3.1.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jgroups.azure.jgroups-azure-1.3.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jgroups.azure.jgroups-azure-1.3.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jgroups.jgroups-4.2.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jgroups.jgroups-4.2.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jgroups.kubernetes.jgroups-kubernetes-1.0.16.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.jgroups.kubernetes.jgroups-kubernetes-1.0.16.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.jsoup.jsoup-1.14.2.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.jsoup.jsoup-1.14.2.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.jvnet.staxex.stax-ex-1.8.3.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.jvnet.staxex.stax-ex-1.8.3.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-core-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-core-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-profile-api-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-profile-api-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-saml-api-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-saml-api-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-saml-impl-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-saml-impl-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-security-api-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-security-api-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-security-impl-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-security-impl-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-soap-api-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-soap-api-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-api-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-api-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-impl-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-impl-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-saml-api-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-saml-api-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-saml-impl-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xacml-saml-impl-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xmlsec-api-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xmlsec-api-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xmlsec-impl-3.3.1.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.opensaml.opensaml-xmlsec-impl-3.3.1.redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.ow2.asm.asm-9.1.0.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.ow2.asm.asm-util-9.1.0.redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.acl-spi-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.authorization-spi-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.common-spi-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.identity-spi-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.jboss-security-spi-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.jbosssx-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.jbosssx-bare-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-5.0.3.Final-redhat-00009.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-acl-impl-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-bare-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-commons-1.0.0.final-redhat-5.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-commons-1.0.0.final-redhat-5.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-identity-impl-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-infinispan-5.0.3.Final-redhat-00009.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-infinispan-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketbox.picketbox-spi-bare-5.0.3.Final-redhat-00009.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.distribution.picketlink-wildfly8-2.5.5.SP12-redhat-00014.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-api-2.5.5.SP12-redhat-00011.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-api-2.5.5.SP12-redhat-00011.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-common-2.5.5.SP12-redhat-00011.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-common-2.5.5.SP12-redhat-00011.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-config-2.5.5.SP12-redhat-00011.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-config-2.5.5.SP12-redhat-00011.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-federation-2.5.5.SP12-redhat-00011.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-federation-2.5.5.SP12-redhat-00011.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-idm-api-2.5.5.SP12-redhat-00011.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-idm-api-2.5.5.SP12-redhat-00011.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-idm-impl-2.5.5.SP12-redhat-00011.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-idm-impl-2.5.5.SP12-redhat-00011.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-idm-simple-schema-2.5.5.SP12-redhat-00011.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-idm-simple-schema-2.5.5.SP12-redhat-00011.pom",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-impl-2.5.5.SP12-redhat-00011.jar",
"Red Hat JBoss Enterprise Application Platform :org.picketlink.picketlink-impl-2.5.5.SP12-redhat-00011.pom",
"Red Hat JBoss Enterprise Application Platform :org.projectodd.vdx.vdx-core-1.1.6.redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.projectodd.vdx.vdx-core-1.1.6.redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.projectodd.vdx.vdx-wildfly-1.1.6.redhat-1.jar",
"Red Hat JBoss Enterprise Application Platform :org.projectodd.vdx.vdx-wildfly-1.1.6.redhat-1.pom",
"Red Hat JBoss Enterprise Application Platform :org.reactivestreams.reactive-streams-1.0.3.redhat-00003.jar",
"Red Hat JBoss Enterprise Application Platform :org.slf4j.jcl-over-slf4j-1.7.30.redhat-00004.pom",
"Red Hat JBoss Enterprise Application Platform :org.slf4j.slf4j-api-1.7.22.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.slf4j.slf4j-api-1.7.22.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.slf4j.slf4j-api-1.7.30.redhat-00004.pom",
"Red Hat JBoss Enterprise Application Platform :org.slf4j.slf4j-ext-1.7.22.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :org.slf4j.slf4j-ext-1.7.22.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.client.wildfly-client-config-1.0.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.client.wildfly-client-config-1.0.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.common.wildfly-common-1.5.4.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.common.wildfly-common-1.5.4.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-cli-15.0.18.Final-redhat-00001-client.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-cli-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-cli-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-controller-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-controller-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-controller-client-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-controller-client-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-management-client-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-management-client-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-management-subsystem-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-management-subsystem-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-security-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-security-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-security-api-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-core-security-api-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-deployment-repository-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-deployment-repository-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-deployment-scanner-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-deployment-scanner-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-discovery-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-discovery-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-domain-http-error-context-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-domain-http-error-context-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-domain-http-interface-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-domain-http-interface-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-domain-management-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-domain-management-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-elytron-integration-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-elytron-integration-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-elytron-tool-wrapper-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-elytron-tool-wrapper-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-embedded-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-embedded-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-event-logger-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-event-logger-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-host-controller-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-host-controller-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-io-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-io-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-jmx-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-jmx-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-launcher-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-launcher-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-logging-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-logging-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-management-client-content-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-management-client-content-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-network-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-network-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-patching-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-patching-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-platform-mbean-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-platform-mbean-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-process-controller-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-process-controller-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-protocol-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-protocol-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-remoting-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-remoting-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-request-controller-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-request-controller-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-security-manager-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-security-manager-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-server-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-server-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-threads-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-threads-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-version-15.0.18.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.core.wildfly-version-15.0.18.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.discovery.wildfly-discovery-client-1.2.1.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.discovery.wildfly-discovery-client-1.2.1.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-java-2.2.3.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-java-2.2.3.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-ppc64le-2.2.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-ppc64le-2.2.2.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel6-x86_64-2.2.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel6-x86_64-2.2.2.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel7-x86_64-2.2.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel7-x86_64-2.2.2.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel8-x86_64-2.2.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel8-x86_64-2.2.2.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel9-x86_64-2.2.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-rhel9-x86_64-2.2.2.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-s390x-2.2.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-linux-s390x-2.2.2.Final-redhat-00002.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.openssl.wildfly-openssl-windows-x86_64-2.2.2.Final-redhat-00002.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.elytron-web.undertow-server-1.9.2.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.elytron-web.undertow-server-1.9.2.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.elytron-web.undertow-server-servlet-1.9.2.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.elytron-web.undertow-server-servlet-1.9.2.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-asn1-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-asn1-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-audit-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-audit-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-deprecated-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-deprecated-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-http-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-http-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-sasl-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-server-sasl-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-util-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-auth-util-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-base-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-base-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-client-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-client-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-source-deprecated-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-source-deprecated-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-source-impl-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-source-impl-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-store-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-credential-store-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-digest-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-digest-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-encryption-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-encryption-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-basic-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-basic-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-bearer-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-bearer-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-cert-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-cert-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-deprecated-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-deprecated-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-digest-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-digest-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-external-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-external-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-form-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-form-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-oidc-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-spnego-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-spnego-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-sso-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-sso-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-stateful-basic-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-stateful-basic-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-util-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-http-util-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-jacc-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-jacc-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-jaspi-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-jaspi-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-jose-jwk-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-jose-util-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-json-util-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-json-util-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-keystore-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-keystore-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-digest-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-digest-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-gssapi-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-gssapi-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-http-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-http-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-oauth2-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-oauth2-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-scram-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-mechanism-scram-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-password-impl-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-password-impl-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-permission-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-permission-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-provider-util-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-provider-util-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-jdbc-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-jdbc-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-ldap-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-ldap-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-token-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-realm-token-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-anonymous-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-anonymous-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-auth-util-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-auth-util-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-deprecated-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-deprecated-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-digest-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-digest-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-entity-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-entity-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-external-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-external-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-gs2-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-gs2-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-gssapi-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-gssapi-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-localuser-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-localuser-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-oauth2-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-oauth2-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-otp-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-otp-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-plain-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-plain-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-scram-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-sasl-scram-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-security-manager-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-security-manager-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-security-manager-action-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-security-manager-action-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-ssl-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-ssl-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-tool-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-tool-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-util-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-util-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-cert-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-cert-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-cert-acme-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-cert-acme-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-cert-util-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-cert-util-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-deprecated-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-deprecated-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-principal-1.15.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.security.wildfly-elytron-x500-principal-1.15.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.transaction.wildfly-transaction-client-1.1.15.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.transaction.wildfly-transaction-client-1.1.15.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-client-common-1.1.13.SP1-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-client-common-1.1.13.SP1-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-ejb-client-1.1.13.SP1-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-ejb-client-1.1.13.SP1-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-naming-client-1.1.13.SP1-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-naming-client-1.1.13.SP1-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-transaction-client-1.1.13.SP1-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-http-client.wildfly-http-transaction-client-1.1.13.SP1-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-naming-client-1.0.14.Final-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.wildfly.wildfly-naming-client-1.0.14.Final-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :org.yaml.snakeyaml-1.31.0.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :org.yaml.snakeyaml-1.31.0.redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :wsdl4j.wsdl4j-1.6.3.redhat-2.jar",
"Red Hat JBoss Enterprise Application Platform :wsdl4j.wsdl4j-1.6.3.redhat-2.pom",
"Red Hat JBoss Enterprise Application Platform :xalan.serializer-2.7.1.redhat-00013.jar",
"Red Hat JBoss Enterprise Application Platform :xalan.serializer-2.7.1.redhat-00013.pom",
"Red Hat JBoss Enterprise Application Platform :xalan.xalan-2.7.1.redhat-00013.jar",
"Red Hat JBoss Enterprise Application Platform :xalan.xalan-2.7.1.redhat-00013.pom",
"Red Hat JBoss Enterprise Application Platform :xerces.xercesImpl-2.12.0.SP04-redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :xerces.xercesImpl-2.12.0.SP04-redhat-00001.pom",
"Red Hat JBoss Enterprise Application Platform :xml-resolver.xml-resolver-1.2.0.redhat-12.jar",
"Red Hat JBoss Enterprise Application Platform :xml-resolver.xml-resolver-1.2.0.redhat-12.pom",
"Red Hat JBoss Enterprise Application Platform :xom.xom-1.3.7.redhat-00001.jar",
"Red Hat JBoss Enterprise Application Platform :xom.xom-1.3.7.redhat-00001.pom"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "snakeyaml: Denial of Service due to missing nested depth limitation for collections"
}
]
}
RHSA-2023_3198
Vulnerability from csaf_redhat - Published: 2023-05-17 17:53 - Updated: 2024-12-17 23:03Summary
Red Hat Security Advisory: jenkins and jenkins-2-plugins security update
Severity
Critical
Notes
Topic: An update for jenkins and jenkins-2-plugins is now available for OpenShift Developer Tools and Services for OCP 4.11.
Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron.
Security Fix(es):
* apache-commons-text: variable interpolation RCE (CVE-2022-42889)
* jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin (CVE-2022-43401)
* jenkins-plugin/workflow-cps: Sandbox bypass vulnerabilities in Pipeline: Groovy Plugin (CVE-2022-43402)
* jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin (CVE-2022-43403)
* jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin (CVE-2022-43404)
* jenkins-plugin/pipeline-groovy-lib: Sandbox bypass vulnerability in Pipeline: Groovy Libraries Plugin (CVE-2022-43405)
* jenkins-plugin/workflow-cps-global-lib: Sandbox bypass vulnerability in Pipeline: Deprecated Groovy Libraries Plugin (CVE-2022-43406)
* maven: Block repositories using http by default (CVE-2021-26291)
* SnakeYaml: Constructor Deserialization Remote Code Execution (CVE-2022-1471)
* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)
* maven-shared-utils: Command injection via Commandline class (CVE-2022-29599)
* jenkins-plugin/pipeline-input-step: CSRF protection for any URL can be bypassed in Pipeline: Input Step Plugin (CVE-2022-43407)
* mina-sshd: Java unsafe deserialization vulnerability (CVE-2022-45047)
* jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin (CVE-2023-24422)
* Jenkins plugin: CSRF vulnerability in Blue Ocean Plugin (CVE-2022-30953)
* Jenkins plugin: missing permission checks in Blue Ocean Plugin (CVE-2022-30954)
* jenkins-plugin/pipeline-stage-view: CSRF protection for any URL can be bypassed in Pipeline: Stage View Plugin (CVE-2022-43408)
* jenkins-plugin/workflow-support: Stored XSS vulnerability in Pipeline: Supporting APIs Plugin (CVE-2022-43409)
* jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin (CVE-2023-25761)
* jenkins-2-plugins/pipeline-build-step: Stored XSS vulnerability in Pipeline: Build Step Plugin (CVE-2023-25762)
* Jenkins: Temporary file parameter created with insecure permissions (CVE-2023-27903)
* Jenkins: Information disclosure through error stack traces related to agents (CVE-2023-27904)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in maven. Repositories that are defined in a dependency’s Project Object Model (pom), which may be unknown to users, are used by default resulting in potential risk if a malicious actor takes over that repository or is able to insert themselves into a position to pretend to be that repository. The highest threat from this vulnerability is to data confidentiality and integrity.
7.4 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:3198
Workaround
To avoid possible man-in-the-middle related attacks with this flaw, ensure any linked repositories in maven POMs use https and not http.
A flaw was found in the SnakeYaml package. This flaw allows an attacker to benefit from remote code execution by sending malicious YAML content and this content being deserialized by the constructor. Deserialization is unsafe and leads to Remote Code Execution (RCE).
9.8 (Critical)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:3198
A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.
7.5 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:3198
A flaw was found in the maven-shared-utils package. This issue allows a Command Injection due to improper escaping, allowing a shell injection attack.
9.8 (Critical)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:3198
A cross-site request forgery (CSRF) vulnerability in Jenkins Blue Ocean Plugin 1.25.3 and earlier allows attackers to connect to an attacker-specified HTTP server.
6.5 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:3198
Jenkins Blue Ocean Plugin 1.25.3 and earlier does not perform a permission check in several HTTP endpoints, allowing attackers with Overall/Read permission to connect to an attacker-specified HTTP server.
6.5 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:3198
A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code execution (RCE) and unintentional contact with untrusted remote servers.
9.8 (Critical)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:3198
Workaround
This flaw may be avoided by ensuring that any external inputs used with the Commons-Text lookup methods are sanitized properly. Untrusted input should always be thoroughly sanitized before using in any potentially risky situations.
A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and confidentiality of Jenkins.
9.9 (Critical)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:3198
A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and confidentiality of Jenkins.
9.9 (Critical)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:3198
A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and confidentiality of Jenkins.
9.9 (Critical)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:3198
A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and confidentiality of Jenkins.
9.9 (Critical)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:3198
A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and confidentiality of Jenkins.
9.9 (Critical)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:3198
A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and confidentiality of Jenkins.
9.9 (Critical)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:3198
A cross-site request forgery (CSRF) vulnerability was found in a Jenkins plugin. This issue may allow an unauthenticated attacker to access Jenkins builds, bypassing CSRF protections. This could compromise the integrity, availability, and confidentiality of Jenkins.
8.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:3198
A Cross-site request forgery (CSRF) vulnerability was found in a Jenkins plugin. This issue may allow an authenticated attacker to access Jenkins builds, bypassing CSRF protections.
5.7 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:3198
A Cross-site scripting (XSS) vulnerability was found in a Jenkins plugin. This issue may allow an authenticated remote attacker to create Pipelines.
5.4 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:3198
A flaw was found in Apache MINA SSHD, when using Java deserialization to load a serialized java.security.PrivateKey. An attacker could benefit from unsafe deserialization by inserting unsecured data that may affect the application or server.
9.8 (Critical)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:3198
Workaround
From the maintainer:
For Apache MINA SSHD <= 2.9.1, do not use org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to generate and later load your server's host key. Use separately generated host key files, for instance in OpenSSH format, and load them via a org.apache.sshd.common.keyprovider.FileKeyPairProvider instead. Or use a custom implementation instead of
SimpleGeneratorHostKeyProvider that uses the OpenSSH format for storing and loading the host key (via classes OpenSSHKeyPairResourceWriter and OpenSSHKeyPairResourceParser).
A flaw was found in the script-security Jenkins Plugin. In affected versions of the script-security plugin, property assignments performed implicitly by the Groovy language runtime when invoking map constructors were not intercepted by the sandbox. This vulnerability allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM.
8.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:3198
A flaw was found in the Jenkins JUnit plugin. The affected versions of the JUnit Plugin do not escape test case class names in JavaScript expressions, resulting in a stored cross-site scripting (XSS) vulnerability. This may allow an attacker to control test case class names in the JUnit resources processed by the plugin.
5.4 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:3198
A flaw was found in the Jenkins pipeline-build-step plugin. Affected versions of the pipeline-build-step plugin do not escape job names in a JavaScript expression used in the Pipeline Snippet Generator. This can result in a stored cross-site scripting (XSS) vulnerability that may allow attackers to control job names.
5.4 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:3198
A flaw was found in Jenkins. When triggering a build from the Jenkins CLI, Jenkins creates a temporary file on the controller if a file parameter is provided through the CLI’s standard input. Affected versions of Jenkins create this temporary file in the default temporary directory with the default permissions for newly created files. If these permissions are overly permissive, they may allow attackers with access to the Jenkins controller file system to read and write the file before it is used in the build.
4.4 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:3198
A flaw was found in Jenkins. The affected version of Jenkins prints an error stack trace on agent-related pages when agent connections are broken. This stack trace may contain information about Jenkins configuration that is otherwise inaccessible to attackers.
5.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:3198
References
| URL | Category | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for jenkins and jenkins-2-plugins is now available for OpenShift Developer Tools and Services for OCP 4.11.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron.\n\nSecurity Fix(es):\n\n* apache-commons-text: variable interpolation RCE (CVE-2022-42889)\n\n* jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin (CVE-2022-43401)\n\n* jenkins-plugin/workflow-cps: Sandbox bypass vulnerabilities in Pipeline: Groovy Plugin (CVE-2022-43402)\n\n* jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin (CVE-2022-43403)\n\n* jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin (CVE-2022-43404)\n\n* jenkins-plugin/pipeline-groovy-lib: Sandbox bypass vulnerability in Pipeline: Groovy Libraries Plugin (CVE-2022-43405)\n\n* jenkins-plugin/workflow-cps-global-lib: Sandbox bypass vulnerability in Pipeline: Deprecated Groovy Libraries Plugin (CVE-2022-43406)\n\n* maven: Block repositories using http by default (CVE-2021-26291)\n\n* SnakeYaml: Constructor Deserialization Remote Code Execution (CVE-2022-1471)\n\n* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)\n\n* maven-shared-utils: Command injection via Commandline class (CVE-2022-29599)\n\n* jenkins-plugin/pipeline-input-step: CSRF protection for any URL can be bypassed in Pipeline: Input Step Plugin (CVE-2022-43407)\n\n* mina-sshd: Java unsafe deserialization vulnerability (CVE-2022-45047)\n\n* jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin (CVE-2023-24422)\n\n* Jenkins plugin: CSRF vulnerability in Blue Ocean Plugin (CVE-2022-30953)\n\n* Jenkins plugin: missing permission checks in Blue Ocean Plugin (CVE-2022-30954)\n\n* jenkins-plugin/pipeline-stage-view: CSRF protection for any URL can be bypassed in Pipeline: Stage View Plugin (CVE-2022-43408)\n\n* jenkins-plugin/workflow-support: Stored XSS vulnerability in Pipeline: Supporting APIs Plugin (CVE-2022-43409)\n\n* jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin (CVE-2023-25761)\n\n* jenkins-2-plugins/pipeline-build-step: Stored XSS vulnerability in Pipeline: Build Step Plugin (CVE-2023-25762)\n\n* Jenkins: Temporary file parameter created with insecure permissions (CVE-2023-27903)\n\n* Jenkins: Information disclosure through error stack traces related to agents (CVE-2023-27904)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:3198",
"url": "https://access.redhat.com/errata/RHSA-2023:3198"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "https://docs.openshift.com/container-platform/4.11/cicd/jenkins/important-changes-to-openshift-jenkins-images.html",
"url": "https://docs.openshift.com/container-platform/4.11/cicd/jenkins/important-changes-to-openshift-jenkins-images.html"
},
{
"category": "external",
"summary": "1955739",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1955739"
},
{
"category": "external",
"summary": "2066479",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066479"
},
{
"category": "external",
"summary": "2119646",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119646"
},
{
"category": "external",
"summary": "2119647",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119647"
},
{
"category": "external",
"summary": "2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "2135435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135435"
},
{
"category": "external",
"summary": "2136370",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136370"
},
{
"category": "external",
"summary": "2136374",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136374"
},
{
"category": "external",
"summary": "2136379",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136379"
},
{
"category": "external",
"summary": "2136381",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136381"
},
{
"category": "external",
"summary": "2136382",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136382"
},
{
"category": "external",
"summary": "2136383",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136383"
},
{
"category": "external",
"summary": "2136386",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136386"
},
{
"category": "external",
"summary": "2136388",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136388"
},
{
"category": "external",
"summary": "2136391",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136391"
},
{
"category": "external",
"summary": "2145194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
},
{
"category": "external",
"summary": "2150009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150009"
},
{
"category": "external",
"summary": "2164278",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164278"
},
{
"category": "external",
"summary": "2170039",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170039"
},
{
"category": "external",
"summary": "2170041",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170041"
},
{
"category": "external",
"summary": "2177632",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177632"
},
{
"category": "external",
"summary": "2177634",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177634"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_3198.json"
}
],
"title": "Red Hat Security Advisory: jenkins and jenkins-2-plugins security update",
"tracking": {
"current_release_date": "2024-12-17T23:03:11+00:00",
"generator": {
"date": "2024-12-17T23:03:11+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2023:3198",
"initial_release_date": "2023-05-17T17:53:04+00:00",
"revision_history": [
{
"date": "2023-05-17T17:53:04+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-05-17T17:53:04+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-17T23:03:11+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenShift Developer Tools and Services for OCP 4.11 for RHEL 8",
"product": {
"name": "OpenShift Developer Tools and Services for OCP 4.11 for RHEL 8",
"product_id": "8Base-OCP-Tools-4.11",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ocp_tools:4.11::el8"
}
}
}
],
"category": "product_family",
"name": "OpenShift Jenkins"
},
{
"branches": [
{
"category": "product_version",
"name": "jenkins-0:2.387.1.1683009763-3.el8.src",
"product": {
"name": "jenkins-0:2.387.1.1683009763-3.el8.src",
"product_id": "jenkins-0:2.387.1.1683009763-3.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins@2.387.1.1683009763-3.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "jenkins-2-plugins-0:4.11.1683009941-1.el8.src",
"product": {
"name": "jenkins-2-plugins-0:4.11.1683009941-1.el8.src",
"product_id": "jenkins-2-plugins-0:4.11.1683009941-1.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins-2-plugins@4.11.1683009941-1.el8?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "jenkins-0:2.387.1.1683009763-3.el8.noarch",
"product": {
"name": "jenkins-0:2.387.1.1683009763-3.el8.noarch",
"product_id": "jenkins-0:2.387.1.1683009763-3.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins@2.387.1.1683009763-3.el8?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"product": {
"name": "jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"product_id": "jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins-2-plugins@4.11.1683009941-1.el8?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-0:2.387.1.1683009763-3.el8.noarch as a component of OpenShift Developer Tools and Services for OCP 4.11 for RHEL 8",
"product_id": "8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch"
},
"product_reference": "jenkins-0:2.387.1.1683009763-3.el8.noarch",
"relates_to_product_reference": "8Base-OCP-Tools-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-0:2.387.1.1683009763-3.el8.src as a component of OpenShift Developer Tools and Services for OCP 4.11 for RHEL 8",
"product_id": "8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
},
"product_reference": "jenkins-0:2.387.1.1683009763-3.el8.src",
"relates_to_product_reference": "8Base-OCP-Tools-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch as a component of OpenShift Developer Tools and Services for OCP 4.11 for RHEL 8",
"product_id": "8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch"
},
"product_reference": "jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"relates_to_product_reference": "8Base-OCP-Tools-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-2-plugins-0:4.11.1683009941-1.el8.src as a component of OpenShift Developer Tools and Services for OCP 4.11 for RHEL 8",
"product_id": "8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
},
"product_reference": "jenkins-2-plugins-0:4.11.1683009941-1.el8.src",
"relates_to_product_reference": "8Base-OCP-Tools-4.11"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-26291",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-04-23T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1955739"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in maven. Repositories that are defined in a dependency\u2019s Project Object Model (pom), which may be unknown to users, are used by default resulting in potential risk if a malicious actor takes over that repository or is able to insert themselves into a position to pretend to be that repository. The highest threat from this vulnerability is to data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "maven: Block repositories using http by default",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-26291"
},
{
"category": "external",
"summary": "RHBZ#1955739",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1955739"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-26291",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26291"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-26291",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-26291"
},
{
"category": "external",
"summary": "https://maven.apache.org/docs/3.8.1/release-notes.html#cve-2021-26291",
"url": "https://maven.apache.org/docs/3.8.1/release-notes.html#cve-2021-26291"
}
],
"release_date": "2021-04-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-17T17:53:04+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3198"
},
{
"category": "workaround",
"details": "To avoid possible man-in-the-middle related attacks with this flaw, ensure any linked repositories in maven POMs use https and not http.",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "maven: Block repositories using http by default"
},
{
"cve": "CVE-2022-1471",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-12-01T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2150009"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the SnakeYaml package. This flaw allows an attacker to benefit from remote code execution by sending malicious YAML content and this content being deserialized by the constructor. Deserialization is unsafe and leads to Remote Code Execution (RCE).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "SnakeYaml: Constructor Deserialization Remote Code Execution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In the Red Hat Process Automation 7 (RHPAM) the untrusted, malicious YAML file for deserialization by the vulnerable Snakeyaml\u0027s SafeConstructor class must be provided intentionally by the RHPAM user which requires high privileges. The potential attack complexity is also high because it depends on conditions that are beyond the attacker\u0027s control. Due to that the impact for RHPAM is reduced to Low.\n\nRed Hat Fuse 7 does not expose by default any endpoint that passes incoming data/request into vulnerable Snakeyaml\u0027s Constructor class nor pass untrusted data to this class. When this class is used, it\u2019s still only used to parse internal configuration, hence the impact by this vulnerability to Red Hat Fuse 7 is reduced to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-1471"
},
{
"category": "external",
"summary": "RHBZ#2150009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-1471",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1471"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1471",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1471"
},
{
"category": "external",
"summary": "https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2",
"url": "https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2"
}
],
"release_date": "2022-10-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-17T17:53:04+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3198"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "SnakeYaml: Constructor Deserialization Remote Code Execution"
},
{
"cve": "CVE-2022-25857",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-09-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2126789"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Denial of Service due to missing nested depth limitation for collections",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For RHEL-8 it\u0027s downgraded to moderate because \"snakeyaml\" itself in RHEL 8 or RHEL-9 isn\u0027t shipped and \"prometheus-jmx-exporter\" is needed as build dependency. And it\u0027s not directly exploitable, hence severity marked as moderate.\nRed Hat Integration and AMQ products are not vulnerable to this flaw, so their severity has been lowered to moderate.\nRed Hat Single Sign-On uses snakeyaml from liquibase-core and is only used when performing migrations and would require administrator privileges to execute, hence severity marked as Low.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be present soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25857"
},
{
"category": "external",
"summary": "RHBZ#2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25857",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25857"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857"
},
{
"category": "external",
"summary": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525",
"url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525"
}
],
"release_date": "2022-08-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-17T17:53:04+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3198"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "snakeyaml: Denial of Service due to missing nested depth limitation for collections"
},
{
"cve": "CVE-2022-29599",
"cwe": {
"id": "CWE-77",
"name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
},
"discovery_date": "2022-03-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2066479"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the maven-shared-utils package. This issue allows a Command Injection due to improper escaping, allowing a shell injection attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "maven-shared-utils: Command injection via Commandline class",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite ships Candlepin component, which uses the Tomcatjss module from the RHEL AppStream repository. In turn, Tomcatjss relies on Maven, which itself depends on affected Apache Maven Shared Utils. Due to the fact that Satellite does not directly use Apache Maven Shared Utils, or expose it in its code, it is considered not affected by the flaw. Satellite customers can resolve the security warning by updating to the fixed Apache Maven Shared Utils through the updated Maven module, which is available in the RHEL 8 AppStream repository. It\u0027s worth noting that this solution applies solely to RHEL 8, which supports modules exclusively, and it is not applicable to earlier versions including RHEL 7.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-29599"
},
{
"category": "external",
"summary": "RHBZ#2066479",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066479"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-29599",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29599"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-29599",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-29599"
}
],
"release_date": "2020-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-17T17:53:04+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3198"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "maven-shared-utils: Command injection via Commandline class"
},
{
"cve": "CVE-2022-30953",
"cwe": {
"id": "CWE-352",
"name": "Cross-Site Request Forgery (CSRF)"
},
"discovery_date": "2022-08-19T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2119646"
}
],
"notes": [
{
"category": "description",
"text": "A cross-site request forgery (CSRF) vulnerability in Jenkins Blue Ocean Plugin 1.25.3 and earlier allows attackers to connect to an attacker-specified HTTP server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "plugin: CSRF vulnerability in Blue Ocean Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-30953"
},
{
"category": "external",
"summary": "RHBZ#2119646",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119646"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-30953",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30953"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-30953",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30953"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-05-17/#SECURITY-2502",
"url": "https://www.jenkins.io/security/advisory/2022-05-17/#SECURITY-2502"
}
],
"release_date": "2022-05-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-17T17:53:04+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3198"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "plugin: CSRF vulnerability in Blue Ocean Plugin"
},
{
"cve": "CVE-2022-30954",
"cwe": {
"id": "CWE-862",
"name": "Missing Authorization"
},
"discovery_date": "2022-08-19T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2119647"
}
],
"notes": [
{
"category": "description",
"text": "Jenkins Blue Ocean Plugin 1.25.3 and earlier does not perform a permission check in several HTTP endpoints, allowing attackers with Overall/Read permission to connect to an attacker-specified HTTP server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "plugin: missing permission checks in Blue Ocean Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-30954"
},
{
"category": "external",
"summary": "RHBZ#2119647",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119647"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-30954",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30954"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-30954",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30954"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-05-17/#SECURITY-2502",
"url": "https://www.jenkins.io/security/advisory/2022-05-17/#SECURITY-2502"
}
],
"release_date": "2022-05-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-17T17:53:04+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3198"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "plugin: missing permission checks in Blue Ocean Plugin"
},
{
"cve": "CVE-2022-42889",
"cwe": {
"id": "CWE-1188",
"name": "Initialization of a Resource with an Insecure Default"
},
"discovery_date": "2022-10-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135435"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code execution (RCE) and unintentional contact with untrusted remote servers.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-commons-text: variable interpolation RCE",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In order to carry successful exploitation of this vulnerability, the following conditions must be in place on the affected target:\n - Usage of specific methods that interpolate the variables as described in the flaw\n - Usage of external input for those methods\n - Usage of that external input has to be unsanitized/no \"allow list\"/etc.\n\nThe following products have *Low* impact because they have maven references to the affected package but do not ship it nor use the code:\n- Red Hat EAP Expansion Pack (EAP-XP)\n- Red Hat Camel-K\n- Red Hat Camel-Quarkus\n\nRed Hat Satellite ships Candlepin that embeds Apache Commons Text, however, it is not vulnerable to the flaw since the library has not been exposed in the product code. In Candlepin, the Commons Text is being pulled for the Liquibase and ActiveMQ Artemis libraries as a dependency. Red Hat Product Security has evaluated and rated the impact of the flaw as Low for Satellite since there was no harm identified to the confidentiality, integrity, or availability of systems.\n\n- The OCP has a *Moderate* impact because the affected library is a third-party library in the OCP jenkins-2-plugin component which reduces the possibilities of successful exploitation.\n- The OCP-4.8 is affected by this CVE and is in an extended life phase. For versions of products in the Extended Life Phase, Red Hat will provide limited ongoing technical support. No bug fixes, security fixes, hardware enablement or root-cause analysis will be available during this phase, and support will be provided on existing installations only.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42889"
},
{
"category": "external",
"summary": "RHBZ#2135435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135435"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42889",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42889"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42889",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42889"
},
{
"category": "external",
"summary": "https://blogs.apache.org/security/entry/cve-2022-42889",
"url": "https://blogs.apache.org/security/entry/cve-2022-42889"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om",
"url": "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om"
},
{
"category": "external",
"summary": "https://seclists.org/oss-sec/2022/q4/22",
"url": "https://seclists.org/oss-sec/2022/q4/22"
}
],
"release_date": "2022-10-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-17T17:53:04+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3198"
},
{
"category": "workaround",
"details": "This flaw may be avoided by ensuring that any external inputs used with the Commons-Text lookup methods are sanitized properly. Untrusted input should always be thoroughly sanitized before using in any potentially risky situations.",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache-commons-text: variable interpolation RCE"
},
{
"cve": "CVE-2022-43401",
"cwe": {
"id": "CWE-693",
"name": "Protection Mechanism Failure"
},
"discovery_date": "2022-10-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2136381"
}
],
"notes": [
{
"category": "description",
"text": "A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and confidentiality of Jenkins.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-43401"
},
{
"category": "external",
"summary": "RHBZ#2136381",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136381"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-43401",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43401"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43401",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43401"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(1)",
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(1)"
}
],
"release_date": "2022-10-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-17T17:53:04+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3198"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin"
},
{
"cve": "CVE-2022-43402",
"cwe": {
"id": "CWE-693",
"name": "Protection Mechanism Failure"
},
"discovery_date": "2022-10-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2136379"
}
],
"notes": [
{
"category": "description",
"text": "A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and confidentiality of Jenkins.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin/workflow-cps: Sandbox bypass vulnerabilities in Pipeline: Groovy Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-43402"
},
{
"category": "external",
"summary": "RHBZ#2136379",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136379"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-43402",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43402"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43402",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43402"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(1)",
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(1)"
}
],
"release_date": "2022-10-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-17T17:53:04+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3198"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "jenkins-plugin/workflow-cps: Sandbox bypass vulnerabilities in Pipeline: Groovy Plugin"
},
{
"cve": "CVE-2022-43403",
"cwe": {
"id": "CWE-693",
"name": "Protection Mechanism Failure"
},
"discovery_date": "2022-10-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2136382"
}
],
"notes": [
{
"category": "description",
"text": "A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and confidentiality of Jenkins.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-43403"
},
{
"category": "external",
"summary": "RHBZ#2136382",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136382"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-43403",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43403"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43403",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43403"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(1)",
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(1)"
}
],
"release_date": "2022-10-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-17T17:53:04+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3198"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin"
},
{
"cve": "CVE-2022-43404",
"cwe": {
"id": "CWE-693",
"name": "Protection Mechanism Failure"
},
"discovery_date": "2022-10-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2136383"
}
],
"notes": [
{
"category": "description",
"text": "A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and confidentiality of Jenkins.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-43404"
},
{
"category": "external",
"summary": "RHBZ#2136383",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136383"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-43404",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43404"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43404",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43404"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(1)",
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(1)"
}
],
"release_date": "2022-10-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-17T17:53:04+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3198"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin"
},
{
"cve": "CVE-2022-43405",
"cwe": {
"id": "CWE-693",
"name": "Protection Mechanism Failure"
},
"discovery_date": "2022-10-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2136374"
}
],
"notes": [
{
"category": "description",
"text": "A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and confidentiality of Jenkins.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin/pipeline-groovy-lib: Sandbox bypass vulnerability in Pipeline: Groovy Libraries Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-43405"
},
{
"category": "external",
"summary": "RHBZ#2136374",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136374"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-43405",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43405"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43405",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43405"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(2)",
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(2)"
}
],
"release_date": "2022-10-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-17T17:53:04+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3198"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "jenkins-plugin/pipeline-groovy-lib: Sandbox bypass vulnerability in Pipeline: Groovy Libraries Plugin"
},
{
"cve": "CVE-2022-43406",
"cwe": {
"id": "CWE-693",
"name": "Protection Mechanism Failure"
},
"discovery_date": "2022-10-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2136370"
}
],
"notes": [
{
"category": "description",
"text": "A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and confidentiality of Jenkins.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin/workflow-cps-global-lib: Sandbox bypass vulnerability in Pipeline: Deprecated Groovy Libraries Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-43406"
},
{
"category": "external",
"summary": "RHBZ#2136370",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136370"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-43406",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43406"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43406",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43406"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(2)",
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(2)"
}
],
"release_date": "2022-10-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-17T17:53:04+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3198"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "jenkins-plugin/workflow-cps-global-lib: Sandbox bypass vulnerability in Pipeline: Deprecated Groovy Libraries Plugin"
},
{
"cve": "CVE-2022-43407",
"cwe": {
"id": "CWE-838",
"name": "Inappropriate Encoding for Output Context"
},
"discovery_date": "2022-10-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2136386"
}
],
"notes": [
{
"category": "description",
"text": "A cross-site request forgery (CSRF) vulnerability was found in a Jenkins plugin. This issue may allow an unauthenticated attacker to access Jenkins builds, bypassing CSRF protections. This could compromise the integrity, availability, and confidentiality of Jenkins.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin/pipeline-input-step: CSRF protection for any URL can be bypassed in Pipeline: Input Step Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-43407"
},
{
"category": "external",
"summary": "RHBZ#2136386",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136386"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-43407",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43407"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43407",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43407"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2880",
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2880"
}
],
"release_date": "2022-10-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-17T17:53:04+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3198"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jenkins-plugin/pipeline-input-step: CSRF protection for any URL can be bypassed in Pipeline: Input Step Plugin"
},
{
"cve": "CVE-2022-43408",
"cwe": {
"id": "CWE-838",
"name": "Inappropriate Encoding for Output Context"
},
"discovery_date": "2022-10-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2136388"
}
],
"notes": [
{
"category": "description",
"text": "A Cross-site request forgery (CSRF) vulnerability was found in a Jenkins plugin. This issue may allow an authenticated attacker to access Jenkins builds, bypassing CSRF protections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin/pipeline-stage-view: CSRF protection for any URL can be bypassed in Pipeline: Stage View Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-43408"
},
{
"category": "external",
"summary": "RHBZ#2136388",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136388"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-43408",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43408"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43408",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43408"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2828",
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2828"
}
],
"release_date": "2022-10-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-17T17:53:04+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3198"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins-plugin/pipeline-stage-view: CSRF protection for any URL can be bypassed in Pipeline: Stage View Plugin"
},
{
"cve": "CVE-2022-43409",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2022-10-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2136391"
}
],
"notes": [
{
"category": "description",
"text": "A Cross-site scripting (XSS) vulnerability was found in a Jenkins plugin. This issue may allow an authenticated remote attacker to create Pipelines.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugin/workflow-support: Stored XSS vulnerability in Pipeline: Supporting APIs Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-43409"
},
{
"category": "external",
"summary": "RHBZ#2136391",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136391"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-43409",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43409"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43409",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43409"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2881",
"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2881"
}
],
"release_date": "2022-10-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-17T17:53:04+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3198"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins-plugin/workflow-support: Stored XSS vulnerability in Pipeline: Supporting APIs Plugin"
},
{
"cve": "CVE-2022-45047",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-11-23T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2145194"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache MINA SSHD, when using Java deserialization to load a serialized java.security.PrivateKey. An attacker could benefit from unsafe deserialization by inserting unsecured data that may affect the application or server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mina-sshd: Java unsafe deserialization vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Impact as High as there\u0027s a mitigation for minimizing the impact which the flaw requires org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to be impacted, which would require an external/public API for an attacker to benefit from it. \n\nRed Hat Fuse 7 and Red Hat JBoss Enterprise Application Platform 7 have a lower rate (moderate) as it\u0027s very unlikely to be exploited since those are for internal usage or use a custom implementation in their case.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45047"
},
{
"category": "external",
"summary": "RHBZ#2145194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45047",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45047"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047"
},
{
"category": "external",
"summary": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html",
"url": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html"
}
],
"release_date": "2022-11-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-17T17:53:04+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3198"
},
{
"category": "workaround",
"details": "From the maintainer:\n\nFor Apache MINA SSHD \u003c= 2.9.1, do not use org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to generate and later load your server\u0027s host key. Use separately generated host key files, for instance in OpenSSH format, and load them via a org.apache.sshd.common.keyprovider.FileKeyPairProvider instead. Or use a custom implementation instead of \nSimpleGeneratorHostKeyProvider that uses the OpenSSH format for storing and loading the host key (via classes OpenSSHKeyPairResourceWriter and OpenSSHKeyPairResourceParser).",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "mina-sshd: Java unsafe deserialization vulnerability"
},
{
"cve": "CVE-2023-24422",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2023-01-25T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2164278"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the script-security Jenkins Plugin. In affected versions of the script-security plugin, property assignments performed implicitly by the Groovy language runtime when invoking map constructors were not intercepted by the sandbox. This vulnerability allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift 3.11 is already in the ELS support model phase. The Jenkins components are out of scope of the ELS support; hence OpenShift 3.11 Jenkins component is marked in this CVE as out of support scope.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-24422"
},
{
"category": "external",
"summary": "RHBZ#2164278",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164278"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-24422",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24422"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-24422",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24422"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-01-24/#SECURITY-3016",
"url": "https://www.jenkins.io/security/advisory/2023-01-24/#SECURITY-3016"
}
],
"release_date": "2023-01-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-17T17:53:04+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3198"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin"
},
{
"cve": "CVE-2023-25761",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2023-02-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2170039"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Jenkins JUnit plugin. The affected versions of the JUnit Plugin do not escape test case class names in JavaScript expressions, resulting in a stored cross-site scripting (XSS) vulnerability. This may allow an attacker to control test case class names in the JUnit resources processed by the plugin.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift 3.11 is already in the ELS support model phase. The Jenkins components are out of scope of the ELS support, therefore, the OpenShift 3.11 Jenkins component is marked as out of support scope in this CVE.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-25761"
},
{
"category": "external",
"summary": "RHBZ#2170039",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170039"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-25761",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25761"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-25761",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25761"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-3032",
"url": "https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-3032"
}
],
"release_date": "2023-02-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-17T17:53:04+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3198"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin"
},
{
"cve": "CVE-2023-25762",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2023-02-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2170041"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Jenkins pipeline-build-step plugin. Affected versions of the pipeline-build-step plugin do not escape job names in a JavaScript expression used in the Pipeline Snippet Generator. This can result in a stored cross-site scripting (XSS) vulnerability that may allow attackers to control job names.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-2-plugins/pipeline-build-step: Stored XSS vulnerability in Pipeline: Build Step Plugin",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift 3.11 is already in the ELS support model phase. The Jenkins components are out of scope of the ELS support, therefore, the OpenShift 3.11 Jenkins component is marked as out of support scope in this CVE.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-25762"
},
{
"category": "external",
"summary": "RHBZ#2170041",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170041"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-25762",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25762"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-25762",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25762"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-3019",
"url": "https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-3019"
}
],
"release_date": "2023-02-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-17T17:53:04+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3198"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins-2-plugins/pipeline-build-step: Stored XSS vulnerability in Pipeline: Build Step Plugin"
},
{
"cve": "CVE-2023-27903",
"cwe": {
"id": "CWE-266",
"name": "Incorrect Privilege Assignment"
},
"discovery_date": "2023-03-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2177632"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jenkins. When triggering a build from the Jenkins CLI, Jenkins creates a temporary file on the controller if a file parameter is provided through the CLI\u2019s standard input. Affected versions of Jenkins create this temporary file in the default temporary directory with the default permissions for newly created files. If these permissions are overly permissive, they may allow attackers with access to the Jenkins controller file system to read and write the file before it is used in the build.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Jenkins: Temporary file parameter created with insecure permissions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift 3.11 is already in the ELS support model phase. The Jenkins components are out of the scope of the ELS support; hence OpenShift 3.11 Jenkins component is marked in this CVE as Out of Support Scope.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-27903"
},
{
"category": "external",
"summary": "RHBZ#2177632",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177632"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-27903",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27903"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-27903",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27903"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-03-08/#SECURITY-3058",
"url": "https://www.jenkins.io/security/advisory/2023-03-08/#SECURITY-3058"
}
],
"release_date": "2023-03-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-17T17:53:04+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3198"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "Jenkins: Temporary file parameter created with insecure permissions"
},
{
"cve": "CVE-2023-27904",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2023-03-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2177634"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jenkins. The affected version of Jenkins prints an error stack trace on agent-related pages when agent connections are broken. This stack trace may contain information about Jenkins configuration that is otherwise inaccessible to attackers.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Jenkins: Information disclosure through error stack traces related to agents",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift 3.11 is already in the ELS support model phase. The Jenkins components are out of the scope of the ELS support; hence OpenShift 3.11 Jenkins component is marked in this CVE as Out of Support Scope.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-27904"
},
{
"category": "external",
"summary": "RHBZ#2177634",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177634"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-27904",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27904"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-27904",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27904"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-03-08/#SECURITY-2120",
"url": "https://www.jenkins.io/security/advisory/2023-03-08/#SECURITY-2120"
}
],
"release_date": "2023-03-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-17T17:53:04+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3198"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-0:2.387.1.1683009763-3.el8.src",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.noarch",
"8Base-OCP-Tools-4.11:jenkins-2-plugins-0:4.11.1683009941-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "Jenkins: Information disclosure through error stack traces related to agents"
}
]
}
RHSA-2024_0778
Vulnerability from csaf_redhat - Published: 2024-02-12 10:38 - Updated: 2024-12-17 22:32Summary
Red Hat Security Advisory: Jenkins and Jenkins-2-plugins security update
Severity
Important
Notes
Topic: An update for Jenkins and Jenkins-2-plugins is now available for OpenShift Developer Tools and Services for OCP 4.12.
Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron.
Security Fix(es):
* apache-commons-text: variable interpolation RCE (CVE-2022-42889)
* google-oauth-client: missing PKCE support in accordance with the RFC for OAuth 2.0 for Native Apps can lead to improper authorization (CVE-2020-7692)
* maven: Block repositories using http by default (CVE-2021-26291)
* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)
* maven-shared-utils: Command injection via Commandline class (CVE-2022-29599)
* jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin (CVE-2023-24422)
* jenkins: Arbitrary file read vulnerability through the CLI can lead to RCE (CVE-2024-23897)
* jenkins: cross-site WebSocket hijacking (CVE-2024-23898)
* golang: go/parser: stack exhaustion in all Parse* functions (CVE-2022-1962)
* guava: insecure temporary directory creation (CVE-2023-2976)
* springframework: Spring Expression DoS Vulnerability (CVE-2023-20861)
* spring-security: Empty SecurityContext Is Not Properly Saved Upon Logout (CVE-2023-20862)
* jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin (CVE-2023-25761)
* jenkins-2-plugins/pipeline-build-step: Stored XSS vulnerability in Pipeline: Build Step Plugin (CVE-2023-25762)
* jetty-server: OutOfMemoryError for large multipart without filename read via request.getParameter() (CVE-2023-26048)
* jetty-server: Cookie parsing of quoted values can exfiltrate values from other cookies (CVE-2023-26049)
* Jenkins: Open redirect vulnerability in OpenShift Login Plugin (CVE-2023-37947)
* jetty: Improper validation of HTTP/1 content-length (CVE-2023-40167)
* jenkins-plugins: cloudbees-folder: CSRF vulnerability in Folders Plugin (CVE-2023-40337)
* jenkins-plugins: cloudbees-folder: Information disclosure in Folders Plugin (CVE-2023-40338)
* jenkins-plugins: config-file-provider: Improper masking of credentials in Config File Provider Plugin (CVE-2023-40339)
* jenkins-plugins: blueocean: CSRF vulnerability in Blue Ocean Plugin allows capturing credentials (CVE-2023-40341)
* Jenkins: Temporary file parameter created with insecure permissions (CVE-2023-27903)
* Jenkins: Information disclosure through error stack traces related to agents (CVE-2023-27904)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
PKCE support is not implemented in accordance with the RFC for OAuth 2.0 for Native Apps. Without the use of PKCE, the authorization code returned by an authorization server is not enough to guarantee that the client that issued the initial authorization request is the one that will be authorized. An attacker is able to obtain the authorization code using a malicious app on the client-side and use it to gain authorization to the protected resource. This affects the package com.google.oauth-client:google-oauth-client before 1.31.0.
7.4 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0778
A flaw was found in maven. Repositories that are defined in a dependency’s Project Object Model (pom), which may be unknown to users, are used by default resulting in potential risk if a malicious actor takes over that repository or is able to insert themselves into a position to pretend to be that repository. The highest threat from this vulnerability is to data confidentiality and integrity.
7.4 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0778
Workaround
To avoid possible man-in-the-middle related attacks with this flaw, ensure any linked repositories in maven POMs use https and not http.
A flaw was found in the golang standard library, go/parser. When calling any Parse functions on the Go source code, which contains deeply nested types or declarations, a panic can occur due to stack exhaustion. This issue allows an attacker to impact system availability.
5.5 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0778
A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.
7.5 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0778
A flaw was found in the maven-shared-utils package. This issue allows a Command Injection due to improper escaping, allowing a shell injection attack.
9.8 (Critical)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0778
A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code execution (RCE) and unintentional contact with untrusted remote servers.
9.8 (Critical)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0778
Workaround
This flaw may be avoided by ensuring that any external inputs used with the Commons-Text lookup methods are sanitized properly. Untrusted input should always be thoroughly sanitized before using in any potentially risky situations.
A flaw was found in Guava. The methodology for temporary directories and files can allow other local users or apps with accordant permissions to access the temp files, possibly leading to information exposure or tampering in the files created in the directory.
4.4 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0778
Workaround
Temp files should be created with sufficiently non-predictable names and in a secure-permissioned, dedicated temp folder.
A flaw found was found in Spring Framework. This flaw allows a malicious user to use a specially crafted SpEL expression that causes a denial of service (DoS).
5.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0778
A flaw was found in Spring Security. In affected versions of Spring Security, the logout support does not properly clean the security context if using serialized versions. Additionally, it is not possible to explicitly save an empty security context to the HttpSessionSecurityContextRepository. This vulnerability can keep users authenticated even after they performed logout.
6.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0778
A flaw was found in the script-security Jenkins Plugin. In affected versions of the script-security plugin, property assignments performed implicitly by the Groovy language runtime when invoking map constructors were not intercepted by the sandbox. This vulnerability allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM.
8.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0778
A flaw was found in the Jenkins JUnit plugin. The affected versions of the JUnit Plugin do not escape test case class names in JavaScript expressions, resulting in a stored cross-site scripting (XSS) vulnerability. This may allow an attacker to control test case class names in the JUnit resources processed by the plugin.
5.4 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0778
A flaw was found in the Jenkins pipeline-build-step plugin. Affected versions of the pipeline-build-step plugin do not escape job names in a JavaScript expression used in the Pipeline Snippet Generator. This can result in a stored cross-site scripting (XSS) vulnerability that may allow attackers to control job names.
5.4 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0778
A flaw was found in the jetty-server package. A servlet with multipart support could get an OutOfMemorryError when the client sends a part that has a name but no filename and substantial content. This flaw allows a malicious user to jeopardize the environment by leaving the JVM in an unreliable state.
5.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0778
A flaw was found in the jetty-server package. Nonstandard cookie parsing in Jetty may allow an attacker to smuggle cookies within other cookies or otherwise perform unintended behavior by tampering with the cookie parsing mechanism.
5.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0778
A flaw was found in Jenkins. When triggering a build from the Jenkins CLI, Jenkins creates a temporary file on the controller if a file parameter is provided through the CLI’s standard input. Affected versions of Jenkins create this temporary file in the default temporary directory with the default permissions for newly created files. If these permissions are overly permissive, they may allow attackers with access to the Jenkins controller file system to read and write the file before it is used in the build.
4.4 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0778
A flaw was found in Jenkins. The affected version of Jenkins prints an error stack trace on agent-related pages when agent connections are broken. This stack trace may contain information about Jenkins configuration that is otherwise inaccessible to attackers.
5.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0778
A flaw was found in the Jenkins OpenShift Login Plugin. Affected versions of this plugin could allow a remote attacker to conduct phishing attacks caused by an open redirect vulnerability. An attacker can use a specially crafted URL to redirect a victim to arbitrary web sites.
4.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0778
A flaw was found in Jetty that permits a plus sign (+) preceding the content-length value in a HTTP/1 header field, which is non-standard and more permissive than RFC. This issue could allow an attacker to request smuggling in conjunction with a server that does not close connections after 400 responses.
5.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0778
A flaw was found in the Jenkins Folders plugin. Affected versions of this plugin allow attackers to copy a view inside a folder.
4.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0778
A flaw was found in the Jenkins Folders plugin. Affected versions of this plugin display an error message that includes an absolute path of a log file when attempting to access the Scan Organization Folder Log if no logs are available. This flaw exposes information about the Jenkins controller file system.
4.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0778
A flaw was found in the Config File Provider Jenkins Plugin. Affected versions of this plugin do not mask (replace with asterisks) credentials specified in configuration files when they're written to the build log.
7.5 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0778
A flaw was found in the blueocean Jenkins plugin. Affected versions of this plugin allow attackers to connect to an attacker-specified URL, capturing GitHub credentials associated with an attacker-specified job.
5.4 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0778
A flaw was found in Jenkins, which uses the args4j library to parse command arguments and options on the Jenkins controller when processing CLI commands. This command parser has a feature that replaces the "@" character followed by a file path in an argument with the file’s contents (expandAtFiles). This feature is enabled by default; Jenkins 2.441 and earlier as well as LTS 2.426.2 and earlier do not disable it.
9.8 (Critical)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0778
Workaround
Disabling access to the CLI is expected to prevent exploitation completely. Doing so is strongly recommended to administrators unable to immediately update to Jenkins 2.442, LTS 2.426.3 or LTS 2.440.1. Applying this workaround does not require a Jenkins restart.
A flaw was found in Jenkins where websocket access to the CLI does not perform origin validation of requests when they are made through the websocket endpoint.
8.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:0778
References
| URL | Category | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for Jenkins and Jenkins-2-plugins is now available for OpenShift Developer Tools and Services for OCP 4.12.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron.\n\nSecurity Fix(es):\n\n* apache-commons-text: variable interpolation RCE (CVE-2022-42889)\n\n* google-oauth-client: missing PKCE support in accordance with the RFC for OAuth 2.0 for Native Apps can lead to improper authorization (CVE-2020-7692)\n\n* maven: Block repositories using http by default (CVE-2021-26291)\n\n* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)\n\n* maven-shared-utils: Command injection via Commandline class (CVE-2022-29599)\n\n* jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin (CVE-2023-24422)\n\n* jenkins: Arbitrary file read vulnerability through the CLI can lead to RCE (CVE-2024-23897)\n\n* jenkins: cross-site WebSocket hijacking (CVE-2024-23898)\n\n* golang: go/parser: stack exhaustion in all Parse* functions (CVE-2022-1962)\n\n* guava: insecure temporary directory creation (CVE-2023-2976)\n\n* springframework: Spring Expression DoS Vulnerability (CVE-2023-20861)\n\n* spring-security: Empty SecurityContext Is Not Properly Saved Upon Logout (CVE-2023-20862)\n\n* jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin (CVE-2023-25761)\n\n* jenkins-2-plugins/pipeline-build-step: Stored XSS vulnerability in Pipeline: Build Step Plugin (CVE-2023-25762)\n\n* jetty-server: OutOfMemoryError for large multipart without filename read via request.getParameter() (CVE-2023-26048)\n\n* jetty-server: Cookie parsing of quoted values can exfiltrate values from other cookies (CVE-2023-26049)\n\n* Jenkins: Open redirect vulnerability in OpenShift Login Plugin (CVE-2023-37947)\n\n* jetty: Improper validation of HTTP/1 content-length (CVE-2023-40167)\n\n* jenkins-plugins: cloudbees-folder: CSRF vulnerability in Folders Plugin (CVE-2023-40337)\n\n* jenkins-plugins: cloudbees-folder: Information disclosure in Folders Plugin (CVE-2023-40338)\n\n* jenkins-plugins: config-file-provider: Improper masking of credentials in Config File Provider Plugin (CVE-2023-40339)\n\n* jenkins-plugins: blueocean: CSRF vulnerability in Blue Ocean Plugin allows capturing credentials (CVE-2023-40341)\n\n* Jenkins: Temporary file parameter created with insecure permissions (CVE-2023-27903)\n\n* Jenkins: Information disclosure through error stack traces related to agents (CVE-2023-27904)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:0778",
"url": "https://access.redhat.com/errata/RHSA-2024:0778"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1856376",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1856376"
},
{
"category": "external",
"summary": "1955739",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1955739"
},
{
"category": "external",
"summary": "2066479",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066479"
},
{
"category": "external",
"summary": "2107376",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107376"
},
{
"category": "external",
"summary": "2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "2135435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135435"
},
{
"category": "external",
"summary": "2164278",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164278"
},
{
"category": "external",
"summary": "2170039",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170039"
},
{
"category": "external",
"summary": "2170041",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170041"
},
{
"category": "external",
"summary": "2177632",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177632"
},
{
"category": "external",
"summary": "2177634",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177634"
},
{
"category": "external",
"summary": "2180530",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2180530"
},
{
"category": "external",
"summary": "2215229",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215229"
},
{
"category": "external",
"summary": "2222710",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222710"
},
{
"category": "external",
"summary": "2227788",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2227788"
},
{
"category": "external",
"summary": "2232422",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2232422"
},
{
"category": "external",
"summary": "2232423",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2232423"
},
{
"category": "external",
"summary": "2232425",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2232425"
},
{
"category": "external",
"summary": "2232426",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2232426"
},
{
"category": "external",
"summary": "2236340",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236340"
},
{
"category": "external",
"summary": "2236341",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236341"
},
{
"category": "external",
"summary": "2239634",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239634"
},
{
"category": "external",
"summary": "2260180",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2260180"
},
{
"category": "external",
"summary": "2260182",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2260182"
},
{
"category": "external",
"summary": "JKNS-271",
"url": "https://issues.redhat.com/browse/JKNS-271"
},
{
"category": "external",
"summary": "JKNS-289",
"url": "https://issues.redhat.com/browse/JKNS-289"
},
{
"category": "external",
"summary": "OCPBUGS-10976",
"url": "https://issues.redhat.com/browse/OCPBUGS-10976"
},
{
"category": "external",
"summary": "OCPBUGS-11158",
"url": "https://issues.redhat.com/browse/OCPBUGS-11158"
},
{
"category": "external",
"summary": "OCPBUGS-11348",
"url": "https://issues.redhat.com/browse/OCPBUGS-11348"
},
{
"category": "external",
"summary": "OCPBUGS-1357",
"url": "https://issues.redhat.com/browse/OCPBUGS-1357"
},
{
"category": "external",
"summary": "OCPBUGS-13652",
"url": "https://issues.redhat.com/browse/OCPBUGS-13652"
},
{
"category": "external",
"summary": "OCPBUGS-13901",
"url": "https://issues.redhat.com/browse/OCPBUGS-13901"
},
{
"category": "external",
"summary": "OCPBUGS-14113",
"url": "https://issues.redhat.com/browse/OCPBUGS-14113"
},
{
"category": "external",
"summary": "OCPBUGS-14393",
"url": "https://issues.redhat.com/browse/OCPBUGS-14393"
},
{
"category": "external",
"summary": "OCPBUGS-14642",
"url": "https://issues.redhat.com/browse/OCPBUGS-14642"
},
{
"category": "external",
"summary": "OCPBUGS-15648",
"url": "https://issues.redhat.com/browse/OCPBUGS-15648"
},
{
"category": "external",
"summary": "OCPBUGS-1709",
"url": "https://issues.redhat.com/browse/OCPBUGS-1709"
},
{
"category": "external",
"summary": "OCPBUGS-1942",
"url": "https://issues.redhat.com/browse/OCPBUGS-1942"
},
{
"category": "external",
"summary": "OCPBUGS-2099",
"url": "https://issues.redhat.com/browse/OCPBUGS-2099"
},
{
"category": "external",
"summary": "OCPBUGS-2184",
"url": "https://issues.redhat.com/browse/OCPBUGS-2184"
},
{
"category": "external",
"summary": "OCPBUGS-2318",
"url": "https://issues.redhat.com/browse/OCPBUGS-2318"
},
{
"category": "external",
"summary": "OCPBUGS-27391",
"url": "https://issues.redhat.com/browse/OCPBUGS-27391"
},
{
"category": "external",
"summary": "OCPBUGS-3692",
"url": "https://issues.redhat.com/browse/OCPBUGS-3692"
},
{
"category": "external",
"summary": "OCPBUGS-4819",
"url": "https://issues.redhat.com/browse/OCPBUGS-4819"
},
{
"category": "external",
"summary": "OCPBUGS-4833",
"url": "https://issues.redhat.com/browse/OCPBUGS-4833"
},
{
"category": "external",
"summary": "OCPBUGS-655",
"url": "https://issues.redhat.com/browse/OCPBUGS-655"
},
{
"category": "external",
"summary": "OCPBUGS-6632",
"url": "https://issues.redhat.com/browse/OCPBUGS-6632"
},
{
"category": "external",
"summary": "OCPBUGS-6982",
"url": "https://issues.redhat.com/browse/OCPBUGS-6982"
},
{
"category": "external",
"summary": "OCPBUGS-7016",
"url": "https://issues.redhat.com/browse/OCPBUGS-7016"
},
{
"category": "external",
"summary": "OCPBUGS-7050",
"url": "https://issues.redhat.com/browse/OCPBUGS-7050"
},
{
"category": "external",
"summary": "OCPBUGS-710",
"url": "https://issues.redhat.com/browse/OCPBUGS-710"
},
{
"category": "external",
"summary": "OCPBUGS-8420",
"url": "https://issues.redhat.com/browse/OCPBUGS-8420"
},
{
"category": "external",
"summary": "OCPBUGS-8497",
"url": "https://issues.redhat.com/browse/OCPBUGS-8497"
},
{
"category": "external",
"summary": "OCPTOOLS-246",
"url": "https://issues.redhat.com/browse/OCPTOOLS-246"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_0778.json"
}
],
"title": "Red Hat Security Advisory: Jenkins and Jenkins-2-plugins security update",
"tracking": {
"current_release_date": "2024-12-17T22:32:55+00:00",
"generator": {
"date": "2024-12-17T22:32:55+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2024:0778",
"initial_release_date": "2024-02-12T10:38:58+00:00",
"revision_history": [
{
"date": "2024-02-12T10:38:58+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-02-12T10:38:58+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-17T22:32:55+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenShift Developer Tools and Services for OCP 4.12",
"product": {
"name": "OpenShift Developer Tools and Services for OCP 4.12",
"product_id": "8Base-OCP-Tools-4.12",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ocp_tools:4.12::el8"
}
}
}
],
"category": "product_family",
"name": "OpenShift Jenkins"
},
{
"branches": [
{
"category": "product_version",
"name": "jenkins-0:2.426.3.1706515686-3.el8.src",
"product": {
"name": "jenkins-0:2.426.3.1706515686-3.el8.src",
"product_id": "jenkins-0:2.426.3.1706515686-3.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins@2.426.3.1706515686-3.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "jenkins-2-plugins-0:4.12.1706515741-1.el8.src",
"product": {
"name": "jenkins-2-plugins-0:4.12.1706515741-1.el8.src",
"product_id": "jenkins-2-plugins-0:4.12.1706515741-1.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins-2-plugins@4.12.1706515741-1.el8?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "jenkins-0:2.426.3.1706515686-3.el8.noarch",
"product": {
"name": "jenkins-0:2.426.3.1706515686-3.el8.noarch",
"product_id": "jenkins-0:2.426.3.1706515686-3.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins@2.426.3.1706515686-3.el8?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"product": {
"name": "jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"product_id": "jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins-2-plugins@4.12.1706515741-1.el8?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-0:2.426.3.1706515686-3.el8.noarch as a component of OpenShift Developer Tools and Services for OCP 4.12",
"product_id": "8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch"
},
"product_reference": "jenkins-0:2.426.3.1706515686-3.el8.noarch",
"relates_to_product_reference": "8Base-OCP-Tools-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-0:2.426.3.1706515686-3.el8.src as a component of OpenShift Developer Tools and Services for OCP 4.12",
"product_id": "8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
},
"product_reference": "jenkins-0:2.426.3.1706515686-3.el8.src",
"relates_to_product_reference": "8Base-OCP-Tools-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch as a component of OpenShift Developer Tools and Services for OCP 4.12",
"product_id": "8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch"
},
"product_reference": "jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"relates_to_product_reference": "8Base-OCP-Tools-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-2-plugins-0:4.12.1706515741-1.el8.src as a component of OpenShift Developer Tools and Services for OCP 4.12",
"product_id": "8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
},
"product_reference": "jenkins-2-plugins-0:4.12.1706515741-1.el8.src",
"relates_to_product_reference": "8Base-OCP-Tools-4.12"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-7692",
"cwe": {
"id": "CWE-358",
"name": "Improperly Implemented Security Check for Standard"
},
"discovery_date": "2020-07-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1856376"
}
],
"notes": [
{
"category": "description",
"text": "PKCE support is not implemented in accordance with the RFC for OAuth 2.0 for Native Apps. Without the use of PKCE, the authorization code returned by an authorization server is not enough to guarantee that the client that issued the initial authorization request is the one that will be authorized. An attacker is able to obtain the authorization code using a malicious app on the client-side and use it to gain authorization to the protected resource. This affects the package com.google.oauth-client:google-oauth-client before 1.31.0.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "google-oauth-client: missing PKCE support in accordance with the RFC for OAuth 2.0 for Native Apps can lead to improper authorization",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-7692"
},
{
"category": "external",
"summary": "RHBZ#1856376",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1856376"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-7692",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7692"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-7692",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7692"
}
],
"release_date": "2020-07-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:38:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0778"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "google-oauth-client: missing PKCE support in accordance with the RFC for OAuth 2.0 for Native Apps can lead to improper authorization"
},
{
"cve": "CVE-2021-26291",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-04-23T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1955739"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in maven. Repositories that are defined in a dependency\u2019s Project Object Model (pom), which may be unknown to users, are used by default resulting in potential risk if a malicious actor takes over that repository or is able to insert themselves into a position to pretend to be that repository. The highest threat from this vulnerability is to data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "maven: Block repositories using http by default",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-26291"
},
{
"category": "external",
"summary": "RHBZ#1955739",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1955739"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-26291",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26291"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-26291",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-26291"
},
{
"category": "external",
"summary": "https://maven.apache.org/docs/3.8.1/release-notes.html#cve-2021-26291",
"url": "https://maven.apache.org/docs/3.8.1/release-notes.html#cve-2021-26291"
}
],
"release_date": "2021-04-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:38:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0778"
},
{
"category": "workaround",
"details": "To avoid possible man-in-the-middle related attacks with this flaw, ensure any linked repositories in maven POMs use https and not http.",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "maven: Block repositories using http by default"
},
{
"cve": "CVE-2022-1962",
"cwe": {
"id": "CWE-1325",
"name": "Improperly Controlled Sequential Memory Allocation"
},
"discovery_date": "2022-07-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2107376"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang standard library, go/parser. When calling any Parse functions on the Go source code, which contains deeply nested types or declarations, a panic can occur due to stack exhaustion. This issue allows an attacker to impact system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: go/parser: stack exhaustion in all Parse* functions",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-1962"
},
{
"category": "external",
"summary": "RHBZ#2107376",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107376"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-1962",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1962"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1962",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1962"
},
{
"category": "external",
"summary": "https://go.dev/issue/53616",
"url": "https://go.dev/issue/53616"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE",
"url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE"
}
],
"release_date": "2022-07-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:38:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0778"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: go/parser: stack exhaustion in all Parse* functions"
},
{
"cve": "CVE-2022-25857",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-09-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2126789"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Denial of Service due to missing nested depth limitation for collections",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For RHEL-8 it\u0027s downgraded to moderate because \"snakeyaml\" itself in RHEL 8 or RHEL-9 isn\u0027t shipped and \"prometheus-jmx-exporter\" is needed as build dependency. And it\u0027s not directly exploitable, hence severity marked as moderate.\nRed Hat Integration and AMQ products are not vulnerable to this flaw, so their severity has been lowered to moderate.\nRed Hat Single Sign-On uses snakeyaml from liquibase-core and is only used when performing migrations and would require administrator privileges to execute, hence severity marked as Low.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be present soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25857"
},
{
"category": "external",
"summary": "RHBZ#2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25857",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25857"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857"
},
{
"category": "external",
"summary": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525",
"url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525"
}
],
"release_date": "2022-08-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:38:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0778"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "snakeyaml: Denial of Service due to missing nested depth limitation for collections"
},
{
"cve": "CVE-2022-29599",
"cwe": {
"id": "CWE-77",
"name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
},
"discovery_date": "2022-03-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2066479"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the maven-shared-utils package. This issue allows a Command Injection due to improper escaping, allowing a shell injection attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "maven-shared-utils: Command injection via Commandline class",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite ships Candlepin component, which uses the Tomcatjss module from the RHEL AppStream repository. In turn, Tomcatjss relies on Maven, which itself depends on affected Apache Maven Shared Utils. Due to the fact that Satellite does not directly use Apache Maven Shared Utils, or expose it in its code, it is considered not affected by the flaw. Satellite customers can resolve the security warning by updating to the fixed Apache Maven Shared Utils through the updated Maven module, which is available in the RHEL 8 AppStream repository. It\u0027s worth noting that this solution applies solely to RHEL 8, which supports modules exclusively, and it is not applicable to earlier versions including RHEL 7.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-29599"
},
{
"category": "external",
"summary": "RHBZ#2066479",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066479"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-29599",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29599"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-29599",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-29599"
}
],
"release_date": "2020-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:38:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0778"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "maven-shared-utils: Command injection via Commandline class"
},
{
"cve": "CVE-2022-42889",
"cwe": {
"id": "CWE-1188",
"name": "Initialization of a Resource with an Insecure Default"
},
"discovery_date": "2022-10-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135435"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code execution (RCE) and unintentional contact with untrusted remote servers.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-commons-text: variable interpolation RCE",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In order to carry successful exploitation of this vulnerability, the following conditions must be in place on the affected target:\n - Usage of specific methods that interpolate the variables as described in the flaw\n - Usage of external input for those methods\n - Usage of that external input has to be unsanitized/no \"allow list\"/etc.\n\nThe following products have *Low* impact because they have maven references to the affected package but do not ship it nor use the code:\n- Red Hat EAP Expansion Pack (EAP-XP)\n- Red Hat Camel-K\n- Red Hat Camel-Quarkus\n\nRed Hat Satellite ships Candlepin that embeds Apache Commons Text, however, it is not vulnerable to the flaw since the library has not been exposed in the product code. In Candlepin, the Commons Text is being pulled for the Liquibase and ActiveMQ Artemis libraries as a dependency. Red Hat Product Security has evaluated and rated the impact of the flaw as Low for Satellite since there was no harm identified to the confidentiality, integrity, or availability of systems.\n\n- The OCP has a *Moderate* impact because the affected library is a third-party library in the OCP jenkins-2-plugin component which reduces the possibilities of successful exploitation.\n- The OCP-4.8 is affected by this CVE and is in an extended life phase. For versions of products in the Extended Life Phase, Red Hat will provide limited ongoing technical support. No bug fixes, security fixes, hardware enablement or root-cause analysis will be available during this phase, and support will be provided on existing installations only.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42889"
},
{
"category": "external",
"summary": "RHBZ#2135435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135435"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42889",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42889"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42889",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42889"
},
{
"category": "external",
"summary": "https://blogs.apache.org/security/entry/cve-2022-42889",
"url": "https://blogs.apache.org/security/entry/cve-2022-42889"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om",
"url": "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om"
},
{
"category": "external",
"summary": "https://seclists.org/oss-sec/2022/q4/22",
"url": "https://seclists.org/oss-sec/2022/q4/22"
}
],
"release_date": "2022-10-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:38:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0778"
},
{
"category": "workaround",
"details": "This flaw may be avoided by ensuring that any external inputs used with the Commons-Text lookup methods are sanitized properly. Untrusted input should always be thoroughly sanitized before using in any potentially risky situations.",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache-commons-text: variable interpolation RCE"
},
{
"cve": "CVE-2023-2976",
"cwe": {
"id": "CWE-552",
"name": "Files or Directories Accessible to External Parties"
},
"discovery_date": "2023-06-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2215229"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Guava. The methodology for temporary directories and files can allow other local users or apps with accordant permissions to access the temp files, possibly leading to information exposure or tampering in the files created in the directory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "guava: insecure temporary directory creation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Single Sign-On 7 ships the affected component as a layered product of Red Hat JBoss Enterprise Application 7, and as such is affected by this flaw. However, Single Sign-On 7 does not use the affected code and is not vulnerable to exploit.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-2976"
},
{
"category": "external",
"summary": "RHBZ#2215229",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215229"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-2976",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2976"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-2976",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-2976"
}
],
"release_date": "2023-06-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:38:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0778"
},
{
"category": "workaround",
"details": "Temp files should be created with sufficiently non-predictable names and in a secure-permissioned, dedicated temp folder.",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "guava: insecure temporary directory creation"
},
{
"cve": "CVE-2023-20861",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2023-03-21T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2180530"
}
],
"notes": [
{
"category": "description",
"text": "A flaw found was found in Spring Framework. This flaw allows a malicious user to use a specially crafted SpEL expression that causes a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "springframework: Spring Expression DoS Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-20861"
},
{
"category": "external",
"summary": "RHBZ#2180530",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2180530"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-20861",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20861"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-20861",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-20861"
},
{
"category": "external",
"summary": "https://spring.io/blog/2023/03/20/spring-framework-6-0-7-and-5-3-26-fix-cve-2023-20860-and-cve-2023-20861",
"url": "https://spring.io/blog/2023/03/20/spring-framework-6-0-7-and-5-3-26-fix-cve-2023-20860-and-cve-2023-20861"
}
],
"release_date": "2023-03-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:38:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0778"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "springframework: Spring Expression DoS Vulnerability"
},
{
"cve": "CVE-2023-20862",
"cwe": {
"id": "CWE-459",
"name": "Incomplete Cleanup"
},
"discovery_date": "2023-07-31T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2227788"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Spring Security. In affected versions of Spring Security, the logout support does not properly clean the security context if using serialized versions. Additionally, it is not possible to explicitly save an empty security context to the HttpSessionSecurityContextRepository. This vulnerability can keep users authenticated even after they performed logout.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "spring-security: Empty SecurityContext Is Not Properly Saved Upon Logout",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-20862"
},
{
"category": "external",
"summary": "RHBZ#2227788",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2227788"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-20862",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20862"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-20862",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-20862"
},
{
"category": "external",
"summary": "https://spring.io/security/cve-2023-20862",
"url": "https://spring.io/security/cve-2023-20862"
}
],
"release_date": "2023-04-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:38:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0778"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "spring-security: Empty SecurityContext Is Not Properly Saved Upon Logout"
},
{
"cve": "CVE-2023-24422",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2023-01-25T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2164278"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the script-security Jenkins Plugin. In affected versions of the script-security plugin, property assignments performed implicitly by the Groovy language runtime when invoking map constructors were not intercepted by the sandbox. This vulnerability allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift 3.11 is already in the ELS support model phase. The Jenkins components are out of scope of the ELS support; hence OpenShift 3.11 Jenkins component is marked in this CVE as out of support scope.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-24422"
},
{
"category": "external",
"summary": "RHBZ#2164278",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164278"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-24422",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24422"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-24422",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24422"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-01-24/#SECURITY-3016",
"url": "https://www.jenkins.io/security/advisory/2023-01-24/#SECURITY-3016"
}
],
"release_date": "2023-01-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:38:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0778"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin"
},
{
"cve": "CVE-2023-25761",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2023-02-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2170039"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Jenkins JUnit plugin. The affected versions of the JUnit Plugin do not escape test case class names in JavaScript expressions, resulting in a stored cross-site scripting (XSS) vulnerability. This may allow an attacker to control test case class names in the JUnit resources processed by the plugin.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift 3.11 is already in the ELS support model phase. The Jenkins components are out of scope of the ELS support, therefore, the OpenShift 3.11 Jenkins component is marked as out of support scope in this CVE.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-25761"
},
{
"category": "external",
"summary": "RHBZ#2170039",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170039"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-25761",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25761"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-25761",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25761"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-3032",
"url": "https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-3032"
}
],
"release_date": "2023-02-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:38:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0778"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin"
},
{
"cve": "CVE-2023-25762",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2023-02-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2170041"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Jenkins pipeline-build-step plugin. Affected versions of the pipeline-build-step plugin do not escape job names in a JavaScript expression used in the Pipeline Snippet Generator. This can result in a stored cross-site scripting (XSS) vulnerability that may allow attackers to control job names.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-2-plugins/pipeline-build-step: Stored XSS vulnerability in Pipeline: Build Step Plugin",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift 3.11 is already in the ELS support model phase. The Jenkins components are out of scope of the ELS support, therefore, the OpenShift 3.11 Jenkins component is marked as out of support scope in this CVE.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-25762"
},
{
"category": "external",
"summary": "RHBZ#2170041",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170041"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-25762",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25762"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-25762",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25762"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-3019",
"url": "https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-3019"
}
],
"release_date": "2023-02-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:38:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0778"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins-2-plugins/pipeline-build-step: Stored XSS vulnerability in Pipeline: Build Step Plugin"
},
{
"cve": "CVE-2023-26048",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2023-08-30T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2236340"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the jetty-server package. A servlet with multipart support could get an OutOfMemorryError when the client sends a part that has a name but no filename and substantial content. This flaw allows a malicious user to jeopardize the environment by leaving the JVM in an unreliable state.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jetty-server: OutOfMemoryError for large multipart without filename read via request.getParameter()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-26048"
},
{
"category": "external",
"summary": "RHBZ#2236340",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236340"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-26048",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26048"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-26048",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-26048"
},
{
"category": "external",
"summary": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-qw69-rqj8-6qw8",
"url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-qw69-rqj8-6qw8"
}
],
"release_date": "2023-04-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:38:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0778"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jetty-server: OutOfMemoryError for large multipart without filename read via request.getParameter()"
},
{
"cve": "CVE-2023-26049",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2023-08-30T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2236341"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the jetty-server package. Nonstandard cookie parsing in Jetty may allow an attacker to smuggle cookies within other cookies or otherwise perform unintended behavior by tampering with the cookie parsing mechanism.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jetty-server: Cookie parsing of quoted values can exfiltrate values from other cookies",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-26049"
},
{
"category": "external",
"summary": "RHBZ#2236341",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236341"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-26049",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26049"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-26049",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-26049"
},
{
"category": "external",
"summary": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-p26g-97m4-6q7c",
"url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-p26g-97m4-6q7c"
}
],
"release_date": "2023-04-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:38:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0778"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jetty-server: Cookie parsing of quoted values can exfiltrate values from other cookies"
},
{
"cve": "CVE-2023-27903",
"cwe": {
"id": "CWE-266",
"name": "Incorrect Privilege Assignment"
},
"discovery_date": "2023-03-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2177632"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jenkins. When triggering a build from the Jenkins CLI, Jenkins creates a temporary file on the controller if a file parameter is provided through the CLI\u2019s standard input. Affected versions of Jenkins create this temporary file in the default temporary directory with the default permissions for newly created files. If these permissions are overly permissive, they may allow attackers with access to the Jenkins controller file system to read and write the file before it is used in the build.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Jenkins: Temporary file parameter created with insecure permissions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift 3.11 is already in the ELS support model phase. The Jenkins components are out of the scope of the ELS support; hence OpenShift 3.11 Jenkins component is marked in this CVE as Out of Support Scope.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-27903"
},
{
"category": "external",
"summary": "RHBZ#2177632",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177632"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-27903",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27903"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-27903",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27903"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-03-08/#SECURITY-3058",
"url": "https://www.jenkins.io/security/advisory/2023-03-08/#SECURITY-3058"
}
],
"release_date": "2023-03-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:38:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0778"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "Jenkins: Temporary file parameter created with insecure permissions"
},
{
"cve": "CVE-2023-27904",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2023-03-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2177634"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jenkins. The affected version of Jenkins prints an error stack trace on agent-related pages when agent connections are broken. This stack trace may contain information about Jenkins configuration that is otherwise inaccessible to attackers.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Jenkins: Information disclosure through error stack traces related to agents",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift 3.11 is already in the ELS support model phase. The Jenkins components are out of the scope of the ELS support; hence OpenShift 3.11 Jenkins component is marked in this CVE as Out of Support Scope.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-27904"
},
{
"category": "external",
"summary": "RHBZ#2177634",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177634"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-27904",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27904"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-27904",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27904"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-03-08/#SECURITY-2120",
"url": "https://www.jenkins.io/security/advisory/2023-03-08/#SECURITY-2120"
}
],
"release_date": "2023-03-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:38:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0778"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "Jenkins: Information disclosure through error stack traces related to agents"
},
{
"cve": "CVE-2023-37947",
"cwe": {
"id": "CWE-601",
"name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
},
"discovery_date": "2023-07-12T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2222710"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Jenkins OpenShift Login Plugin. Affected versions of this plugin could allow a remote attacker to conduct phishing attacks caused by an open redirect vulnerability. An attacker can use a specially crafted URL to redirect a victim to arbitrary web sites.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Jenkins: Open redirect vulnerability in OpenShift Login Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-37947"
},
{
"category": "external",
"summary": "RHBZ#2222710",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222710"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-37947",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-37947"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-37947",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-37947"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-07-12/#SECURITY-2999",
"url": "https://www.jenkins.io/security/advisory/2023-07-12/#SECURITY-2999"
}
],
"release_date": "2023-07-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:38:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0778"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Jenkins: Open redirect vulnerability in OpenShift Login Plugin"
},
{
"cve": "CVE-2023-40167",
"cwe": {
"id": "CWE-130",
"name": "Improper Handling of Length Parameter Inconsistency"
},
"discovery_date": "2023-09-19T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2239634"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jetty that permits a plus sign (+) preceding the content-length value in a HTTP/1 header field, which is non-standard and more permissive than RFC. This issue could allow an attacker to request smuggling in conjunction with a server that does not close connections after 400 responses.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jetty: Improper validation of HTTP/1 content-length",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-40167"
},
{
"category": "external",
"summary": "RHBZ#2239634",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239634"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-40167",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40167"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-40167",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-40167"
},
{
"category": "external",
"summary": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-hmr7-m48g-48f6",
"url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-hmr7-m48g-48f6"
},
{
"category": "external",
"summary": "https://www.rfc-editor.org/rfc/rfc9110#section-8.6",
"url": "https://www.rfc-editor.org/rfc/rfc9110#section-8.6"
}
],
"release_date": "2023-09-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:38:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0778"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jetty: Improper validation of HTTP/1 content-length"
},
{
"cve": "CVE-2023-40337",
"cwe": {
"id": "CWE-352",
"name": "Cross-Site Request Forgery (CSRF)"
},
"discovery_date": "2023-08-16T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2232425"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Jenkins Folders plugin. Affected versions of this plugin allow attackers to copy a view inside a folder.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugins: cloudbees-folder: CSRF vulnerability in Folders Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-40337"
},
{
"category": "external",
"summary": "RHBZ#2232425",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2232425"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-40337",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40337"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-40337",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-40337"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3105",
"url": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3105"
}
],
"release_date": "2023-08-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:38:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0778"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins-plugins: cloudbees-folder: CSRF vulnerability in Folders Plugin"
},
{
"cve": "CVE-2023-40338",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2023-08-16T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2232426"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Jenkins Folders plugin. Affected versions of this plugin display an error message that includes an absolute path of a log file when attempting to access the Scan Organization Folder Log if no logs are available. This flaw exposes information about the Jenkins controller file system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugins: cloudbees-folder: Information disclosure in Folders Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-40338"
},
{
"category": "external",
"summary": "RHBZ#2232426",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2232426"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-40338",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40338"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-40338",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-40338"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3109",
"url": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3109"
}
],
"release_date": "2023-08-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:38:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0778"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins-plugins: cloudbees-folder: Information disclosure in Folders Plugin"
},
{
"cve": "CVE-2023-40339",
"discovery_date": "2023-08-16T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2232423"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Config File Provider Jenkins Plugin. Affected versions of this plugin do not mask (replace with asterisks) credentials specified in configuration files when they\u0027re written to the build log.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugins: config-file-provider: Improper masking of credentials in Config File Provider Plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-40339"
},
{
"category": "external",
"summary": "RHBZ#2232423",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2232423"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-40339",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40339"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-40339",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-40339"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3090",
"url": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3090"
}
],
"release_date": "2023-08-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:38:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0778"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins-plugins: config-file-provider: Improper masking of credentials in Config File Provider Plugin"
},
{
"cve": "CVE-2023-40341",
"cwe": {
"id": "CWE-352",
"name": "Cross-Site Request Forgery (CSRF)"
},
"discovery_date": "2023-08-16T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2232422"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the blueocean Jenkins plugin. Affected versions of this plugin allow attackers to connect to an attacker-specified URL, capturing GitHub credentials associated with an attacker-specified job.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-plugins: blueocean: CSRF vulnerability in Blue Ocean Plugin allows capturing credentials",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-40341"
},
{
"category": "external",
"summary": "RHBZ#2232422",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2232422"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-40341",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40341"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-40341",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-40341"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3116",
"url": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3116"
}
],
"release_date": "2023-08-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:38:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0778"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins-plugins: blueocean: CSRF vulnerability in Blue Ocean Plugin allows capturing credentials"
},
{
"cve": "CVE-2024-23897",
"cwe": {
"id": "CWE-88",
"name": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)"
},
"discovery_date": "2024-01-24T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2260180"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jenkins, which uses the args4j library to parse command arguments and options on the Jenkins controller when processing CLI commands. This command parser has a feature that replaces the \"@\" character followed by a file path in an argument with the file\u2019s contents (expandAtFiles). This feature is enabled by default; Jenkins 2.441 and earlier as well as LTS 2.426.2 and earlier do not disable it.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins: Arbitrary file read vulnerability through the CLI can lead to RCE",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-23897"
},
{
"category": "external",
"summary": "RHBZ#2260180",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2260180"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-23897",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23897"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-23897",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23897"
},
{
"category": "external",
"summary": "http://www.openwall.com/lists/oss-security/2024/01/24/6",
"url": "http://www.openwall.com/lists/oss-security/2024/01/24/6"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2024-01-24/#SECURITY-3314",
"url": "https://www.jenkins.io/security/advisory/2024-01-24/#SECURITY-3314"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2024-01-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:38:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0778"
},
{
"category": "workaround",
"details": "Disabling access to the CLI is expected to prevent exploitation completely. Doing so is strongly recommended to administrators unable to immediately update to Jenkins 2.442, LTS 2.426.3 or LTS 2.440.1. Applying this workaround does not require a Jenkins restart.",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2024-08-19T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Critical"
}
],
"title": "jenkins: Arbitrary file read vulnerability through the CLI can lead to RCE"
},
{
"cve": "CVE-2024-23898",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-01-24T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2260182"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jenkins where websocket access to the CLI does not perform origin validation of requests when they are made through the websocket endpoint.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins: cross-site WebSocket hijacking",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
],
"known_not_affected": [
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-23898"
},
{
"category": "external",
"summary": "RHBZ#2260182",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2260182"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-23898",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23898"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-23898",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23898"
},
{
"category": "external",
"summary": "http://www.openwall.com/lists/oss-security/2024/01/24/6",
"url": "http://www.openwall.com/lists/oss-security/2024/01/24/6"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2024-01-24/#SECURITY-3315",
"url": "https://www.jenkins.io/security/advisory/2024-01-24/#SECURITY-3315"
}
],
"release_date": "2024-01-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-12T10:38:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0778"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-0:2.426.3.1706515686-3.el8.src",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.noarch",
"8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1706515741-1.el8.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jenkins: cross-site WebSocket hijacking"
}
]
}
RHSA-2023:1045
Vulnerability from csaf_redhat - Published: 2023-03-01 21:45 - Updated: 2026-04-01 18:43Summary
Red Hat Security Advisory: Red Hat Single Sign-On 7.6.2 security update on RHEL 9
Severity
Important
Notes
Topic: New Red Hat Single Sign-On 7.6.2 packages are now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.
This release of Red Hat Single Sign-On 7.6.2 on RHEL 9 serves as a replacement for Red Hat Single Sign-On 7.6.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* keycloak: XSS on impersonation under specific circumstances (CVE-2022-1438)
* Moment.js: Path traversal in moment.locale (CVE-2022-24785)
* keycloak: missing email notification template allowlist (CVE-2022-1274)
* keycloak: minimist: prototype pollution (CVE-2021-44906)
* moment: inefficient parsing algorithm resulting in DoS (CVE-2022-31129)
* undertow: DoS can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations (CVE-2022-2764)
* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)
* loader-utils: loader-utils:Regular expression denial of service (CVE-2022-37603)
* keycloak: Session takeover with OIDC offline refreshtokens (CVE-2022-3916)
* keycloak: path traversal via double URL encoding (CVE-2022-3782)
* snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode (CVE-2022-38749)
* snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match (CVE-2022-38751)
* snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject (CVE-2022-38750)
* keycloak: Client Registration endpoint does not check token revocation (CVE-2023-0091)
* keycloak: glob-parent: Regular Expression Denial of Service (CVE-2021-35065)
* json5: Prototype Pollution in JSON5 via Parse Method (CVE-2022-46175)
* keycloak: keycloak: user impersonation via stolen uuid code (CVE-2023-0264)
* snakeyaml: Constructor Deserialization Remote Code Execution (CVE-2022-1471)
* CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364)
* rcue-bootstrap: bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip (CVE-2018-14042)
* jettison: If the value in map is the map's self, the new new JSONObject(map) cause StackOverflowError which may lead to dos (CVE-2022-45693)
* sshd-common: mina-sshd: Java unsafe deserialization vulnerability (CVE-2022-45047)
* jettison: memory exhaustion via user-supplied XML or JSON data (CVE-2022-40150)
* jettison: parser crash by stackoverflow (CVE-2022-40149)
* jackson-databind: use of deeply nested arrays (CVE-2022-42004)
* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)
* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)
* jquery: Passing HTML containing <option> elements to manipulation methods could result in untrusted code execution (CVE-2020-11023)
* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)
* jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358)
* CXF: Apache CXF: directory listing / code exfiltration (CVE-2022-46363)
* keycloak: reflected XSS attack (CVE-2022-4137)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.
6.1 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1045
In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.
6.1 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1045
A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.
5.6 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1045
A Cross-site scripting (XSS) vulnerability exists in JQuery. This flaw allows an attacker with the ability to supply input to the ‘HTML’ function to inject Javascript into the page where that input is rendered, and have it delivered by the browser.
6.1 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1045
A flaw was found in jQuery. HTML containing \<option\> elements from untrusted sources are passed, even after sanitizing, to one of jQuery's DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.
6.1 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1045
Workaround
Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.
A vulnerability was found in the glob-parent package. Affected versions of this package are vulnerable to Regular expression Denial of Service (ReDoS) attacks, affecting system availability.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1045
An Uncontrolled Resource Consumption flaw was found in minimist. The original fix for CVE-2020-7598 was incomplete as it was still possible to bypass in some cases. This flaw (CVE-2021-44906) allows an attacker to trick the library into adding or modifying the properties of Object.prototype, using a constructor or __proto__ payload, resulting in prototype pollution and loss of confidentiality, availability, and integrity.
CWE-1321 - Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1045
A flaw was found in Keycloak in the execute-actions-email endpoint. This issue allows arbitrary HTML to be injected into emails sent to Keycloak users and can be misused to perform phishing or other attacks against users.
7.6 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1045
A flaw was found in Keycloak. Under specific circumstances, HTML entities are not sanitized during user impersonation, resulting in a Cross-site scripting (XSS) vulnerability.
6.4 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1045
A flaw was found in the SnakeYaml package. This flaw allows an attacker to benefit from remote code execution by sending malicious YAML content and this content being deserialized by the constructor. Deserialization is unsafe and leads to Remote Code Execution (RCE).
9.8 (Critical)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1045
A flaw was found in Undertow with EJB invocations. This flaw allows an attacker to generate a valid HTTP request and send it to the server on an established connection after removing the LAST_CHUNK from the bytes, causing a denial of service.
4.2 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1045
A flaw was found in the offline_access scope in Keycloak. This issue would affect users of shared computers more (especially if cookies are not cleared), due to a lack of root session validation, and the reuse of session ids across root and user authentication sessions. This enables an attacker to resolve a user session attached to a previously authenticated user; when utilizing the refresh token, they will be issued a token for the original user.
6.8 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1045
A reflected cross-site scripting (XSS) vulnerability was found in the 'oob' OAuth endpoint due to incorrect null-byte handling. This issue allows a malicious link to insert an arbitrary URI into a Keycloak error page. This flaw requires a user or administrator to interact with a link in order to be vulnerable. This may compromise user details, allowing it to be changed or collected by an attacker.
8.1 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1045
A path traversal vulnerability was found in Moment.js that impacts npm (server) users. This issue occurs if a user-provided locale string is directly used to switch moment locale, which an attacker can exploit to change the correct path to one of their choice. This can result in a loss of integrity.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1045
Workaround
Sanitize the user-provided locale name before passing it to Moment.js.
A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1045
A flaw was found in the Moment.js package. Users who pass user-provided strings without sanity length checks to the moment constructor are vulnerable to regular expression denial of service (ReDoS) attacks.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1045
A flaw was found in loader-utils webpack library. When the url variable from interpolateName is set, the prototype can be polluted. This issue could lead to a regular expression Denial of Service (ReDoS), affecting the availability of the affected component.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1045
A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash, resulting in a denial of service.
6.5 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1045
A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.
5.5 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1045
A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.
6.5 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1045
A stack-based buffer overflow vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. This flaw allows an attacker to supply content that causes the parser to crash by writing outside the memory bounds if the parser is running on user-supplied input, resulting in a denial of service attack.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1045
A vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. If the parser is running on user-supplied input, an attacker may supply content that causes the parser to crash, causing memory exhaustion. This effect may support a denial of service attack.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1045
A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1045
A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1045
A flaw was found in Apache MINA SSHD, when using Java deserialization to load a serialized java.security.PrivateKey. An attacker could benefit from unsafe deserialization by inserting unsecured data that may affect the application or server.
9.8 (Critical)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1045
Workaround
From the maintainer:
For Apache MINA SSHD <= 2.9.1, do not use org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to generate and later load your server's host key. Use separately generated host key files, for instance in OpenSSH format, and load them via a org.apache.sshd.common.keyprovider.FileKeyPairProvider instead. Or use a custom implementation instead of
SimpleGeneratorHostKeyProvider that uses the OpenSSH format for storing and loading the host key (via classes OpenSSHKeyPairResourceWriter and OpenSSHKeyPairResourceParser).
A flaw was found in Jettison, where it is vulnerable to a denial of service caused by a stack-based buffer overflow. By sending a specially-crafted request using the map parameter, a remote attacker can cause a denial of service.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1045
A flaw was found in the json5 package. The affected version of the json5 package could allow an attacker to set arbitrary and unexpected keys on the object returned from JSON5.parse.
8.8 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1045
A vulnerability was found in Apache CXF that could allow an attacker to perform a remote directory listing or code exfiltration. This issue only applies when the CXFServlet is configured with both the static-resources-list and redirect-query-check attributes. These attributes are not supposed to be used together, so the issue can only occur if the CXF service is misconfigured.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1045
A SSRF vulnerability was found in Apache CXF. This issue occurs when parsing the href attribute of XOP:Include in MTOM requests, allowing an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type.
9.8 (Critical)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1045
A flaw was found in Keycloak, where it did not properly check client tokens for possible revocation in its client credential flow. This flaw allows an attacker to access or modify potentially sensitive information.
CWE-20 - Improper Input Validation
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1045
A flaw was found in Keycloak's OpenID Connect user authentication, which may incorrectly authenticate requests. An authenticated attacker who could obtain information from a user request within the same realm could use that data to impersonate the victim and generate new session tokens. This issue could impact confidentiality, Integrity, and availability.
4.6 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1045
References
| URL | Category | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Acknowledgments
usd AG
Marcus Nilsson
SISOFT s.c.
Grzegorz Tworek
Trifork
Peter Flintholm
https://github.com/souravs17031999
Sourav Kumar
A1 Digital
Jordi Zayuelas i Muñoz
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "New Red Hat Single Sign-On 7.6.2 packages are now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.\n\nThis release of Red Hat Single Sign-On 7.6.2 on RHEL 9 serves as a replacement for Red Hat Single Sign-On 7.6.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* keycloak: XSS on impersonation under specific circumstances (CVE-2022-1438)\n* Moment.js: Path traversal in moment.locale (CVE-2022-24785)\n* keycloak: missing email notification template allowlist (CVE-2022-1274)\n* keycloak: minimist: prototype pollution (CVE-2021-44906)\n* moment: inefficient parsing algorithm resulting in DoS (CVE-2022-31129)\n* undertow: DoS can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations (CVE-2022-2764)\n* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)\n* loader-utils: loader-utils:Regular expression denial of service (CVE-2022-37603)\n* keycloak: Session takeover with OIDC offline refreshtokens (CVE-2022-3916)\n* keycloak: path traversal via double URL encoding (CVE-2022-3782)\n* snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode (CVE-2022-38749)\n* snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match (CVE-2022-38751)\n* snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject (CVE-2022-38750)\n* keycloak: Client Registration endpoint does not check token revocation (CVE-2023-0091)\n* keycloak: glob-parent: Regular Expression Denial of Service (CVE-2021-35065)\n* json5: Prototype Pollution in JSON5 via Parse Method (CVE-2022-46175)\n* keycloak: keycloak: user impersonation via stolen uuid code (CVE-2023-0264)\n* snakeyaml: Constructor Deserialization Remote Code Execution (CVE-2022-1471)\n* CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364)\n* rcue-bootstrap: bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip (CVE-2018-14042)\n* jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos (CVE-2022-45693)\n* sshd-common: mina-sshd: Java unsafe deserialization vulnerability (CVE-2022-45047)\n* jettison: memory exhaustion via user-supplied XML or JSON data (CVE-2022-40150)\n* jettison: parser crash by stackoverflow (CVE-2022-40149)\n* jackson-databind: use of deeply nested arrays (CVE-2022-42004)\n* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)\n* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)\n* jquery: Passing HTML containing \u003coption\u003e elements to manipulation methods could result in untrusted code execution (CVE-2020-11023)\n* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)\n* jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358)\n* CXF: Apache CXF: directory listing / code exfiltration (CVE-2022-46363)\n* keycloak: reflected XSS attack (CVE-2022-4137)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:1045",
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "2031904",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031904"
},
{
"category": "external",
"summary": "2066009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066009"
},
{
"category": "external",
"summary": "2072009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072009"
},
{
"category": "external",
"summary": "2073157",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073157"
},
{
"category": "external",
"summary": "2105075",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105075"
},
{
"category": "external",
"summary": "2117506",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2117506"
},
{
"category": "external",
"summary": "2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "2129706",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129706"
},
{
"category": "external",
"summary": "2129707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129707"
},
{
"category": "external",
"summary": "2129709",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129709"
},
{
"category": "external",
"summary": "2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "2135770",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770"
},
{
"category": "external",
"summary": "2135771",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771"
},
{
"category": "external",
"summary": "2138971",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2138971"
},
{
"category": "external",
"summary": "2140597",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140597"
},
{
"category": "external",
"summary": "2141404",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2141404"
},
{
"category": "external",
"summary": "2145194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
},
{
"category": "external",
"summary": "2148496",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2148496"
},
{
"category": "external",
"summary": "2150009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150009"
},
{
"category": "external",
"summary": "2155681",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155681"
},
{
"category": "external",
"summary": "2155682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155682"
},
{
"category": "external",
"summary": "2155970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155970"
},
{
"category": "external",
"summary": "2156263",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156263"
},
{
"category": "external",
"summary": "2156324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156324"
},
{
"category": "external",
"summary": "2158585",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2158585"
},
{
"category": "external",
"summary": "2160585",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2160585"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_1045.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Single Sign-On 7.6.2 security update on RHEL 9",
"tracking": {
"current_release_date": "2026-04-01T18:43:01+00:00",
"generator": {
"date": "2026-04-01T18:43:01+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.4"
}
},
"id": "RHSA-2023:1045",
"initial_release_date": "2023-03-01T21:45:17+00:00",
"revision_history": [
{
"date": "2023-03-01T21:45:17+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-03-01T21:45:17+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-01T18:43:01+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Single Sign-On 7.6 for RHEL 9",
"product": {
"name": "Red Hat Single Sign-On 7.6 for RHEL 9",
"product_id": "9Base-RHSSO-7.6",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:red_hat_single_sign_on:7.6::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Single Sign-On"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"product": {
"name": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"product_id": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7-keycloak@18.0.6-1.redhat_00001.1.el9sso?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"product": {
"name": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"product_id": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7-keycloak@18.0.6-1.redhat_00001.1.el9sso?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"product": {
"name": "rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"product_id": "rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7-keycloak-server@18.0.6-1.redhat_00001.1.el9sso?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch as a component of Red Hat Single Sign-On 7.6 for RHEL 9",
"product_id": "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
},
"product_reference": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"relates_to_product_reference": "9Base-RHSSO-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src as a component of Red Hat Single Sign-On 7.6 for RHEL 9",
"product_id": "9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src"
},
"product_reference": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"relates_to_product_reference": "9Base-RHSSO-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch as a component of Red Hat Single Sign-On 7.6 for RHEL 9",
"product_id": "9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
},
"product_reference": "rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"relates_to_product_reference": "9Base-RHSSO-7.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-14040",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601614"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14040"
},
{
"category": "external",
"summary": "RHBZ#1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14040",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14040"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute"
},
{
"cve": "CVE-2018-14042",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601617"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14042"
},
{
"category": "external",
"summary": "RHBZ#1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14042",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14042"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip"
},
{
"cve": "CVE-2019-11358",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-03-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1701972"
}
],
"notes": [
{
"category": "description",
"text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-11358"
},
{
"category": "external",
"summary": "RHBZ#1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/",
"url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"
},
{
"category": "external",
"summary": "https://www.drupal.org/sa-core-2019-006",
"url": "https://www.drupal.org/sa-core-2019-006"
}
],
"release_date": "2019-03-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection"
},
{
"cve": "CVE-2020-11022",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-04-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1828406"
}
],
"notes": [
{
"category": "description",
"text": "A Cross-site scripting (XSS) vulnerability exists in JQuery. This flaw allows an attacker with the ability to supply input to the \u2018HTML\u2019 function to inject Javascript into the page where that input is rendered, and have it delivered by the browser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "No supported release of Red Hat OpenStack Platform is affected by this vulnerability as no shipped packages contain the vulnerable code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11022"
},
{
"category": "external",
"summary": "RHBZ#1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11022",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2",
"url": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2"
}
],
"release_date": "2020-04-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method"
},
{
"cve": "CVE-2020-11023",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-06-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1850004"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jQuery. HTML containing \\\u003coption\\\u003e elements from untrusted sources are passed, even after sanitizing, to one of jQuery\u0027s DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux versions 6, 7, and 8 ship a vulnerable version of JQuery in the `pcs` component. As PCS does not accept untrusted input, the vulnerable code cannot be controlled by an attacker.\n\nMultiple Red Hat offerings use doxygen to build documentation. During this process an affected jquery.js file can be included in the resulting package. The \u0027gcc\u0027 and \u0027tbb\u0027 packages were potentially vulnerable via this method.\n\nOpenShift Container Platform 4 is not affected because even though it uses the \u0027gcc\u0027 component, vulnerable code is limited within the libstdc++-docs rpm package, which is not shipped.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11023"
},
{
"category": "external",
"summary": "RHBZ#1850004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/",
"url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2020-04-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2025-01-23T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods"
},
{
"cve": "CVE-2021-35065",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-12-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2156324"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the glob-parent package. Affected versions of this package are vulnerable to Regular expression Denial of Service (ReDoS) attacks, affecting system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "glob-parent: Regular Expression Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The glob-parent package is a transitive dependency and this is not used directly in any of the Red Hat products. Hence, the impact is reduced to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-35065"
},
{
"category": "external",
"summary": "RHBZ#2156324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156324"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-35065",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35065"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-35065",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-35065"
},
{
"category": "external",
"summary": "https://security.snyk.io/vuln/SNYK-JS-GLOBPARENT-1314294",
"url": "https://security.snyk.io/vuln/SNYK-JS-GLOBPARENT-1314294"
}
],
"release_date": "2022-12-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "glob-parent: Regular Expression Denial of Service"
},
{
"cve": "CVE-2021-44906",
"cwe": {
"id": "CWE-1321",
"name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
},
"discovery_date": "2022-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2066009"
}
],
"notes": [
{
"category": "description",
"text": "An Uncontrolled Resource Consumption flaw was found in minimist. The original fix for CVE-2020-7598 was incomplete as it was still possible to bypass in some cases. This flaw (CVE-2021-44906) allows an attacker to trick the library into adding or modifying the properties of Object.prototype, using a constructor or __proto__ payload, resulting in prototype pollution and loss of confidentiality, availability, and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "minimist: prototype pollution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "As minimist is an argument parsing module for nodejs, exploitation of this vulnerability requires an attacker to influence which arguments are passed to nodejs when running a script. Red Hat products and services are designed in such a way that gaining this ability is not trivial. Additionally, the impact is limited by only enabling the pollution of functions, and not all generic objects.\n\nWithin Red Hat Satellite 6 this flaw has been rated as having a security impact of Low. It is not currently planned to be addressed there, as the minimist library is only included in the -doc subpackage and is part of test fixtures that are not in the execution path used by the rabl gem.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44906"
},
{
"category": "external",
"summary": "RHBZ#2066009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44906",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44906"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44906",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44906"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-xvch-5gv4-984h",
"url": "https://github.com/advisories/GHSA-xvch-5gv4-984h"
}
],
"release_date": "2022-03-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "minimist: prototype pollution"
},
{
"acknowledgments": [
{
"names": [
"Marcus Nilsson"
],
"organization": "usd AG"
}
],
"cve": "CVE-2022-1274",
"cwe": {
"id": "CWE-80",
"name": "Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)"
},
"discovery_date": "2022-04-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2073157"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Keycloak in the execute-actions-email endpoint. This issue allows arbitrary HTML to be injected into emails sent to Keycloak users and can be misused to perform phishing or other attacks against users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: HTML injection in execute-actions-email Admin REST API",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-1274"
},
{
"category": "external",
"summary": "RHBZ#2073157",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073157"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-1274",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1274"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1274",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1274"
},
{
"category": "external",
"summary": "https://github.com/keycloak/keycloak/security/advisories/GHSA-m4fv-gm5m-4725",
"url": "https://github.com/keycloak/keycloak/security/advisories/GHSA-m4fv-gm5m-4725"
}
],
"release_date": "2023-02-28T18:57:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "keycloak: HTML injection in execute-actions-email Admin REST API"
},
{
"acknowledgments": [
{
"names": [
"Grzegorz Tworek"
],
"organization": "SISOFT s.c."
}
],
"cve": "CVE-2022-1438",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2021-12-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2031904"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Keycloak. Under specific circumstances, HTML entities are not sanitized during user impersonation, resulting in a Cross-site scripting (XSS) vulnerability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: XSS on impersonation under specific circumstances",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-1438"
},
{
"category": "external",
"summary": "RHBZ#2031904",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031904"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-1438",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1438"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1438",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1438"
}
],
"release_date": "2023-02-28T18:56:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "keycloak: XSS on impersonation under specific circumstances"
},
{
"cve": "CVE-2022-1471",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-12-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2150009"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the SnakeYaml package. This flaw allows an attacker to benefit from remote code execution by sending malicious YAML content and this content being deserialized by the constructor. Deserialization is unsafe and leads to Remote Code Execution (RCE).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "SnakeYaml: Constructor Deserialization Remote Code Execution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In the Red Hat Process Automation 7 (RHPAM) the untrusted, malicious YAML file for deserialization by the vulnerable Snakeyaml\u0027s SafeConstructor class must be provided intentionally by the RHPAM user which requires high privileges. The potential attack complexity is also high because it depends on conditions that are beyond the attacker\u0027s control. Due to that the impact for RHPAM is reduced to Low.\n\nRed Hat Fuse 7 does not expose by default any endpoint that passes incoming data/request into vulnerable Snakeyaml\u0027s Constructor class nor pass untrusted data to this class. When this class is used, it\u2019s still only used to parse internal configuration, hence the impact by this vulnerability to Red Hat Fuse 7 is reduced to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-1471"
},
{
"category": "external",
"summary": "RHBZ#2150009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-1471",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1471"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1471",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1471"
},
{
"category": "external",
"summary": "https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2",
"url": "https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2"
}
],
"release_date": "2022-10-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "SnakeYaml: Constructor Deserialization Remote Code Execution"
},
{
"cve": "CVE-2022-2764",
"discovery_date": "2022-08-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2117506"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Undertow with EJB invocations. This flaw allows an attacker to generate a valid HTTP request and send it to the server on an established connection after removing the LAST_CHUNK from the bytes, causing a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Undertow: DoS can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-2764"
},
{
"category": "external",
"summary": "RHBZ#2117506",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2117506"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-2764",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2764"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-2764",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2764"
}
],
"release_date": "2022-08-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "Undertow: DoS can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations"
},
{
"acknowledgments": [
{
"names": [
"Peter Flintholm"
],
"organization": "Trifork"
}
],
"cve": "CVE-2022-3916",
"cwe": {
"id": "CWE-384",
"name": "Session Fixation"
},
"discovery_date": "2022-11-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2141404"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the offline_access scope in Keycloak. This issue would affect users of shared computers more (especially if cookies are not cleared), due to a lack of root session validation, and the reuse of session ids across root and user authentication sessions. This enables an attacker to resolve a user session attached to a previously authenticated user; when utilizing the refresh token, they will be issued a token for the original user.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: Session takeover with OIDC offline refreshtokens",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3916"
},
{
"category": "external",
"summary": "RHBZ#2141404",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2141404"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3916",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3916"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3916",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3916"
}
],
"release_date": "2022-11-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "keycloak: Session takeover with OIDC offline refreshtokens"
},
{
"cve": "CVE-2022-4137",
"cwe": {
"id": "CWE-81",
"name": "Improper Neutralization of Script in an Error Message Web Page"
},
"discovery_date": "2022-11-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2148496"
}
],
"notes": [
{
"category": "description",
"text": "A reflected cross-site scripting (XSS) vulnerability was found in the \u0027oob\u0027 OAuth endpoint due to incorrect null-byte handling. This issue allows a malicious link to insert an arbitrary URI into a Keycloak error page. This flaw requires a user or administrator to interact with a link in order to be vulnerable. This may compromise user details, allowing it to be changed or collected by an attacker.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: reflected XSS attack",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-4137"
},
{
"category": "external",
"summary": "RHBZ#2148496",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2148496"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-4137",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4137"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-4137",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4137"
}
],
"release_date": "2023-03-01T13:56:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "keycloak: reflected XSS attack"
},
{
"cve": "CVE-2022-24785",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2022-04-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2072009"
}
],
"notes": [
{
"category": "description",
"text": "A path traversal vulnerability was found in Moment.js that impacts npm (server) users. This issue occurs if a user-provided locale string is directly used to switch moment locale, which an attacker can exploit to change the correct path to one of their choice. This can result in a loss of integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Moment.js: Path traversal in moment.locale",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In Quay 3.10 and above, no version of affected momentjs is present.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-24785"
},
{
"category": "external",
"summary": "RHBZ#2072009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-24785",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24785"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24785",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24785"
},
{
"category": "external",
"summary": "https://github.com/moment/moment/security/advisories/GHSA-8hfj-j24r-96c4",
"url": "https://github.com/moment/moment/security/advisories/GHSA-8hfj-j24r-96c4"
}
],
"release_date": "2022-04-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
},
{
"category": "workaround",
"details": "Sanitize the user-provided locale name before passing it to Moment.js.",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Moment.js: Path traversal in moment.locale"
},
{
"cve": "CVE-2022-25857",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-09-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2126789"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Denial of Service due to missing nested depth limitation for collections",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For RHEL-8 it\u0027s downgraded to moderate because \"snakeyaml\" itself in RHEL 8 or RHEL-9 isn\u0027t shipped and \"prometheus-jmx-exporter\" is needed as build dependency. And it\u0027s not directly exploitable, hence severity marked as moderate.\nRed Hat Integration and AMQ products are not vulnerable to this flaw, so their severity has been lowered to moderate.\nRed Hat Single Sign-On uses snakeyaml from liquibase-core and is only used when performing migrations and would require administrator privileges to execute, hence severity marked as Low.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be present soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25857"
},
{
"category": "external",
"summary": "RHBZ#2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25857",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25857"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857"
},
{
"category": "external",
"summary": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525",
"url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525"
}
],
"release_date": "2022-08-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "snakeyaml: Denial of Service due to missing nested depth limitation for collections"
},
{
"cve": "CVE-2022-31129",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-07-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2105075"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Moment.js package. Users who pass user-provided strings without sanity length checks to the moment constructor are vulnerable to regular expression denial of service (ReDoS) attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "moment: inefficient parsing algorithm resulting in DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Fuse provides the affected software but does not use the functionality and as such its impact has been downgraded to Low.\n\nRed Hat Advanced Cluster Management for Kubernetes (RHACM) ships a vulnerable version of the moment library. However, this affected functionality is restricted behind OAuth, reducing the impact to Moderate.\n\nRed Hat Satellite ships a vulnerable version of the moment library. However, this only affects a specific component (qpid-dispatch), reducing the impact to Moderate.\n\nRed Hat Ceph Storage (RHCS) ships a vulnerable version of the moment library, however, it is not directly used and is a transitive dependency from Angular. In addition, the impact would only be to the grafana browser, and not the underlying RHCS system, which reduces the impact to Moderate. \n\nRed Hat OpenShift Service Mesh (OSSM) ships a vulnerable version of the moment library, however, it is not directly used, and as such, the impact has been lowered to Moderate.\n\nRed Hat OpenShift distributed tracing ships a vulnerable version of the moment library, however, it is not directly used, and as such, the impact has been lowered to Moderate.\n\nIn Logging Subsystem for Red Hat OpenShift the vulnerable moment nodejs package is bundled in the ose-logging-kibana6 container as a transitive dependency, hence the direct impact is reduced to Moderate.\n\nIn OpenShift Container Platform 4 the vulnerabile moment package is a third party dependency, hence the direct impact is reduced to Moderate.\n\nIn Quay IO 3.10 and above, no version of affected momentjs is present.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-31129"
},
{
"category": "external",
"summary": "RHBZ#2105075",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105075"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-31129",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31129"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-31129",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-31129"
},
{
"category": "external",
"summary": "https://github.com/moment/moment/security/advisories/GHSA-wc69-rhjr-hc9g",
"url": "https://github.com/moment/moment/security/advisories/GHSA-wc69-rhjr-hc9g"
}
],
"release_date": "2022-07-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "moment: inefficient parsing algorithm resulting in DoS"
},
{
"cve": "CVE-2022-37603",
"cwe": {
"id": "CWE-185",
"name": "Incorrect Regular Expression"
},
"discovery_date": "2022-11-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2140597"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in loader-utils webpack library. When the url variable from interpolateName is set, the prototype can be polluted. This issue could lead to a regular expression Denial of Service (ReDoS), affecting the availability of the affected component.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "loader-utils: Regular expression denial of service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-37603"
},
{
"category": "external",
"summary": "RHBZ#2140597",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140597"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-37603",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37603"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-37603",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-37603"
}
],
"release_date": "2022-10-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "loader-utils: Regular expression denial of service"
},
{
"cve": "CVE-2022-38749",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129706"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38749"
},
{
"category": "external",
"summary": "RHBZ#2129706",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129706"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38749",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38749"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38749",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38749"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode"
},
{
"cve": "CVE-2022-38750",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129707"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38750"
},
{
"category": "external",
"summary": "RHBZ#2129707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129707"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38750",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38750"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38750",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38750"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject"
},
{
"cve": "CVE-2022-38751",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129709"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38751"
},
{
"category": "external",
"summary": "RHBZ#2129709",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129709"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38751",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38751"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38751",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38751"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match"
},
{
"cve": "CVE-2022-40149",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-10-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135771"
}
],
"notes": [
{
"category": "description",
"text": "A stack-based buffer overflow vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. This flaw allows an attacker to supply content that causes the parser to crash by writing outside the memory bounds if the parser is running on user-supplied input, resulting in a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: parser crash by stackoverflow",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40149"
},
{
"category": "external",
"summary": "RHBZ#2135771",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40149",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40149"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149"
},
{
"category": "external",
"summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1",
"url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1"
}
],
"release_date": "2022-09-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jettison: parser crash by stackoverflow"
},
{
"cve": "CVE-2022-40150",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-10-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135770"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. If the parser is running on user-supplied input, an attacker may supply content that causes the parser to crash, causing memory exhaustion. This effect may support a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: memory exhaustion via user-supplied XML or JSON data",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40150"
},
{
"category": "external",
"summary": "RHBZ#2135770",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40150",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40150"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150"
},
{
"category": "external",
"summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1",
"url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1"
}
],
"release_date": "2022-09-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jettison: memory exhaustion via user-supplied XML or JSON data"
},
{
"cve": "CVE-2022-42003",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135244"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42003"
},
{
"category": "external",
"summary": "RHBZ#2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42003",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS"
},
{
"cve": "CVE-2022-42004",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135247"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: use of deeply nested arrays",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42004"
},
{
"category": "external",
"summary": "RHBZ#2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42004",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: use of deeply nested arrays"
},
{
"cve": "CVE-2022-45047",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-11-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2145194"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache MINA SSHD, when using Java deserialization to load a serialized java.security.PrivateKey. An attacker could benefit from unsafe deserialization by inserting unsecured data that may affect the application or server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mina-sshd: Java unsafe deserialization vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Impact as High as there\u0027s a mitigation for minimizing the impact which the flaw requires org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to be impacted, which would require an external/public API for an attacker to benefit from it. \n\nRed Hat Fuse 7 and Red Hat JBoss Enterprise Application Platform 7 have a lower rate (moderate) as it\u0027s very unlikely to be exploited since those are for internal usage or use a custom implementation in their case.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45047"
},
{
"category": "external",
"summary": "RHBZ#2145194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45047",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45047"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047"
},
{
"category": "external",
"summary": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html",
"url": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html"
}
],
"release_date": "2022-11-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
},
{
"category": "workaround",
"details": "From the maintainer:\n\nFor Apache MINA SSHD \u003c= 2.9.1, do not use org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to generate and later load your server\u0027s host key. Use separately generated host key files, for instance in OpenSSH format, and load them via a org.apache.sshd.common.keyprovider.FileKeyPairProvider instead. Or use a custom implementation instead of \nSimpleGeneratorHostKeyProvider that uses the OpenSSH format for storing and loading the host key (via classes OpenSSHKeyPairResourceWriter and OpenSSHKeyPairResourceParser).",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "mina-sshd: Java unsafe deserialization vulnerability"
},
{
"cve": "CVE-2022-45693",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-12-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155970"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jettison, where it is vulnerable to a denial of service caused by a stack-based buffer overflow. By sending a specially-crafted request using the map parameter, a remote attacker can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat has determined the impact of this flaw to be Moderate; a successful attack using this flaw would require the processing of untrusted, unsanitized, or unrestricted user inputs, which runs counter to established Red Hat security practices.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45693"
},
{
"category": "external",
"summary": "RHBZ#2155970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155970"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45693",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45693"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45693",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45693"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos"
},
{
"cve": "CVE-2022-46175",
"cwe": {
"id": "CWE-1321",
"name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
},
"discovery_date": "2022-12-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2156263"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the json5 package. The affected version of the json5 package could allow an attacker to set arbitrary and unexpected keys on the object returned from JSON5.parse.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "json5: Prototype Pollution in JSON5 via Parse Method",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The json5 package is a build-time dependency in Red Hat products and is not used in production runtime. Hence, the impact is set to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-46175"
},
{
"category": "external",
"summary": "RHBZ#2156263",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156263"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-46175",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46175"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46175",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46175"
},
{
"category": "external",
"summary": "https://github.com/json5/json5/security/advisories/GHSA-9c47-m6qq-7p4h",
"url": "https://github.com/json5/json5/security/advisories/GHSA-9c47-m6qq-7p4h"
}
],
"release_date": "2022-12-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "json5: Prototype Pollution in JSON5 via Parse Method"
},
{
"cve": "CVE-2022-46363",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2022-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155681"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Apache CXF that could allow an attacker to perform a remote directory listing or code exfiltration. This issue only applies when the CXFServlet is configured with both the static-resources-list and redirect-query-check attributes. These attributes are not supposed to be used together, so the issue can only occur if the CXF service is misconfigured.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "CXF: directory listing / code exfiltration",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-46363"
},
{
"category": "external",
"summary": "RHBZ#2155681",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155681"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-46363",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46363"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46363",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46363"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/pdzo1qgyplf4y523tnnzrcm7hoco3l8c",
"url": "https://lists.apache.org/thread/pdzo1qgyplf4y523tnnzrcm7hoco3l8c"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "CXF: directory listing / code exfiltration"
},
{
"cve": "CVE-2022-46364",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2022-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155682"
}
],
"notes": [
{
"category": "description",
"text": "A SSRF vulnerability was found in Apache CXF. This issue occurs when parsing the href attribute of XOP:Include in MTOM requests, allowing an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "CXF: SSRF Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Integration Camel Quarkus does not support CXF extensions and so is affected at a reduced impact of Moderate.\nThe RHSSO server does not ship Apache CXF. The component mentioned in CVE-2022-46364 is a transitive dependency coming from Fuse adapters and the test suite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-46364"
},
{
"category": "external",
"summary": "RHBZ#2155682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155682"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-46364",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46364"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46364",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46364"
},
{
"category": "external",
"summary": "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1\u0026modificationDate=1670944472739\u0026api=v2",
"url": "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1\u0026modificationDate=1670944472739\u0026api=v2"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "CXF: SSRF Vulnerability"
},
{
"acknowledgments": [
{
"names": [
"Sourav Kumar"
],
"organization": "https://github.com/souravs17031999",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2023-0091",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2022-10-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2158585"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Keycloak, where it did not properly check client tokens for possible revocation in its client credential flow. This flaw allows an attacker to access or modify potentially sensitive information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: Client Registration endpoint does not check token revocation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-0091"
},
{
"category": "external",
"summary": "RHBZ#2158585",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2158585"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-0091",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0091"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0091",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0091"
},
{
"category": "external",
"summary": "https://github.com/keycloak/keycloak/security/advisories/GHSA-v436-q368-hvgg",
"url": "https://github.com/keycloak/keycloak/security/advisories/GHSA-v436-q368-hvgg"
},
{
"category": "external",
"summary": "https://github.com/keycloak/security/issues/27",
"url": "https://github.com/keycloak/security/issues/27"
}
],
"release_date": "2022-10-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "keycloak: Client Registration endpoint does not check token revocation"
},
{
"acknowledgments": [
{
"names": [
"Jordi Zayuelas i Mu\u00f1oz"
],
"organization": "A1 Digital",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2023-0264",
"cwe": {
"id": "CWE-303",
"name": "Incorrect Implementation of Authentication Algorithm"
},
"discovery_date": "2023-01-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2160585"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Keycloak\u0027s OpenID Connect user authentication, which may incorrectly authenticate requests. An authenticated attacker who could obtain information from a user request within the same realm could use that data to impersonate the victim and generate new session tokens. This issue could impact confidentiality, Integrity, and availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: user impersonation via stolen uuid code",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-0264"
},
{
"category": "external",
"summary": "RHBZ#2160585",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2160585"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-0264",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0264"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0264",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0264"
}
],
"release_date": "2023-02-28T18:58:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T21:45:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.noarch",
"9Base-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso.src",
"9Base-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el9sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "keycloak: user impersonation via stolen uuid code"
}
]
}
RHSA-2022_6821
Vulnerability from csaf_redhat - Published: 2022-10-05 16:36 - Updated: 2024-12-16 16:05Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.7 Security update
Severity
Important
Notes
Topic: A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.7 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.6, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.7 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* undertow: Large AJP request may cause DoS (CVE-2022-2053)
* undertow: potential security issue in flow control over HTTP/2 may lead to DOS. Incomplete fix for CVE-2021-3629 (CVE-2022-1259)
* snakeyaml: Denial of Service due missing to nested depth limitation for collections. (CVE-2022-25857)
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in Undertow. A potential security issue in flow control handling by the browser over HTTP/2 may cause overhead or a denial of service in the server.
7.5 (High)
Vendor Fix
Before applying this update, ensure all previously released errata relevant to your system have been applied. For details about how to apply this update, see: https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2022:6821
A flaw was found in Undertow. AJP requests to the server may allow an attacker to send a malicious request and trigger server errors, resulting in a denial of service.
7.5 (High)
Vendor Fix
Before applying this update, ensure all previously released errata relevant to your system have been applied. For details about how to apply this update, see: https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2022:6821
A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.
7.5 (High)
Vendor Fix
Before applying this update, ensure all previously released errata relevant to your system have been applied. For details about how to apply this update, see: https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2022:6821
References
| URL | Category | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.7 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.6, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.7 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* undertow: Large AJP request may cause DoS (CVE-2022-2053)\n\n* undertow: potential security issue in flow control over HTTP/2 may lead to DOS. Incomplete fix for CVE-2021-3629 (CVE-2022-1259)\n\n* snakeyaml: Denial of Service due missing to nested depth limitation for collections. (CVE-2022-25857)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:6821",
"url": "https://access.redhat.com/errata/RHSA-2022:6821"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/"
},
{
"category": "external",
"summary": "2072339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072339"
},
{
"category": "external",
"summary": "2095862",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095862"
},
{
"category": "external",
"summary": "2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "JBEAP-23618",
"url": "https://issues.redhat.com/browse/JBEAP-23618"
},
{
"category": "external",
"summary": "JBEAP-23687",
"url": "https://issues.redhat.com/browse/JBEAP-23687"
},
{
"category": "external",
"summary": "JBEAP-23738",
"url": "https://issues.redhat.com/browse/JBEAP-23738"
},
{
"category": "external",
"summary": "JBEAP-23741",
"url": "https://issues.redhat.com/browse/JBEAP-23741"
},
{
"category": "external",
"summary": "JBEAP-23753",
"url": "https://issues.redhat.com/browse/JBEAP-23753"
},
{
"category": "external",
"summary": "JBEAP-23772",
"url": "https://issues.redhat.com/browse/JBEAP-23772"
},
{
"category": "external",
"summary": "JBEAP-23794",
"url": "https://issues.redhat.com/browse/JBEAP-23794"
},
{
"category": "external",
"summary": "JBEAP-23802",
"url": "https://issues.redhat.com/browse/JBEAP-23802"
},
{
"category": "external",
"summary": "JBEAP-23803",
"url": "https://issues.redhat.com/browse/JBEAP-23803"
},
{
"category": "external",
"summary": "JBEAP-23805",
"url": "https://issues.redhat.com/browse/JBEAP-23805"
},
{
"category": "external",
"summary": "JBEAP-23816",
"url": "https://issues.redhat.com/browse/JBEAP-23816"
},
{
"category": "external",
"summary": "JBEAP-23818",
"url": "https://issues.redhat.com/browse/JBEAP-23818"
},
{
"category": "external",
"summary": "JBEAP-23869",
"url": "https://issues.redhat.com/browse/JBEAP-23869"
},
{
"category": "external",
"summary": "JBEAP-23881",
"url": "https://issues.redhat.com/browse/JBEAP-23881"
},
{
"category": "external",
"summary": "JBEAP-23912",
"url": "https://issues.redhat.com/browse/JBEAP-23912"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_6821.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.7 Security update",
"tracking": {
"current_release_date": "2024-12-16T16:05:26+00:00",
"generator": {
"date": "2024-12-16T16:05:26+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2022:6821",
"initial_release_date": "2022-10-05T16:36:05+00:00",
"revision_history": [
{
"date": "2022-10-05T16:36:05+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-10-05T16:36:05+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-16T16:05:26+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product": {
"name": "Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el7eap.src",
"product_id": "eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-glassfish-jsf@2.3.14-5.SP06_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate@5.3.28-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy@3.15.4-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-vfs@3.2.17-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-wildfly-http-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.src",
"product_id": "eap7-wildfly-http-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-client@1.1.13-1.SP1_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.14-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el7eap.src",
"product": {
"name": "eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el7eap.src",
"product_id": "eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis@2.16.0-10.redhat_00045.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el7eap.src",
"product_id": "eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.5.3-3.SP2_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el7eap.src",
"product_id": "eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.2.19-1.SP2_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.3.14-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.45-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow-jastow@2.0.11-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport-native-epoll@4.1.77-3.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty@4.1.77-3.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-tcnative@2.0.52-3.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el7eap.src",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el7eap.src",
"product_id": "eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-20.Final_redhat_00019.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el7eap.src",
"product_id": "eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-snakeyaml@1.31.0-1.redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el7eap.src",
"product": {
"name": "eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el7eap.src",
"product_id": "eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.7-3.GA_redhat_00003.1.el7eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-glassfish-jsf@2.3.14-5.SP06_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate@5.3.28-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-core-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-core-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-core-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-core@5.3.28-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-entitymanager-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-entitymanager-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-entitymanager-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-entitymanager@5.3.28-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-envers-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-envers-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-envers-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-envers@5.3.28-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-java8-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-java8-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-java8-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-java8@5.3.28-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy@3.15.4-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-atom-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-atom-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-atom-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-atom-provider@3.15.4-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-cdi-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-cdi-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-cdi-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-cdi@3.15.4-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-client-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-client-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-client-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-client@3.15.4-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-crypto-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-crypto-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-crypto-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-crypto@3.15.4-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jackson-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-jackson-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-jackson-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jackson-provider@3.15.4-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jackson2-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-jackson2-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-jackson2-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jackson2-provider@3.15.4-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jaxb-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-jaxb-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-jaxb-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jaxb-provider@3.15.4-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jaxrs-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-jaxrs-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-jaxrs-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jaxrs@3.15.4-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jettison-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-jettison-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-jettison-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jettison-provider@3.15.4-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jose-jwt-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-jose-jwt-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-jose-jwt-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jose-jwt@3.15.4-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jsapi-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-jsapi-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-jsapi-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jsapi@3.15.4-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-json-binding-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-json-binding-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-json-binding-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-json-binding-provider@3.15.4-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-json-p-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-json-p-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-json-p-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-json-p-provider@3.15.4-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-multipart-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-multipart-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-multipart-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-multipart-provider@3.15.4-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-rxjava2-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-rxjava2-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-rxjava2-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-rxjava2@3.15.4-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-spring-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-spring-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-spring-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-spring@3.15.4-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-validator-provider-11-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-validator-provider-11-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-validator-provider-11-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-validator-provider-11@3.15.4-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-yaml-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-yaml-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-yaml-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-yaml-provider@3.15.4-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-vfs@3.2.17-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-client-common-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-http-client-common-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-http-client-common-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-client-common@1.1.13-1.SP1_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-ejb-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-http-ejb-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-http-ejb-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-ejb-client@1.1.13-1.SP1_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-naming-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-http-naming-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-http-naming-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-naming-client@1.1.13-1.SP1_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-transaction-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-http-transaction-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-http-transaction-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-transaction-client@1.1.13-1.SP1_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.14-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-tool-0:1.15.14-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-tool-0:1.15.14-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-elytron-tool-0:1.15.14-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron-tool@1.15.14-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis@2.16.0-10.redhat_00045.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-cli-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-cli-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-cli-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-cli@2.16.0-10.redhat_00045.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-commons-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-commons-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-commons-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-commons@2.16.0-10.redhat_00045.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-core-client-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-core-client-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-core-client-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-core-client@2.16.0-10.redhat_00045.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-dto-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-dto-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-dto-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-dto@2.16.0-10.redhat_00045.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-hornetq-protocol@2.16.0-10.redhat_00045.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-hqclient-protocol@2.16.0-10.redhat_00045.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jdbc-store-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jdbc-store-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-jdbc-store-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jdbc-store@2.16.0-10.redhat_00045.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jms-client-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jms-client-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-jms-client-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-client@2.16.0-10.redhat_00045.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jms-server-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jms-server-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-jms-server-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-server@2.16.0-10.redhat_00045.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-journal-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-journal-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-journal-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-journal@2.16.0-10.redhat_00045.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-ra-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-ra-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-ra-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-ra@2.16.0-10.redhat_00045.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-selector-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-selector-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-selector-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-selector@2.16.0-10.redhat_00045.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-server-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-server-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-server-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-server@2.16.0-10.redhat_00045.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-service-extensions-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-service-extensions-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-service-extensions-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-service-extensions@2.16.0-10.redhat_00045.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-tools-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-tools-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-tools-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-tools@2.16.0-10.redhat_00045.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.5.3-3.SP2_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-api-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-api-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-common-api-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-api@1.5.3-3.SP2_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-impl-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-impl-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-common-impl-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-impl@1.5.3-3.SP2_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-spi-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-spi-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-common-spi-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-spi@1.5.3-3.SP2_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-api-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-api-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-core-api-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-api@1.5.3-3.SP2_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-impl-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-impl-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-core-impl-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-impl@1.5.3-3.SP2_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-deployers-common-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-deployers-common-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-deployers-common-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-deployers-common@1.5.3-3.SP2_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-jdbc-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-jdbc-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-jdbc-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-jdbc@1.5.3-3.SP2_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-validator-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-validator-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-validator-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-validator@1.5.3-3.SP2_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.2.19-1.SP2_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.3.14-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.45-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow-jastow@2.0.11-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty@4.1.77-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-all-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-all-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-all-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-all@4.1.77-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-buffer-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-buffer-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-buffer-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-buffer@4.1.77-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-codec-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-codec-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec@4.1.77-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-dns-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-codec-dns-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-codec-dns-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-dns@4.1.77-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-haproxy-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-codec-haproxy-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-codec-haproxy-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-haproxy@4.1.77-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-http-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-codec-http-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-codec-http-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-http@4.1.77-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-http2-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-codec-http2-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-codec-http2-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-http2@4.1.77-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-memcache-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-codec-memcache-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-codec-memcache-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-memcache@4.1.77-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-mqtt-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-codec-mqtt-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-codec-mqtt-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-mqtt@4.1.77-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-redis-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-codec-redis-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-codec-redis-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-redis@4.1.77-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-smtp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-codec-smtp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-codec-smtp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-smtp@4.1.77-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-socks-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-codec-socks-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-codec-socks-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-socks@4.1.77-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-stomp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-codec-stomp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-codec-stomp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-stomp@4.1.77-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-xml-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-codec-xml-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-codec-xml-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-xml@4.1.77-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-common-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-common-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-common-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-common@4.1.77-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-handler-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-handler-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-handler-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-handler@4.1.77-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-handler-proxy-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-handler-proxy-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-handler-proxy-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-handler-proxy@4.1.77-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-resolver-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-resolver-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-resolver-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-resolver@4.1.77-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-resolver-dns-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-resolver-dns-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-resolver-dns-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-resolver-dns@4.1.77-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-resolver-dns-classes-macos-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-resolver-dns-classes-macos-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-resolver-dns-classes-macos-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-resolver-dns-classes-macos@4.1.77-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-transport-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-transport-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-transport-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport@4.1.77-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-transport-classes-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-transport-classes-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-transport-classes-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport-classes-epoll@4.1.77-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-transport-classes-kqueue-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-transport-classes-kqueue-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-transport-classes-kqueue-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport-classes-kqueue@4.1.77-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-transport-native-unix-common-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-transport-native-unix-common-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-transport-native-unix-common-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport-native-unix-common@4.1.77-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-transport-rxtx-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-transport-rxtx-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-transport-rxtx-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport-rxtx@4.1.77-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-transport-sctp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-transport-sctp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-transport-sctp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport-sctp@4.1.77-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-transport-udt-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-transport-udt-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-transport-udt-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport-udt@4.1.77-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-tcnative@2.0.52-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-20.Final_redhat_00019.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-cli-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-cli-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.10.0-20.Final_redhat_00019.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-core-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-core-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.10.0-20.Final_redhat_00019.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-snakeyaml@1.31.0-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"product_id": "eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.7-3.GA_redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk11-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk11-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"product_id": "eap7-wildfly-java-jdk11-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk11@7.4.7-3.GA_redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk8-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk8-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"product_id": "eap7-wildfly-java-jdk8-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk8@7.4.7-3.GA_redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-javadocs-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"product_id": "eap7-wildfly-javadocs-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.4.7-3.GA_redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-modules-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-modules-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"product_id": "eap7-wildfly-modules-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.4.7-3.GA_redhat_00003.1.el7eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.x86_64",
"product": {
"name": "eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.x86_64",
"product_id": "eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport-native-epoll@4.1.77-3.Final_redhat_00001.1.el7eap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-transport-native-epoll-debuginfo-0:4.1.77-3.Final_redhat_00001.1.el7eap.x86_64",
"product": {
"name": "eap7-netty-transport-native-epoll-debuginfo-0:4.1.77-3.Final_redhat_00001.1.el7eap.x86_64",
"product_id": "eap7-netty-transport-native-epoll-debuginfo-0:4.1.77-3.Final_redhat_00001.1.el7eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport-native-epoll-debuginfo@4.1.77-3.Final_redhat_00001.1.el7eap?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el7eap.src"
},
"product_reference": "eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-cli-0:2.16.0-10.redhat_00045.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-10.redhat_00045.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-cli-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-commons-0:2.16.0-10.redhat_00045.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-10.redhat_00045.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-commons-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-core-client-0:2.16.0-10.redhat_00045.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-10.redhat_00045.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-core-client-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-dto-0:2.16.0-10.redhat_00045.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-10.redhat_00045.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-dto-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-10.redhat_00045.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-10.redhat_00045.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-10.redhat_00045.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-10.redhat_00045.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jdbc-store-0:2.16.0-10.redhat_00045.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-10.redhat_00045.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jdbc-store-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jms-client-0:2.16.0-10.redhat_00045.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-10.redhat_00045.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jms-client-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jms-server-0:2.16.0-10.redhat_00045.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-10.redhat_00045.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jms-server-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-journal-0:2.16.0-10.redhat_00045.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-10.redhat_00045.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-journal-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-ra-0:2.16.0-10.redhat_00045.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-10.redhat_00045.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-ra-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-selector-0:2.16.0-10.redhat_00045.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-10.redhat_00045.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-selector-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-server-0:2.16.0-10.redhat_00045.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-10.redhat_00045.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-server-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-service-extensions-0:2.16.0-10.redhat_00045.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-10.redhat_00045.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-service-extensions-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-tools-0:2.16.0-10.redhat_00045.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-10.redhat_00045.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-tools-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-core-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-core-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-entitymanager-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-entitymanager-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-envers-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-envers-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-java8-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-java8-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-api-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-api-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-impl-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-impl-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-spi-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-spi-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-api-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-api-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-impl-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-impl-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-deployers-common-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-deployers-common-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-jdbc-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-jdbc-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-validator-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-validator-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el7eap.src"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-cli-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-core-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-all-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-all-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-buffer-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-buffer-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-codec-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-dns-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-codec-dns-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-haproxy-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-codec-haproxy-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-http-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-codec-http-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-http2-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-codec-http2-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-memcache-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-codec-memcache-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-mqtt-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-codec-mqtt-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-redis-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-codec-redis-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-smtp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-codec-smtp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-socks-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-codec-socks-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-stomp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-codec-stomp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-xml-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-codec-xml-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-common-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-common-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-handler-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-handler-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-handler-proxy-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-handler-proxy-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-resolver-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-resolver-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-resolver-dns-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-resolver-dns-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-resolver-dns-classes-macos-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-resolver-dns-classes-macos-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-transport-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-classes-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-transport-classes-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-classes-kqueue-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-transport-classes-kqueue-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.x86_64"
},
"product_reference": "eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.x86_64",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-native-epoll-debuginfo-0:4.1.77-3.Final_redhat_00001.1.el7eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.77-3.Final_redhat_00001.1.el7eap.x86_64"
},
"product_reference": "eap7-netty-transport-native-epoll-debuginfo-0:4.1.77-3.Final_redhat_00001.1.el7eap.x86_64",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-native-unix-common-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-transport-native-unix-common-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-rxtx-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-transport-rxtx-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-sctp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-transport-sctp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-udt-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-transport-udt-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-atom-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-atom-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-cdi-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-cdi-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-client-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-client-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-crypto-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-crypto-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jackson-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-jackson-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jackson2-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-jackson2-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jaxb-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-jaxb-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jaxrs-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-jaxrs-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jettison-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-jettison-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jose-jwt-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-jose-jwt-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jsapi-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-jsapi-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-json-binding-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-json-binding-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-json-p-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-json-p-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-multipart-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-multipart-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-rxjava2-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-rxjava2-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-spring-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-spring-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-validator-provider-11-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-validator-provider-11-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-yaml-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-yaml-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el7eap.src"
},
"product_reference": "eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-tool-0:1.15.14-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.14-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-tool-0:1.15.14-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-wildfly-http-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-client-common-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-http-client-common-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-ejb-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-http-ejb-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-naming-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-http-naming-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-transaction-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-http-transaction-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk11-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk11-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk8-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk8-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-javadocs-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-modules-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-modules-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-1259",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2022-04-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-all-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-common-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.77-3.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2072339"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Undertow. A potential security issue in flow control handling by the browser over HTTP/2 may cause overhead or a denial of service in the server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: potential security issue in flow control over HTTP/2 may lead to DOS(incomplete fix for CVE-2021-3629)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw occurs because of an incomplete fix for CVE-2021-3629.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-all-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-common-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.77-3.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-1259"
},
{
"category": "external",
"summary": "RHBZ#2072339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072339"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-1259",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1259"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1259",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1259"
}
],
"release_date": "2022-04-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-05T16:36:05+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied. For details about how to apply this update, see: https://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6821"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-all-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-common-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.77-3.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undertow: potential security issue in flow control over HTTP/2 may lead to DOS(incomplete fix for CVE-2021-3629)"
},
{
"cve": "CVE-2022-2053",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2022-06-10T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-all-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-common-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.77-3.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2095862"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Undertow. AJP requests to the server may allow an attacker to send a malicious request and trigger server errors, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: Large AJP request may cause DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Fuse 7 is now in Maintenance Support Phase and is marked Fixed. However, Red Hat Fuse Online does not contain the fix for this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-all-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-common-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.77-3.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-2053"
},
{
"category": "external",
"summary": "RHBZ#2095862",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095862"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-2053",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2053"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-2053",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2053"
}
],
"release_date": "2022-06-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-05T16:36:05+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied. For details about how to apply this update, see: https://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6821"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-all-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-common-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.77-3.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undertow: Large AJP request may cause DoS"
},
{
"cve": "CVE-2022-25857",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-09-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-all-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-common-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.77-3.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2126789"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Denial of Service due to missing nested depth limitation for collections",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For RHEL-8 it\u0027s downgraded to moderate because \"snakeyaml\" itself in RHEL 8 or RHEL-9 isn\u0027t shipped and \"prometheus-jmx-exporter\" is needed as build dependency. And it\u0027s not directly exploitable, hence severity marked as moderate.\nRed Hat Integration and AMQ products are not vulnerable to this flaw, so their severity has been lowered to moderate.\nRed Hat Single Sign-On uses snakeyaml from liquibase-core and is only used when performing migrations and would require administrator privileges to execute, hence severity marked as Low.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be present soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-all-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-common-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.77-3.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25857"
},
{
"category": "external",
"summary": "RHBZ#2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25857",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25857"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857"
},
{
"category": "external",
"summary": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525",
"url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525"
}
],
"release_date": "2022-08-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-05T16:36:05+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied. For details about how to apply this update, see: https://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6821"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-10.redhat_00045.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-10.redhat_00045.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-glassfish-jsf-0:2.3.14-5.SP06_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-0:5.3.28-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.28-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.3-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.3-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.45-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-20.Final_redhat_00019.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-20.Final_redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-vfs-0:3.2.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.77-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-all-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-common-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-tcnative-0:2.0.52-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.77-3.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.77-3.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.77-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.31.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.19-1.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.7-3.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.13-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.7-3.GA_redhat_00003.1.el7eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "snakeyaml: Denial of Service due to missing nested depth limitation for collections"
}
]
}
RHSA-2023:1043
Vulnerability from csaf_redhat - Published: 2023-03-01 22:02 - Updated: 2026-04-01 18:42Summary
Red Hat Security Advisory: Red Hat Single Sign-On 7.6.2 security update on RHEL 7
Severity
Important
Notes
Topic: New Red Hat Single Sign-On 7.6.2 packages are now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.
This release of Red Hat Single Sign-On 7.6.2 on RHEL 7 serves as a replacement for Red Hat Single Sign-On 7.6.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* keycloak: XSS on impersonation under specific circumstances (CVE-2022-1438)
* Moment.js: Path traversal in moment.locale (CVE-2022-24785)
* keycloak: missing email notification template allowlist (CVE-2022-1274)
* keycloak: minimist: prototype pollution (CVE-2021-44906)
* moment: inefficient parsing algorithm resulting in DoS (CVE-2022-31129)
* undertow: DoS can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations (CVE-2022-2764)
* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)
* loader-utils: loader-utils:Regular expression denial of service (CVE-2022-37603)
* keycloak: Session takeover with OIDC offline refreshtokens (CVE-2022-3916)
* keycloak: path traversal via double URL encoding (CVE-2022-3782)
* snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode (CVE-2022-38749)
* snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match (CVE-2022-38751)
* snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject (CVE-2022-38750)
* keycloak: Client Registration endpoint does not check token revocation (CVE-2023-0091)
* keycloak: glob-parent: Regular Expression Denial of Service (CVE-2021-35065)
* json5: Prototype Pollution in JSON5 via Parse Method (CVE-2022-46175)
* keycloak: keycloak: user impersonation via stolen uuid code (CVE-2023-0264)
* snakeyaml: Constructor Deserialization Remote Code Execution (CVE-2022-1471)
* CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364)
* rcue-bootstrap: bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip (CVE-2018-14042)
* jettison: If the value in map is the map's self, the new new JSONObject(map) cause StackOverflowError which may lead to dos (CVE-2022-45693)
* sshd-common: mina-sshd: Java unsafe deserialization vulnerability (CVE-2022-45047)
* jettison: memory exhaustion via user-supplied XML or JSON data (CVE-2022-40150)
* jettison: parser crash by stackoverflow (CVE-2022-40149)
* jackson-databind: use of deeply nested arrays (CVE-2022-42004)
* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)
* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)
* jquery: Passing HTML containing <option> elements to manipulation methods could result in untrusted code execution (CVE-2020-11023)
* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)
* jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358)
* CXF: Apache CXF: directory listing / code exfiltration (CVE-2022-46363)
* keycloak: reflected XSS attack (CVE-2022-4137)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.
6.1 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1043
In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.
6.1 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1043
A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.
5.6 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1043
A Cross-site scripting (XSS) vulnerability exists in JQuery. This flaw allows an attacker with the ability to supply input to the ‘HTML’ function to inject Javascript into the page where that input is rendered, and have it delivered by the browser.
6.1 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1043
A flaw was found in jQuery. HTML containing \<option\> elements from untrusted sources are passed, even after sanitizing, to one of jQuery's DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.
6.1 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1043
Workaround
Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.
A vulnerability was found in the glob-parent package. Affected versions of this package are vulnerable to Regular expression Denial of Service (ReDoS) attacks, affecting system availability.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1043
An Uncontrolled Resource Consumption flaw was found in minimist. The original fix for CVE-2020-7598 was incomplete as it was still possible to bypass in some cases. This flaw (CVE-2021-44906) allows an attacker to trick the library into adding or modifying the properties of Object.prototype, using a constructor or __proto__ payload, resulting in prototype pollution and loss of confidentiality, availability, and integrity.
CWE-1321 - Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1043
A flaw was found in Keycloak in the execute-actions-email endpoint. This issue allows arbitrary HTML to be injected into emails sent to Keycloak users and can be misused to perform phishing or other attacks against users.
7.6 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1043
A flaw was found in Keycloak. Under specific circumstances, HTML entities are not sanitized during user impersonation, resulting in a Cross-site scripting (XSS) vulnerability.
6.4 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1043
A flaw was found in the SnakeYaml package. This flaw allows an attacker to benefit from remote code execution by sending malicious YAML content and this content being deserialized by the constructor. Deserialization is unsafe and leads to Remote Code Execution (RCE).
9.8 (Critical)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1043
A flaw was found in Undertow with EJB invocations. This flaw allows an attacker to generate a valid HTTP request and send it to the server on an established connection after removing the LAST_CHUNK from the bytes, causing a denial of service.
4.2 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1043
A flaw was found in the offline_access scope in Keycloak. This issue would affect users of shared computers more (especially if cookies are not cleared), due to a lack of root session validation, and the reuse of session ids across root and user authentication sessions. This enables an attacker to resolve a user session attached to a previously authenticated user; when utilizing the refresh token, they will be issued a token for the original user.
6.8 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1043
A reflected cross-site scripting (XSS) vulnerability was found in the 'oob' OAuth endpoint due to incorrect null-byte handling. This issue allows a malicious link to insert an arbitrary URI into a Keycloak error page. This flaw requires a user or administrator to interact with a link in order to be vulnerable. This may compromise user details, allowing it to be changed or collected by an attacker.
8.1 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1043
A path traversal vulnerability was found in Moment.js that impacts npm (server) users. This issue occurs if a user-provided locale string is directly used to switch moment locale, which an attacker can exploit to change the correct path to one of their choice. This can result in a loss of integrity.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1043
Workaround
Sanitize the user-provided locale name before passing it to Moment.js.
A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1043
A flaw was found in the Moment.js package. Users who pass user-provided strings without sanity length checks to the moment constructor are vulnerable to regular expression denial of service (ReDoS) attacks.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1043
A flaw was found in loader-utils webpack library. When the url variable from interpolateName is set, the prototype can be polluted. This issue could lead to a regular expression Denial of Service (ReDoS), affecting the availability of the affected component.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1043
A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash, resulting in a denial of service.
6.5 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1043
A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.
5.5 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1043
A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.
6.5 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1043
A stack-based buffer overflow vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. This flaw allows an attacker to supply content that causes the parser to crash by writing outside the memory bounds if the parser is running on user-supplied input, resulting in a denial of service attack.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1043
A vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. If the parser is running on user-supplied input, an attacker may supply content that causes the parser to crash, causing memory exhaustion. This effect may support a denial of service attack.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1043
A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1043
A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1043
A flaw was found in Apache MINA SSHD, when using Java deserialization to load a serialized java.security.PrivateKey. An attacker could benefit from unsafe deserialization by inserting unsecured data that may affect the application or server.
9.8 (Critical)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1043
Workaround
From the maintainer:
For Apache MINA SSHD <= 2.9.1, do not use org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to generate and later load your server's host key. Use separately generated host key files, for instance in OpenSSH format, and load them via a org.apache.sshd.common.keyprovider.FileKeyPairProvider instead. Or use a custom implementation instead of
SimpleGeneratorHostKeyProvider that uses the OpenSSH format for storing and loading the host key (via classes OpenSSHKeyPairResourceWriter and OpenSSHKeyPairResourceParser).
A flaw was found in Jettison, where it is vulnerable to a denial of service caused by a stack-based buffer overflow. By sending a specially-crafted request using the map parameter, a remote attacker can cause a denial of service.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1043
A flaw was found in the json5 package. The affected version of the json5 package could allow an attacker to set arbitrary and unexpected keys on the object returned from JSON5.parse.
8.8 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1043
A vulnerability was found in Apache CXF that could allow an attacker to perform a remote directory listing or code exfiltration. This issue only applies when the CXFServlet is configured with both the static-resources-list and redirect-query-check attributes. These attributes are not supposed to be used together, so the issue can only occur if the CXF service is misconfigured.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1043
A SSRF vulnerability was found in Apache CXF. This issue occurs when parsing the href attribute of XOP:Include in MTOM requests, allowing an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type.
9.8 (Critical)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1043
A flaw was found in Keycloak, where it did not properly check client tokens for possible revocation in its client credential flow. This flaw allows an attacker to access or modify potentially sensitive information.
CWE-20 - Improper Input Validation
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1043
A flaw was found in Keycloak's OpenID Connect user authentication, which may incorrectly authenticate requests. An authenticated attacker who could obtain information from a user request within the same realm could use that data to impersonate the victim and generate new session tokens. This issue could impact confidentiality, Integrity, and availability.
4.6 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2023:1043
References
| URL | Category | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Acknowledgments
usd AG
Marcus Nilsson
SISOFT s.c.
Grzegorz Tworek
Trifork
Peter Flintholm
https://github.com/souravs17031999
Sourav Kumar
A1 Digital
Jordi Zayuelas i Muñoz
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "New Red Hat Single Sign-On 7.6.2 packages are now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.\n\nThis release of Red Hat Single Sign-On 7.6.2 on RHEL 7 serves as a replacement for Red Hat Single Sign-On 7.6.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* keycloak: XSS on impersonation under specific circumstances (CVE-2022-1438)\n* Moment.js: Path traversal in moment.locale (CVE-2022-24785)\n* keycloak: missing email notification template allowlist (CVE-2022-1274)\n* keycloak: minimist: prototype pollution (CVE-2021-44906)\n* moment: inefficient parsing algorithm resulting in DoS (CVE-2022-31129)\n* undertow: DoS can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations (CVE-2022-2764)\n* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)\n* loader-utils: loader-utils:Regular expression denial of service (CVE-2022-37603)\n* keycloak: Session takeover with OIDC offline refreshtokens (CVE-2022-3916)\n* keycloak: path traversal via double URL encoding (CVE-2022-3782)\n* snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode (CVE-2022-38749)\n* snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match (CVE-2022-38751)\n* snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject (CVE-2022-38750)\n* keycloak: Client Registration endpoint does not check token revocation (CVE-2023-0091)\n* keycloak: glob-parent: Regular Expression Denial of Service (CVE-2021-35065)\n* json5: Prototype Pollution in JSON5 via Parse Method (CVE-2022-46175)\n* keycloak: keycloak: user impersonation via stolen uuid code (CVE-2023-0264)\n* snakeyaml: Constructor Deserialization Remote Code Execution (CVE-2022-1471)\n* CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364)\n* rcue-bootstrap: bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip (CVE-2018-14042)\n* jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos (CVE-2022-45693)\n* sshd-common: mina-sshd: Java unsafe deserialization vulnerability (CVE-2022-45047)\n* jettison: memory exhaustion via user-supplied XML or JSON data (CVE-2022-40150)\n* jettison: parser crash by stackoverflow (CVE-2022-40149)\n* jackson-databind: use of deeply nested arrays (CVE-2022-42004)\n* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)\n* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)\n* jquery: Passing HTML containing \u003coption\u003e elements to manipulation methods could result in untrusted code execution (CVE-2020-11023)\n* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)\n* jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358)\n* CXF: Apache CXF: directory listing / code exfiltration (CVE-2022-46363)\n* keycloak: reflected XSS attack (CVE-2022-4137)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:1043",
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "2031904",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031904"
},
{
"category": "external",
"summary": "2066009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066009"
},
{
"category": "external",
"summary": "2072009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072009"
},
{
"category": "external",
"summary": "2073157",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073157"
},
{
"category": "external",
"summary": "2105075",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105075"
},
{
"category": "external",
"summary": "2117506",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2117506"
},
{
"category": "external",
"summary": "2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "2129706",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129706"
},
{
"category": "external",
"summary": "2129707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129707"
},
{
"category": "external",
"summary": "2129709",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129709"
},
{
"category": "external",
"summary": "2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "2135770",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770"
},
{
"category": "external",
"summary": "2135771",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771"
},
{
"category": "external",
"summary": "2138971",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2138971"
},
{
"category": "external",
"summary": "2140597",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140597"
},
{
"category": "external",
"summary": "2141404",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2141404"
},
{
"category": "external",
"summary": "2145194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
},
{
"category": "external",
"summary": "2148496",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2148496"
},
{
"category": "external",
"summary": "2150009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150009"
},
{
"category": "external",
"summary": "2155681",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155681"
},
{
"category": "external",
"summary": "2155682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155682"
},
{
"category": "external",
"summary": "2155970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155970"
},
{
"category": "external",
"summary": "2156263",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156263"
},
{
"category": "external",
"summary": "2156324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156324"
},
{
"category": "external",
"summary": "2158585",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2158585"
},
{
"category": "external",
"summary": "2160585",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2160585"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_1043.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Single Sign-On 7.6.2 security update on RHEL 7",
"tracking": {
"current_release_date": "2026-04-01T18:42:56+00:00",
"generator": {
"date": "2026-04-01T18:42:56+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.4"
}
},
"id": "RHSA-2023:1043",
"initial_release_date": "2023-03-01T22:02:40+00:00",
"revision_history": [
{
"date": "2023-03-01T22:02:40+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-03-01T22:02:40+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-01T18:42:56+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Single Sign-On 7.6 for RHEL 7 Server",
"product": {
"name": "Red Hat Single Sign-On 7.6 for RHEL 7 Server",
"product_id": "7Server-RHSSO-7.6",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:red_hat_single_sign_on:7.6::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat Single Sign-On"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"product": {
"name": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"product_id": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7-keycloak@18.0.6-1.redhat_00001.1.el7sso?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"product": {
"name": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"product_id": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7-keycloak@18.0.6-1.redhat_00001.1.el7sso?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"product": {
"name": "rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"product_id": "rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7-keycloak-server@18.0.6-1.redhat_00001.1.el7sso?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch as a component of Red Hat Single Sign-On 7.6 for RHEL 7 Server",
"product_id": "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
},
"product_reference": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"relates_to_product_reference": "7Server-RHSSO-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src as a component of Red Hat Single Sign-On 7.6 for RHEL 7 Server",
"product_id": "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src"
},
"product_reference": "rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"relates_to_product_reference": "7Server-RHSSO-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch as a component of Red Hat Single Sign-On 7.6 for RHEL 7 Server",
"product_id": "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
},
"product_reference": "rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"relates_to_product_reference": "7Server-RHSSO-7.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-14040",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601614"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14040"
},
{
"category": "external",
"summary": "RHBZ#1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14040",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14040"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute"
},
{
"cve": "CVE-2018-14042",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601617"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14042"
},
{
"category": "external",
"summary": "RHBZ#1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14042",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14042"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip"
},
{
"cve": "CVE-2019-11358",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-03-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1701972"
}
],
"notes": [
{
"category": "description",
"text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-11358"
},
{
"category": "external",
"summary": "RHBZ#1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/",
"url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"
},
{
"category": "external",
"summary": "https://www.drupal.org/sa-core-2019-006",
"url": "https://www.drupal.org/sa-core-2019-006"
}
],
"release_date": "2019-03-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection"
},
{
"cve": "CVE-2020-11022",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-04-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1828406"
}
],
"notes": [
{
"category": "description",
"text": "A Cross-site scripting (XSS) vulnerability exists in JQuery. This flaw allows an attacker with the ability to supply input to the \u2018HTML\u2019 function to inject Javascript into the page where that input is rendered, and have it delivered by the browser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "No supported release of Red Hat OpenStack Platform is affected by this vulnerability as no shipped packages contain the vulnerable code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11022"
},
{
"category": "external",
"summary": "RHBZ#1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11022",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2",
"url": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2"
}
],
"release_date": "2020-04-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method"
},
{
"cve": "CVE-2020-11023",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-06-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1850004"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jQuery. HTML containing \\\u003coption\\\u003e elements from untrusted sources are passed, even after sanitizing, to one of jQuery\u0027s DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux versions 6, 7, and 8 ship a vulnerable version of JQuery in the `pcs` component. As PCS does not accept untrusted input, the vulnerable code cannot be controlled by an attacker.\n\nMultiple Red Hat offerings use doxygen to build documentation. During this process an affected jquery.js file can be included in the resulting package. The \u0027gcc\u0027 and \u0027tbb\u0027 packages were potentially vulnerable via this method.\n\nOpenShift Container Platform 4 is not affected because even though it uses the \u0027gcc\u0027 component, vulnerable code is limited within the libstdc++-docs rpm package, which is not shipped.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11023"
},
{
"category": "external",
"summary": "RHBZ#1850004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/",
"url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2020-04-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2025-01-23T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods"
},
{
"cve": "CVE-2021-35065",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-12-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2156324"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the glob-parent package. Affected versions of this package are vulnerable to Regular expression Denial of Service (ReDoS) attacks, affecting system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "glob-parent: Regular Expression Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The glob-parent package is a transitive dependency and this is not used directly in any of the Red Hat products. Hence, the impact is reduced to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-35065"
},
{
"category": "external",
"summary": "RHBZ#2156324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156324"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-35065",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35065"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-35065",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-35065"
},
{
"category": "external",
"summary": "https://security.snyk.io/vuln/SNYK-JS-GLOBPARENT-1314294",
"url": "https://security.snyk.io/vuln/SNYK-JS-GLOBPARENT-1314294"
}
],
"release_date": "2022-12-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "glob-parent: Regular Expression Denial of Service"
},
{
"cve": "CVE-2021-44906",
"cwe": {
"id": "CWE-1321",
"name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
},
"discovery_date": "2022-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2066009"
}
],
"notes": [
{
"category": "description",
"text": "An Uncontrolled Resource Consumption flaw was found in minimist. The original fix for CVE-2020-7598 was incomplete as it was still possible to bypass in some cases. This flaw (CVE-2021-44906) allows an attacker to trick the library into adding or modifying the properties of Object.prototype, using a constructor or __proto__ payload, resulting in prototype pollution and loss of confidentiality, availability, and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "minimist: prototype pollution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "As minimist is an argument parsing module for nodejs, exploitation of this vulnerability requires an attacker to influence which arguments are passed to nodejs when running a script. Red Hat products and services are designed in such a way that gaining this ability is not trivial. Additionally, the impact is limited by only enabling the pollution of functions, and not all generic objects.\n\nWithin Red Hat Satellite 6 this flaw has been rated as having a security impact of Low. It is not currently planned to be addressed there, as the minimist library is only included in the -doc subpackage and is part of test fixtures that are not in the execution path used by the rabl gem.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44906"
},
{
"category": "external",
"summary": "RHBZ#2066009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44906",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44906"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44906",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44906"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-xvch-5gv4-984h",
"url": "https://github.com/advisories/GHSA-xvch-5gv4-984h"
}
],
"release_date": "2022-03-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "minimist: prototype pollution"
},
{
"acknowledgments": [
{
"names": [
"Marcus Nilsson"
],
"organization": "usd AG"
}
],
"cve": "CVE-2022-1274",
"cwe": {
"id": "CWE-80",
"name": "Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)"
},
"discovery_date": "2022-04-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2073157"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Keycloak in the execute-actions-email endpoint. This issue allows arbitrary HTML to be injected into emails sent to Keycloak users and can be misused to perform phishing or other attacks against users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: HTML injection in execute-actions-email Admin REST API",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-1274"
},
{
"category": "external",
"summary": "RHBZ#2073157",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073157"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-1274",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1274"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1274",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1274"
},
{
"category": "external",
"summary": "https://github.com/keycloak/keycloak/security/advisories/GHSA-m4fv-gm5m-4725",
"url": "https://github.com/keycloak/keycloak/security/advisories/GHSA-m4fv-gm5m-4725"
}
],
"release_date": "2023-02-28T18:57:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "keycloak: HTML injection in execute-actions-email Admin REST API"
},
{
"acknowledgments": [
{
"names": [
"Grzegorz Tworek"
],
"organization": "SISOFT s.c."
}
],
"cve": "CVE-2022-1438",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2021-12-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2031904"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Keycloak. Under specific circumstances, HTML entities are not sanitized during user impersonation, resulting in a Cross-site scripting (XSS) vulnerability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: XSS on impersonation under specific circumstances",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-1438"
},
{
"category": "external",
"summary": "RHBZ#2031904",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031904"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-1438",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1438"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1438",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1438"
}
],
"release_date": "2023-02-28T18:56:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "keycloak: XSS on impersonation under specific circumstances"
},
{
"cve": "CVE-2022-1471",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-12-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2150009"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the SnakeYaml package. This flaw allows an attacker to benefit from remote code execution by sending malicious YAML content and this content being deserialized by the constructor. Deserialization is unsafe and leads to Remote Code Execution (RCE).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "SnakeYaml: Constructor Deserialization Remote Code Execution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In the Red Hat Process Automation 7 (RHPAM) the untrusted, malicious YAML file for deserialization by the vulnerable Snakeyaml\u0027s SafeConstructor class must be provided intentionally by the RHPAM user which requires high privileges. The potential attack complexity is also high because it depends on conditions that are beyond the attacker\u0027s control. Due to that the impact for RHPAM is reduced to Low.\n\nRed Hat Fuse 7 does not expose by default any endpoint that passes incoming data/request into vulnerable Snakeyaml\u0027s Constructor class nor pass untrusted data to this class. When this class is used, it\u2019s still only used to parse internal configuration, hence the impact by this vulnerability to Red Hat Fuse 7 is reduced to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-1471"
},
{
"category": "external",
"summary": "RHBZ#2150009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-1471",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1471"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1471",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1471"
},
{
"category": "external",
"summary": "https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2",
"url": "https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2"
}
],
"release_date": "2022-10-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "SnakeYaml: Constructor Deserialization Remote Code Execution"
},
{
"cve": "CVE-2022-2764",
"discovery_date": "2022-08-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2117506"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Undertow with EJB invocations. This flaw allows an attacker to generate a valid HTTP request and send it to the server on an established connection after removing the LAST_CHUNK from the bytes, causing a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Undertow: DoS can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-2764"
},
{
"category": "external",
"summary": "RHBZ#2117506",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2117506"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-2764",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2764"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-2764",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2764"
}
],
"release_date": "2022-08-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "Undertow: DoS can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations"
},
{
"acknowledgments": [
{
"names": [
"Peter Flintholm"
],
"organization": "Trifork"
}
],
"cve": "CVE-2022-3916",
"cwe": {
"id": "CWE-384",
"name": "Session Fixation"
},
"discovery_date": "2022-11-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2141404"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the offline_access scope in Keycloak. This issue would affect users of shared computers more (especially if cookies are not cleared), due to a lack of root session validation, and the reuse of session ids across root and user authentication sessions. This enables an attacker to resolve a user session attached to a previously authenticated user; when utilizing the refresh token, they will be issued a token for the original user.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: Session takeover with OIDC offline refreshtokens",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3916"
},
{
"category": "external",
"summary": "RHBZ#2141404",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2141404"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3916",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3916"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3916",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3916"
}
],
"release_date": "2022-11-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "keycloak: Session takeover with OIDC offline refreshtokens"
},
{
"cve": "CVE-2022-4137",
"cwe": {
"id": "CWE-81",
"name": "Improper Neutralization of Script in an Error Message Web Page"
},
"discovery_date": "2022-11-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2148496"
}
],
"notes": [
{
"category": "description",
"text": "A reflected cross-site scripting (XSS) vulnerability was found in the \u0027oob\u0027 OAuth endpoint due to incorrect null-byte handling. This issue allows a malicious link to insert an arbitrary URI into a Keycloak error page. This flaw requires a user or administrator to interact with a link in order to be vulnerable. This may compromise user details, allowing it to be changed or collected by an attacker.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: reflected XSS attack",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-4137"
},
{
"category": "external",
"summary": "RHBZ#2148496",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2148496"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-4137",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4137"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-4137",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4137"
}
],
"release_date": "2023-03-01T13:56:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "keycloak: reflected XSS attack"
},
{
"cve": "CVE-2022-24785",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2022-04-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2072009"
}
],
"notes": [
{
"category": "description",
"text": "A path traversal vulnerability was found in Moment.js that impacts npm (server) users. This issue occurs if a user-provided locale string is directly used to switch moment locale, which an attacker can exploit to change the correct path to one of their choice. This can result in a loss of integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Moment.js: Path traversal in moment.locale",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In Quay 3.10 and above, no version of affected momentjs is present.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-24785"
},
{
"category": "external",
"summary": "RHBZ#2072009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-24785",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24785"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24785",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24785"
},
{
"category": "external",
"summary": "https://github.com/moment/moment/security/advisories/GHSA-8hfj-j24r-96c4",
"url": "https://github.com/moment/moment/security/advisories/GHSA-8hfj-j24r-96c4"
}
],
"release_date": "2022-04-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
},
{
"category": "workaround",
"details": "Sanitize the user-provided locale name before passing it to Moment.js.",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Moment.js: Path traversal in moment.locale"
},
{
"cve": "CVE-2022-25857",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-09-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2126789"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Denial of Service due to missing nested depth limitation for collections",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For RHEL-8 it\u0027s downgraded to moderate because \"snakeyaml\" itself in RHEL 8 or RHEL-9 isn\u0027t shipped and \"prometheus-jmx-exporter\" is needed as build dependency. And it\u0027s not directly exploitable, hence severity marked as moderate.\nRed Hat Integration and AMQ products are not vulnerable to this flaw, so their severity has been lowered to moderate.\nRed Hat Single Sign-On uses snakeyaml from liquibase-core and is only used when performing migrations and would require administrator privileges to execute, hence severity marked as Low.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be present soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25857"
},
{
"category": "external",
"summary": "RHBZ#2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25857",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25857"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857"
},
{
"category": "external",
"summary": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525",
"url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525"
}
],
"release_date": "2022-08-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "snakeyaml: Denial of Service due to missing nested depth limitation for collections"
},
{
"cve": "CVE-2022-31129",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-07-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2105075"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Moment.js package. Users who pass user-provided strings without sanity length checks to the moment constructor are vulnerable to regular expression denial of service (ReDoS) attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "moment: inefficient parsing algorithm resulting in DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Fuse provides the affected software but does not use the functionality and as such its impact has been downgraded to Low.\n\nRed Hat Advanced Cluster Management for Kubernetes (RHACM) ships a vulnerable version of the moment library. However, this affected functionality is restricted behind OAuth, reducing the impact to Moderate.\n\nRed Hat Satellite ships a vulnerable version of the moment library. However, this only affects a specific component (qpid-dispatch), reducing the impact to Moderate.\n\nRed Hat Ceph Storage (RHCS) ships a vulnerable version of the moment library, however, it is not directly used and is a transitive dependency from Angular. In addition, the impact would only be to the grafana browser, and not the underlying RHCS system, which reduces the impact to Moderate. \n\nRed Hat OpenShift Service Mesh (OSSM) ships a vulnerable version of the moment library, however, it is not directly used, and as such, the impact has been lowered to Moderate.\n\nRed Hat OpenShift distributed tracing ships a vulnerable version of the moment library, however, it is not directly used, and as such, the impact has been lowered to Moderate.\n\nIn Logging Subsystem for Red Hat OpenShift the vulnerable moment nodejs package is bundled in the ose-logging-kibana6 container as a transitive dependency, hence the direct impact is reduced to Moderate.\n\nIn OpenShift Container Platform 4 the vulnerabile moment package is a third party dependency, hence the direct impact is reduced to Moderate.\n\nIn Quay IO 3.10 and above, no version of affected momentjs is present.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-31129"
},
{
"category": "external",
"summary": "RHBZ#2105075",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105075"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-31129",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31129"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-31129",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-31129"
},
{
"category": "external",
"summary": "https://github.com/moment/moment/security/advisories/GHSA-wc69-rhjr-hc9g",
"url": "https://github.com/moment/moment/security/advisories/GHSA-wc69-rhjr-hc9g"
}
],
"release_date": "2022-07-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "moment: inefficient parsing algorithm resulting in DoS"
},
{
"cve": "CVE-2022-37603",
"cwe": {
"id": "CWE-185",
"name": "Incorrect Regular Expression"
},
"discovery_date": "2022-11-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2140597"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in loader-utils webpack library. When the url variable from interpolateName is set, the prototype can be polluted. This issue could lead to a regular expression Denial of Service (ReDoS), affecting the availability of the affected component.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "loader-utils: Regular expression denial of service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-37603"
},
{
"category": "external",
"summary": "RHBZ#2140597",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140597"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-37603",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37603"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-37603",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-37603"
}
],
"release_date": "2022-10-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "loader-utils: Regular expression denial of service"
},
{
"cve": "CVE-2022-38749",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129706"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38749"
},
{
"category": "external",
"summary": "RHBZ#2129706",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129706"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38749",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38749"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38749",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38749"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode"
},
{
"cve": "CVE-2022-38750",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129707"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38750"
},
{
"category": "external",
"summary": "RHBZ#2129707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129707"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38750",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38750"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38750",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38750"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject"
},
{
"cve": "CVE-2022-38751",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129709"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38751"
},
{
"category": "external",
"summary": "RHBZ#2129709",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129709"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38751",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38751"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38751",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38751"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match"
},
{
"cve": "CVE-2022-40149",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-10-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135771"
}
],
"notes": [
{
"category": "description",
"text": "A stack-based buffer overflow vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. This flaw allows an attacker to supply content that causes the parser to crash by writing outside the memory bounds if the parser is running on user-supplied input, resulting in a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: parser crash by stackoverflow",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40149"
},
{
"category": "external",
"summary": "RHBZ#2135771",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40149",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40149"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149"
},
{
"category": "external",
"summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1",
"url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1"
}
],
"release_date": "2022-09-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jettison: parser crash by stackoverflow"
},
{
"cve": "CVE-2022-40150",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-10-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135770"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. If the parser is running on user-supplied input, an attacker may supply content that causes the parser to crash, causing memory exhaustion. This effect may support a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: memory exhaustion via user-supplied XML or JSON data",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40150"
},
{
"category": "external",
"summary": "RHBZ#2135770",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40150",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40150"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150"
},
{
"category": "external",
"summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1",
"url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1"
}
],
"release_date": "2022-09-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jettison: memory exhaustion via user-supplied XML or JSON data"
},
{
"cve": "CVE-2022-42003",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135244"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42003"
},
{
"category": "external",
"summary": "RHBZ#2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42003",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS"
},
{
"cve": "CVE-2022-42004",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135247"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: use of deeply nested arrays",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42004"
},
{
"category": "external",
"summary": "RHBZ#2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42004",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: use of deeply nested arrays"
},
{
"cve": "CVE-2022-45047",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-11-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2145194"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache MINA SSHD, when using Java deserialization to load a serialized java.security.PrivateKey. An attacker could benefit from unsafe deserialization by inserting unsecured data that may affect the application or server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mina-sshd: Java unsafe deserialization vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Impact as High as there\u0027s a mitigation for minimizing the impact which the flaw requires org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to be impacted, which would require an external/public API for an attacker to benefit from it. \n\nRed Hat Fuse 7 and Red Hat JBoss Enterprise Application Platform 7 have a lower rate (moderate) as it\u0027s very unlikely to be exploited since those are for internal usage or use a custom implementation in their case.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45047"
},
{
"category": "external",
"summary": "RHBZ#2145194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45047",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45047"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047"
},
{
"category": "external",
"summary": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html",
"url": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html"
}
],
"release_date": "2022-11-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
},
{
"category": "workaround",
"details": "From the maintainer:\n\nFor Apache MINA SSHD \u003c= 2.9.1, do not use org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to generate and later load your server\u0027s host key. Use separately generated host key files, for instance in OpenSSH format, and load them via a org.apache.sshd.common.keyprovider.FileKeyPairProvider instead. Or use a custom implementation instead of \nSimpleGeneratorHostKeyProvider that uses the OpenSSH format for storing and loading the host key (via classes OpenSSHKeyPairResourceWriter and OpenSSHKeyPairResourceParser).",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "mina-sshd: Java unsafe deserialization vulnerability"
},
{
"cve": "CVE-2022-45693",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-12-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155970"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jettison, where it is vulnerable to a denial of service caused by a stack-based buffer overflow. By sending a specially-crafted request using the map parameter, a remote attacker can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat has determined the impact of this flaw to be Moderate; a successful attack using this flaw would require the processing of untrusted, unsanitized, or unrestricted user inputs, which runs counter to established Red Hat security practices.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45693"
},
{
"category": "external",
"summary": "RHBZ#2155970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155970"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45693",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45693"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45693",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45693"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos"
},
{
"cve": "CVE-2022-46175",
"cwe": {
"id": "CWE-1321",
"name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
},
"discovery_date": "2022-12-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2156263"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the json5 package. The affected version of the json5 package could allow an attacker to set arbitrary and unexpected keys on the object returned from JSON5.parse.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "json5: Prototype Pollution in JSON5 via Parse Method",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The json5 package is a build-time dependency in Red Hat products and is not used in production runtime. Hence, the impact is set to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-46175"
},
{
"category": "external",
"summary": "RHBZ#2156263",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156263"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-46175",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46175"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46175",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46175"
},
{
"category": "external",
"summary": "https://github.com/json5/json5/security/advisories/GHSA-9c47-m6qq-7p4h",
"url": "https://github.com/json5/json5/security/advisories/GHSA-9c47-m6qq-7p4h"
}
],
"release_date": "2022-12-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "json5: Prototype Pollution in JSON5 via Parse Method"
},
{
"cve": "CVE-2022-46363",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2022-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155681"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Apache CXF that could allow an attacker to perform a remote directory listing or code exfiltration. This issue only applies when the CXFServlet is configured with both the static-resources-list and redirect-query-check attributes. These attributes are not supposed to be used together, so the issue can only occur if the CXF service is misconfigured.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "CXF: directory listing / code exfiltration",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-46363"
},
{
"category": "external",
"summary": "RHBZ#2155681",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155681"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-46363",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46363"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46363",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46363"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/pdzo1qgyplf4y523tnnzrcm7hoco3l8c",
"url": "https://lists.apache.org/thread/pdzo1qgyplf4y523tnnzrcm7hoco3l8c"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "CXF: directory listing / code exfiltration"
},
{
"cve": "CVE-2022-46364",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2022-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155682"
}
],
"notes": [
{
"category": "description",
"text": "A SSRF vulnerability was found in Apache CXF. This issue occurs when parsing the href attribute of XOP:Include in MTOM requests, allowing an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "CXF: SSRF Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Integration Camel Quarkus does not support CXF extensions and so is affected at a reduced impact of Moderate.\nThe RHSSO server does not ship Apache CXF. The component mentioned in CVE-2022-46364 is a transitive dependency coming from Fuse adapters and the test suite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-46364"
},
{
"category": "external",
"summary": "RHBZ#2155682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155682"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-46364",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46364"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46364",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46364"
},
{
"category": "external",
"summary": "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1\u0026modificationDate=1670944472739\u0026api=v2",
"url": "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1\u0026modificationDate=1670944472739\u0026api=v2"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "CXF: SSRF Vulnerability"
},
{
"acknowledgments": [
{
"names": [
"Sourav Kumar"
],
"organization": "https://github.com/souravs17031999",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2023-0091",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2022-10-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2158585"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Keycloak, where it did not properly check client tokens for possible revocation in its client credential flow. This flaw allows an attacker to access or modify potentially sensitive information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: Client Registration endpoint does not check token revocation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-0091"
},
{
"category": "external",
"summary": "RHBZ#2158585",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2158585"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-0091",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0091"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0091",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0091"
},
{
"category": "external",
"summary": "https://github.com/keycloak/keycloak/security/advisories/GHSA-v436-q368-hvgg",
"url": "https://github.com/keycloak/keycloak/security/advisories/GHSA-v436-q368-hvgg"
},
{
"category": "external",
"summary": "https://github.com/keycloak/security/issues/27",
"url": "https://github.com/keycloak/security/issues/27"
}
],
"release_date": "2022-10-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "keycloak: Client Registration endpoint does not check token revocation"
},
{
"acknowledgments": [
{
"names": [
"Jordi Zayuelas i Mu\u00f1oz"
],
"organization": "A1 Digital",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2023-0264",
"cwe": {
"id": "CWE-303",
"name": "Incorrect Implementation of Authentication Algorithm"
},
"discovery_date": "2023-01-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2160585"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Keycloak\u0027s OpenID Connect user authentication, which may incorrectly authenticate requests. An authenticated attacker who could obtain information from a user request within the same realm could use that data to impersonate the victim and generate new session tokens. This issue could impact confidentiality, Integrity, and availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: user impersonation via stolen uuid code",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-0264"
},
{
"category": "external",
"summary": "RHBZ#2160585",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2160585"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-0264",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0264"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0264",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0264"
}
],
"release_date": "2023-02-28T18:58:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-01T22:02:40+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.6-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "keycloak: user impersonation via stolen uuid code"
}
]
}
RHSA-2022:6757
Vulnerability from csaf_redhat - Published: 2022-10-05 14:50 - Updated: 2026-04-01 18:38Summary
Red Hat Security Advisory: Red Hat build of Eclipse Vert.x 4.3.3 security update
Severity
Important
Notes
Topic: An update is now available for Red Hat build of Eclipse Vert.x.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. For more information, see the CVE pages listed in the References section.
Details: This release of Red Hat build of Eclipse Vert.x 4.3.3 GA includes security updates. For more information, see the release notes listed in the References section.
Security Fix(es):
* graphql-java: DoS by malicious query (CVE-2022-37734)
* snakeyaml: Denial of Service due missing to nested depth limitation for collections. (CVE-2022-25857)
* snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode (CVE-2022-38749)
* snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject (CVE-2022-38750)
* snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match (CVE-2022-38751)
* snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode (CVE-2022-38752)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.
7.5 (High)
Vendor Fix
Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.
The References section of this erratum contains a download link for the update. You must be logged in to download the update.
https://access.redhat.com/errata/RHSA-2022:6757
A flaw was found in GraphQL Java. This flaw allows an attacker to use a malicious query in GraphQL to cause a denial of service due to inefficient lexer input validation.
7.5 (High)
Vendor Fix
Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.
The References section of this erratum contains a download link for the update. You must be logged in to download the update.
https://access.redhat.com/errata/RHSA-2022:6757
A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash, resulting in a denial of service.
6.5 (Medium)
Vendor Fix
Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.
The References section of this erratum contains a download link for the update. You must be logged in to download the update.
https://access.redhat.com/errata/RHSA-2022:6757
A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.
5.5 (Medium)
Vendor Fix
Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.
The References section of this erratum contains a download link for the update. You must be logged in to download the update.
https://access.redhat.com/errata/RHSA-2022:6757
A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.
6.5 (Medium)
Vendor Fix
Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.
The References section of this erratum contains a download link for the update. You must be logged in to download the update.
https://access.redhat.com/errata/RHSA-2022:6757
A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.
6.5 (Medium)
Vendor Fix
Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.
The References section of this erratum contains a download link for the update. You must be logged in to download the update.
https://access.redhat.com/errata/RHSA-2022:6757
References
| URL | Category | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat build of Eclipse Vert.x.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. For more information, see the CVE pages listed in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This release of Red Hat build of Eclipse Vert.x 4.3.3 GA includes security updates. For more information, see the release notes listed in the References section.\n\nSecurity Fix(es):\n\n* graphql-java: DoS by malicious query (CVE-2022-37734)\n\n* snakeyaml: Denial of Service due missing to nested depth limitation for collections. (CVE-2022-25857)\n\n* snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode (CVE-2022-38749)\n\n* snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject (CVE-2022-38750)\n\n* snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match (CVE-2022-38751)\n\n* snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode (CVE-2022-38752)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:6757",
"url": "https://access.redhat.com/errata/RHSA-2022:6757"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=catRhoar.eclipse.vertx\u0026version=4.3.3",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=catRhoar.eclipse.vertx\u0026version=4.3.3"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_build_of_eclipse_vert.x/4.3/html/release_notes_for_eclipse_vert.x_4.3/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_build_of_eclipse_vert.x/4.3/html/release_notes_for_eclipse_vert.x_4.3/index"
},
{
"category": "external",
"summary": "2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "2126809",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126809"
},
{
"category": "external",
"summary": "2129706",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129706"
},
{
"category": "external",
"summary": "2129707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129707"
},
{
"category": "external",
"summary": "2129709",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129709"
},
{
"category": "external",
"summary": "2129710",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129710"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_6757.json"
}
],
"title": "Red Hat Security Advisory: Red Hat build of Eclipse Vert.x 4.3.3 security update",
"tracking": {
"current_release_date": "2026-04-01T18:38:05+00:00",
"generator": {
"date": "2026-04-01T18:38:05+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.4"
}
},
"id": "RHSA-2022:6757",
"initial_release_date": "2022-10-05T14:50:01+00:00",
"revision_history": [
{
"date": "2022-10-05T14:50:01+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-10-05T14:50:01+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-01T18:38:05+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat build of Eclipse Vert.x 4.3.3",
"product": {
"name": "Red Hat build of Eclipse Vert.x 4.3.3",
"product_id": "Red Hat build of Eclipse Vert.x 4.3.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_application_runtimes:1.0"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Application Runtimes"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-25857",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-09-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2126789"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Denial of Service due to missing nested depth limitation for collections",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For RHEL-8 it\u0027s downgraded to moderate because \"snakeyaml\" itself in RHEL 8 or RHEL-9 isn\u0027t shipped and \"prometheus-jmx-exporter\" is needed as build dependency. And it\u0027s not directly exploitable, hence severity marked as moderate.\nRed Hat Integration and AMQ products are not vulnerable to this flaw, so their severity has been lowered to moderate.\nRed Hat Single Sign-On uses snakeyaml from liquibase-core and is only used when performing migrations and would require administrator privileges to execute, hence severity marked as Low.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be present soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Eclipse Vert.x 4.3.3"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25857"
},
{
"category": "external",
"summary": "RHBZ#2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25857",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25857"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857"
},
{
"category": "external",
"summary": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525",
"url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525"
}
],
"release_date": "2022-08-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-05T14:50:01+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Red Hat build of Eclipse Vert.x 4.3.3"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6757"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Eclipse Vert.x 4.3.3"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "snakeyaml: Denial of Service due to missing nested depth limitation for collections"
},
{
"cve": "CVE-2022-37734",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2022-09-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2126809"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GraphQL Java. This flaw allows an attacker to use a malicious query in GraphQL to cause a denial of service due to inefficient lexer input validation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "graphql-java: DoS by malicious query",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Eclipse Vert.x 4.3.3"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-37734"
},
{
"category": "external",
"summary": "RHBZ#2126809",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126809"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-37734",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37734"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-37734",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-37734"
}
],
"release_date": "2022-09-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-05T14:50:01+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Red Hat build of Eclipse Vert.x 4.3.3"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6757"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Eclipse Vert.x 4.3.3"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "graphql-java: DoS by malicious query"
},
{
"cve": "CVE-2022-38749",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129706"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Eclipse Vert.x 4.3.3"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38749"
},
{
"category": "external",
"summary": "RHBZ#2129706",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129706"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38749",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38749"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38749",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38749"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-05T14:50:01+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Red Hat build of Eclipse Vert.x 4.3.3"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6757"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Eclipse Vert.x 4.3.3"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode"
},
{
"cve": "CVE-2022-38750",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129707"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Eclipse Vert.x 4.3.3"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38750"
},
{
"category": "external",
"summary": "RHBZ#2129707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129707"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38750",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38750"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38750",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38750"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-05T14:50:01+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Red Hat build of Eclipse Vert.x 4.3.3"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6757"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Eclipse Vert.x 4.3.3"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject"
},
{
"cve": "CVE-2022-38751",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129709"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Eclipse Vert.x 4.3.3"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38751"
},
{
"category": "external",
"summary": "RHBZ#2129709",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129709"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38751",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38751"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38751",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38751"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-05T14:50:01+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Red Hat build of Eclipse Vert.x 4.3.3"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6757"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Eclipse Vert.x 4.3.3"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match"
},
{
"cve": "CVE-2022-38752",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129710"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Eclipse Vert.x 4.3.3"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38752"
},
{
"category": "external",
"summary": "RHBZ#2129710",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129710"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38752",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38752"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38752",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38752"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-05T14:50:01+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Red Hat build of Eclipse Vert.x 4.3.3"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6757"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Eclipse Vert.x 4.3.3"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode"
}
]
}
RHSA-2023_2097
Vulnerability from csaf_redhat - Published: 2023-05-03 15:54 - Updated: 2024-12-17 23:02Summary
Red Hat Security Advisory: Satellite 6.13 Release
Severity
Important
Notes
Topic: An update is now available for Red Hat Satellite 6.13. The release contains a
new version of Satellite and important security fixes for various components.
Details: Red Hat Satellite is a systems management tool for Linux-based
infrastructure. It allows for provisioning, remote management, and
monitoring of multiple Linux deployments with a single centralized tool.
Security Fix(es):
* CVE-2022-1471 CVE-2022-25857 CVE-2022-38749 CVE-2022-38750 CVE-2022-38751 CVE-2022-38752 candlepin and puppetserver: various flaws
* CVE-2022-22577 tfm-rubygem-actionpack: rubygem-actionpack: Possible cross-site scripting vulnerability in Action Pack
* CVE-2022-23514 rubygem-loofah: inefficient regular expression leading to denial of service
* CVE-2022-23515 rubygem-loofah: rubygem-loofah: Improper neutralization of data URIs leading to Cross Site Scripting
* CVE-2022-23516 rubygem-loofah: Uncontrolled Recursion leading to denial of service
* CVE-2022-23517 tfm-rubygem-rails-html-sanitizer: rubygem-rails-html-sanitizer: Inefficient Regular Expression leading to denial of service
* CVE-2022-23518 tfm-rubygem-rails-html-sanitizer: rubygem-rails-html-sanitizer: Improper neutralization of data URIs leading to Cross site scripting
* CVE-2022-23519 tfm-rubygem-rails-html-sanitizer: rubygem-rails-html-sanitizer: Cross site scripting vulnerability with certain configurations
* CVE-2022-23520 tfm-rubygem-rails-html-sanitizer: rubygem-rails-html-sanitizer: Cross site scripting vulnerability with certain configurations
* CVE-2022-27777 tfm-rubygem-actionview: Possible cross-site scripting vulnerability in Action View tag helpers
* CVE-2022-31163 rubygem-tzinfo: rubygem-tzinfo: arbitrary code execution
* CVE-2022-32224 tfm-rubygem-activerecord: activerecord: Possible RCE escalation bug with Serialized Columns in Active Record
* CVE-2022-33980 candlepin: apache-commons-configuration2: Apache Commons Configuration insecure interpolation defaults
* CVE-2022-41323 satellite-capsule:el8/python-django: Potential denial-of-service vulnerability in internationalized URLs
* CVE-2022-41946 candlepin: postgresql-jdbc: Information leak of prepared statement data due to insecure temporary file permissions
* CVE-2022-42003 CVE-2022-42004 candlepin: various flaws
* CVE-2022-42889 candlepin: apache-commons-text: variable interpolation RCE
* CVE-2022-23514 rubygem-loofah: inefficient regular expression leading to denial of service
* CVE-2023-23969 python-django: Potential denial-of-service via Accept-Language headers
* CVE-2023-24580 python-django: Potential denial-of-service vulnerability in file uploads
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Additional Changes:
The items above are not a complete list of changes. This update also fixes
several bugs and adds various enhancements. Documentation for these changes
is available from the Release Notes document.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in Jackson Databind. This issue may allow a malicious user to cause a denial of service (2 GB transient heap usage per read) in uncommon situations involving JsonNode JDK serialization.
7.5 (High)
Vendor Fix
For Red Hat Satellite 6.13, see the following documentation for the release.
https://access.redhat.com/documentation/en-us/red_hat_satellite/6.13
The important instructions on how to upgrade are available below.
https://access.redhat.com/documentation/en-us/red_hat_satellite/6.13/html/upgrading_and_updating_red_hat_satellite
https://access.redhat.com/errata/RHSA-2023:2097
A flaw was found in the SnakeYaml package. This flaw allows an attacker to benefit from remote code execution by sending malicious YAML content and this content being deserialized by the constructor. Deserialization is unsafe and leads to Remote Code Execution (RCE).
9.8 (Critical)
Vendor Fix
For Red Hat Satellite 6.13, see the following documentation for the release.
https://access.redhat.com/documentation/en-us/red_hat_satellite/6.13
The important instructions on how to upgrade are available below.
https://access.redhat.com/documentation/en-us/red_hat_satellite/6.13/html/upgrading_and_updating_red_hat_satellite
https://access.redhat.com/errata/RHSA-2023:2097
A flaw was found in rubygem-actionpack where CSP headers were sent with responses that Rails considered "HTML" responses. This flaw allows an attacker to leave API requests without CSP headers and perform a Cross-site scripting attack.
7.5 (High)
Vendor Fix
For Red Hat Satellite 6.13, see the following documentation for the release.
https://access.redhat.com/documentation/en-us/red_hat_satellite/6.13
The important instructions on how to upgrade are available below.
https://access.redhat.com/documentation/en-us/red_hat_satellite/6.13/html/upgrading_and_updating_red_hat_satellite
https://access.redhat.com/errata/RHSA-2023:2097
An inefficient regular expression vulnerability was found in rubygem loofah. While sanitizing certain SVG attributes, loofah is susceptible to excessive backtracking, which can result in a denial of service through CPU resource consumption.
7.5 (High)
Vendor Fix
For Red Hat Satellite 6.13, see the following documentation for the release.
https://access.redhat.com/documentation/en-us/red_hat_satellite/6.13
The important instructions on how to upgrade are available below.
https://access.redhat.com/documentation/en-us/red_hat_satellite/6.13/html/upgrading_and_updating_red_hat_satellite
https://access.redhat.com/errata/RHSA-2023:2097
A Cross-site scripting vulnerability was found in rubygem loofah. While neutralizing certain data URIs, loofah is susceptible to Cross-site scripting attacks.
6.1 (Medium)
Vendor Fix
For Red Hat Satellite 6.13, see the following documentation for the release.
https://access.redhat.com/documentation/en-us/red_hat_satellite/6.13
The important instructions on how to upgrade are available below.
https://access.redhat.com/documentation/en-us/red_hat_satellite/6.13/html/upgrading_and_updating_red_hat_satellite
https://access.redhat.com/errata/RHSA-2023:2097
An uncontrolled recursion vulnerability was found in rubygem loofah. While sanitizing certain sections, loofah is susceptible to stack exhaustion, which can result in a denial of service through CPU resource consumption.
7.5 (High)
Vendor Fix
For Red Hat Satellite 6.13, see the following documentation for the release.
https://access.redhat.com/documentation/en-us/red_hat_satellite/6.13
The important instructions on how to upgrade are available below.
https://access.redhat.com/documentation/en-us/red_hat_satellite/6.13/html/upgrading_and_updating_red_hat_satellite
https://access.redhat.com/errata/RHSA-2023:2097
An inefficient Regular Expression vulnerability was found in rubygem rails-html-sanitizer. Certain configurations are susceptible to excessive backtracking, leading to a denial of service through CPU resource consumption.
7.5 (High)
Vendor Fix
For Red Hat Satellite 6.13, see the following documentation for the release.
https://access.redhat.com/documentation/en-us/red_hat_satellite/6.13
The important instructions on how to upgrade are available below.
https://access.redhat.com/documentation/en-us/red_hat_satellite/6.13/html/upgrading_and_updating_red_hat_satellite
https://access.redhat.com/errata/RHSA-2023:2097
A Cross-site scripting vulnerability was found in rails-html-sanitizer. When used in combination with Loofah since version 2.1.0, improper neutralization of data URIs may allow Cross-site scripting.
6.1 (Medium)
Vendor Fix
For Red Hat Satellite 6.13, see the following documentation for the release.
https://access.redhat.com/documentation/en-us/red_hat_satellite/6.13
The important instructions on how to upgrade are available below.
https://access.redhat.com/documentation/en-us/red_hat_satellite/6.13/html/upgrading_and_updating_red_hat_satellite
https://access.redhat.com/errata/RHSA-2023:2097
A Cross-site scripting vulnerability was found in rails-html-sanitizer. Certain configurations of rails-html-sanitizer may allow an attacker to inject content if the application developer has overridden the sanitizer's allowed tags.
7.2 (High)
Vendor Fix
For Red Hat Satellite 6.13, see the following documentation for the release.
https://access.redhat.com/documentation/en-us/red_hat_satellite/6.13
The important instructions on how to upgrade are available below.
https://access.redhat.com/documentation/en-us/red_hat_satellite/6.13/html/upgrading_and_updating_red_hat_satellite
https://access.redhat.com/errata/RHSA-2023:2097
A Cross-site scripting vulnerability was found in rails-html-sanitizer. Certain configurations of rails-html-sanitizer may allow an attacker to inject content if the application developer has overridden the sanitizer's allowed tags.
6.1 (Medium)
Vendor Fix
For Red Hat Satellite 6.13, see the following documentation for the release.
https://access.redhat.com/documentation/en-us/red_hat_satellite/6.13
The important instructions on how to upgrade are available below.
https://access.redhat.com/documentation/en-us/red_hat_satellite/6.13/html/upgrading_and_updating_red_hat_satellite
https://access.redhat.com/errata/RHSA-2023:2097
A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.
7.5 (High)
Vendor Fix
For Red Hat Satellite 6.13, see the following documentation for the release.
https://access.redhat.com/documentation/en-us/red_hat_satellite/6.13
The important instructions on how to upgrade are available below.
https://access.redhat.com/documentation/en-us/red_hat_satellite/6.13/html/upgrading_and_updating_red_hat_satellite
https://access.redhat.com/errata/RHSA-2023:2097
A flaw was found in rubygem-actionview when untrusted data such as the hash key for tag attributes are not properly escaped. This flaw allows an attacker to perform a Cross-site scripting attack.
7.5 (High)
Vendor Fix
For Red Hat Satellite 6.13, see the following documentation for the release.
https://access.redhat.com/documentation/en-us/red_hat_satellite/6.13
The important instructions on how to upgrade are available below.
https://access.redhat.com/documentation/en-us/red_hat_satellite/6.13/html/upgrading_and_updating_red_hat_satellite
https://access.redhat.com/errata/RHSA-2023:2097
A flaw was found in rubygem-tzinfo. When using the Timezone.get function, it fails to validate time zone identifiers correctly, allowing a new line character input within the identifier. This flaw allows an attacker to use the new line character and write any code, which will be executed within the Ruby process.
7.5 (High)
Vendor Fix
For Red Hat Satellite 6.13, see the following documentation for the release.
https://access.redhat.com/documentation/en-us/red_hat_satellite/6.13
The important instructions on how to upgrade are available below.
https://access.redhat.com/documentation/en-us/red_hat_satellite/6.13/html/upgrading_and_updating_red_hat_satellite
https://access.redhat.com/errata/RHSA-2023:2097
Workaround
As a workaround, the time zone identifier can be validated before passing to TZInfo::Timezone.get by ensuring it matches the regular expression \A[A-Za-z0-9+\-_]+(?:\/[A-Za-z0-9+\-_]+)*\z.
An insecure deserialization flaw was found in Active Record, which uses YAML.unsafe_load to convert the YAML data into Ruby objects. An attacker supplying crafted data to the database can perform remote code execution (RCE), resulting in complete system compromise.
8.5 (High)
Vendor Fix
For Red Hat Satellite 6.13, see the following documentation for the release.
https://access.redhat.com/documentation/en-us/red_hat_satellite/6.13
The important instructions on how to upgrade are available below.
https://access.redhat.com/documentation/en-us/red_hat_satellite/6.13/html/upgrading_and_updating_red_hat_satellite
https://access.redhat.com/errata/RHSA-2023:2097
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
A flaw was found in Apache Commons Configuration's variable interpolation, which by default included several lookup actions that could permit script invocation on remote servers. This issue could allow an attacker to use one of these actions to send a request to execute arbitrary code on the server.
0.0 (None)
Vendor Fix
For Red Hat Satellite 6.13, see the following documentation for the release.
https://access.redhat.com/documentation/en-us/red_hat_satellite/6.13
The important instructions on how to upgrade are available below.
https://access.redhat.com/documentation/en-us/red_hat_satellite/6.13/html/upgrading_and_updating_red_hat_satellite
https://access.redhat.com/errata/RHSA-2023:2097
A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash, resulting in a denial of service.
6.5 (Medium)
Vendor Fix
For Red Hat Satellite 6.13, see the following documentation for the release.
https://access.redhat.com/documentation/en-us/red_hat_satellite/6.13
The important instructions on how to upgrade are available below.
https://access.redhat.com/documentation/en-us/red_hat_satellite/6.13/html/upgrading_and_updating_red_hat_satellite
https://access.redhat.com/errata/RHSA-2023:2097
A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.
5.5 (Medium)
Vendor Fix
For Red Hat Satellite 6.13, see the following documentation for the release.
https://access.redhat.com/documentation/en-us/red_hat_satellite/6.13
The important instructions on how to upgrade are available below.
https://access.redhat.com/documentation/en-us/red_hat_satellite/6.13/html/upgrading_and_updating_red_hat_satellite
https://access.redhat.com/errata/RHSA-2023:2097
A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.
6.5 (Medium)
Vendor Fix
For Red Hat Satellite 6.13, see the following documentation for the release.
https://access.redhat.com/documentation/en-us/red_hat_satellite/6.13
The important instructions on how to upgrade are available below.
https://access.redhat.com/documentation/en-us/red_hat_satellite/6.13/html/upgrading_and_updating_red_hat_satellite
https://access.redhat.com/errata/RHSA-2023:2097
A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.
6.5 (Medium)
Vendor Fix
For Red Hat Satellite 6.13, see the following documentation for the release.
https://access.redhat.com/documentation/en-us/red_hat_satellite/6.13
The important instructions on how to upgrade are available below.
https://access.redhat.com/documentation/en-us/red_hat_satellite/6.13/html/upgrading_and_updating_red_hat_satellite
https://access.redhat.com/errata/RHSA-2023:2097
A denial of service flaw was discovered in Django. This issue occurs when incorrectly handling certain internationalized URLs. A malicious attacker could use this issue to cause a crash, resulting in a denial of service.
7.5 (High)
Vendor Fix
For Red Hat Satellite 6.13, see the following documentation for the release.
https://access.redhat.com/documentation/en-us/red_hat_satellite/6.13
The important instructions on how to upgrade are available below.
https://access.redhat.com/documentation/en-us/red_hat_satellite/6.13/html/upgrading_and_updating_red_hat_satellite
https://access.redhat.com/errata/RHSA-2023:2097
A flaw was found in org.postgresql. This issue allows the creation of a temporary file when using PreparedStatement.setText(int, InputStream) and PreparedStatemet.setBytea(int, InputStream). This could allow a user to create an unexpected file available to all users, which could end in unexpected behavior.
5.5 (Medium)
Vendor Fix
For Red Hat Satellite 6.13, see the following documentation for the release.
https://access.redhat.com/documentation/en-us/red_hat_satellite/6.13
The important instructions on how to upgrade are available below.
https://access.redhat.com/documentation/en-us/red_hat_satellite/6.13/html/upgrading_and_updating_red_hat_satellite
https://access.redhat.com/errata/RHSA-2023:2097
A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.
7.5 (High)
Vendor Fix
For Red Hat Satellite 6.13, see the following documentation for the release.
https://access.redhat.com/documentation/en-us/red_hat_satellite/6.13
The important instructions on how to upgrade are available below.
https://access.redhat.com/documentation/en-us/red_hat_satellite/6.13/html/upgrading_and_updating_red_hat_satellite
https://access.redhat.com/errata/RHSA-2023:2097
A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.
7.5 (High)
Vendor Fix
For Red Hat Satellite 6.13, see the following documentation for the release.
https://access.redhat.com/documentation/en-us/red_hat_satellite/6.13
The important instructions on how to upgrade are available below.
https://access.redhat.com/documentation/en-us/red_hat_satellite/6.13/html/upgrading_and_updating_red_hat_satellite
https://access.redhat.com/errata/RHSA-2023:2097
A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code execution (RCE) and unintentional contact with untrusted remote servers.
0.0 (None)
Vendor Fix
For Red Hat Satellite 6.13, see the following documentation for the release.
https://access.redhat.com/documentation/en-us/red_hat_satellite/6.13
The important instructions on how to upgrade are available below.
https://access.redhat.com/documentation/en-us/red_hat_satellite/6.13/html/upgrading_and_updating_red_hat_satellite
https://access.redhat.com/errata/RHSA-2023:2097
Workaround
This flaw may be avoided by ensuring that any external inputs used with the Commons-Text lookup methods are sanitized properly. Untrusted input should always be thoroughly sanitized before using in any potentially risky situations.
A flaw was found in python-django. The parsed values of the Accept-Language headers are cached in order to avoid repetitive parsing. This leads to a potential denial of service vector via excessive memory usage if large header values are sent.
7.5 (High)
Vendor Fix
For Red Hat Satellite 6.13, see the following documentation for the release.
https://access.redhat.com/documentation/en-us/red_hat_satellite/6.13
The important instructions on how to upgrade are available below.
https://access.redhat.com/documentation/en-us/red_hat_satellite/6.13/html/upgrading_and_updating_red_hat_satellite
https://access.redhat.com/errata/RHSA-2023:2097
A memory exhaustion flaw was found in the python-django package. This issue occurs when passing certain inputs, leading to a system crash and denial of service.
7.5 (High)
Vendor Fix
For Red Hat Satellite 6.13, see the following documentation for the release.
https://access.redhat.com/documentation/en-us/red_hat_satellite/6.13
The important instructions on how to upgrade are available below.
https://access.redhat.com/documentation/en-us/red_hat_satellite/6.13/html/upgrading_and_updating_red_hat_satellite
https://access.redhat.com/errata/RHSA-2023:2097
References
| URL | Category | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||